In this article I will show you how to share your Exchange Server 2007 SMTP namespace with another messaging system. SMTP namespace sharing might be necessary when merging is required or if you want to share the SMTP namespace with a foreign system. I will also show you how to create internal and external mail relay domains.
Let us assume for this article that you have two different Exchange organizations which are running Exchange Server 2007. These two organizations find together through a merger or acquisition and would like to share the SMTP namespace for a undefined period of time until both messaging systems are migrated to a single Exchange Server 2007 organization. The other part of this article deals with the configuration of internal and external mail relay domains and we assume that one Exchange organization is responsible for e-mail delivery to both domains (A.DOM and B.DOM).
When you create new accepted domains in Exchange Server 2007, you have to choose between the following domain types:
- Authoritative domain
- Internal relay domain
- External relay domain
An accepted domain is any SMTP namespace for which your Exchange Server 2007 organization is responsible for and for which you will send and receive e-mail. Microsoft calls this process “authoritative”. You have to create authoritative domains in the Exchange Management Console or with the Exchange Management Shell.
Configuring Accepted Domains
Accepted domains are configured in the organization settings of the Exchange Management Console (EMC) which requires Exchange Organization administrator rights. Accepted domains will be created for the entire Exchange organization on Hub Transport Servers or Edge Transport Servers. If you have implemented the Edge Transport server role, Microsoft recommends that you synchronize the accepted domains from your internal Exchange organization with Edge Sync so you only have to create accepted domains once. Every newly created accepted domain will be copied on to the Edge Transport server.
Exchange Server 2007 creates a new accepted domain during the installation of the first Hub Transport Server. The authoritative domain will be created with the internal Active Directory domain name and not with the registered SMTP domain name used on Internet for sending and receiving e-mail. For example: If your internal Active Directory domain name is A.DOM and the registered SMTP domain name is A.COM, the accepted authoritative domain that will be created is A.DOM and you have to create an additional accepted authoritative SMTP domain for the registered SMTP domain.
If you have an Exchange Server 2007 with the Edge server role installed, no accepted domains will be created automatically. You have to create authoritative domains manually or you have to synchronize these accepted domains from your internal Exchange organization with Edge sync.
SMTP namespace sharing
SMTP namespace sharing in Exchange Server 2007 is easier than previous versions of Exchange Server. All you have to do is to create a new accepted domain from type Internal relay domain for the SMTP namespace that you want to share. As a second step you have to create an SMTP connector with the address space of the internal SMTP domain. The destination e-mail server must be a Hub Transport Server. The destination e-mail system is then responsible for generating NDRs (Non Delivery Reports).
Figure 1: SMTP namespace sharing
As you can see in the above picture, Exchange accepts messages from A.DOM (the MX record points to the SMTP gateway). A Microsoft Edge Transport server forwards e-mails to the internal Hub Transport Server which in turn tries to deliver e-mails to the recipients. If the recipient is not local, Exchange will look for an SMTP connector with a corresponding address space (if the domain exists as an internal relay domain) and relays the message to this domain.
If Exchange Server 2007 is not authoritative for a specific domain but the DNS MX record points to the Exchange Server organization’s Hub Transport or Edge Transport server, the sending e-mail server relays e-mails to the Exchange organization. If the SMTP domain is not part of an authoritative domain, the sending server tries to relay through the Exchange server. Exchange Server 2007 accepts this message and relays it to an external e-mail domain or an internal relay domain.
Internal Relay Domain
If you configure an internal relay domain you will forward all e-mails which do not have a corresponding mailbox in the Exchange organization but which are contacts in that Exchange organization. The contacts have an e-mail address for the other messaging system. E-mail from Internet is relayed for this domain through Hub Transport servers in this Exchange organization.
If your organization has two forests with Exchange Server 2007 installed and you want to share e-mails or you want to enable SMTP message flow between these Exchange organizations you must use a system that synchronizes e-mail addresses between these forests. For example you can use IIFP (Identity Integration Feature Pack), a Microsoft solution which is free of charge or IIFPs big brother MIIS (Microsoft Identity Integration Server). E-mail messages from Internet that are addressed to recipients in internal relay domains are received and processed by Edge Transport server (if implemented) and then relayed to the Hub Transport servers in the same Exchange organization. The Hub Transport server which is responsible for e-mail message routing, routes the message to a Hub Transport server in the other Exchange organization. All you have to do is create a send connector at the Exchange organization that routes messages to the destination Exchange organization and an accepted domain from Internal relay txpe.
Figure 2: Internal relay domain
External Relay Domain
The external relay domain is a bit different than the internal relay domain. When you configure an external relay domain, messages are relayed to an e-mail server outside your Exchange organization. Messages addressed to an external relay domain are relayed through an Exchange Server 2007 Edge Transport Server. This scenario is quite simple. The external relay domain’s MX (Mail Exchanger) record is configured to route e-mail to the Exchange 2007 organization. Exchange Server accepts e-mail messages for this domain name and will route messages to this domain through an SMTP send connector that you must configure. The send connector relays the message to the external relay domain.
Figure 3: External relay domain
Accepted Domains and E-Mail Address Policies
Before it is possible to receive e-mail for your Exchange organization you must create an SMTP address space and an e-mail address policy. When you create an accepted domain, you can use a wildcard character in the address space to indicate that all subdomains of the SMTP address space are also accepted by the Exchange Server 2007 organization. For example if you want to configure the msexchange.org domain and all of its subdomains as accepted domains, enter *.msexchange.org as the SMTP address space.
The following picture shows how to create a new accepted SMTP domain.
Figure 4: New accepted domain
You have to create, at minimum, one e-mail address policy for your internal SMTP domain name space that is used for provision of e-mail enabled objects in Exchange Server 2007
Creating domains with the Exchange Management Shell (EMS)
Creating a new accepted authoritative domain:
New-AcceptedDomain -Name “MSExchangeORG” -DomainName msexchange.org -DomainType Authoritative
Creating a new internal relay domain:
New-AcceptedDomain -Name “IT Training Grote” -DomainName it-training-grote.de -DomainType InternalRelay
Creating a new external relay domain:
New-AcceptedDomain -Name “ISAServerORG” -DomainName isaserver.org -DomainType ExternalRelay
In this article I showed you how to establish a shared SMTP namespace for two different Exchange organizations and how to configure and use internal and external SMTP relay domains. Compared with Exchange Server 2003, it is easier with Exchange Server 2007 to establish an SMTP shared namespace.
Managing Accepted Domains