Exchange 2003 SMTP Namespace Sharing
In this article I will show you how to share your Exchange Server 2003 SMTP Namespace with another Messaging System. SMTP Namespace Sharing may be necessary when a merger occurs or if you only want to share the SMTP Namespace with a foreign system.
Let us assume that for this article you have two Enterprises, each with their own Exchange Organization. These two Organizations come together through a merger and would like to share the SMTP Namespace for a short period of time until both Messaging systems are migrated to a single Exchange organization.
I will explain the three possible scenarios when dealing with SMTP Namespace sharing and authorized and non-authorized domains.
The three scenarios for sharing/receiving e-mail messages from Internet SMTP domains are:
- SMTP Domains that are local for your Exchange Organization
- SMTP Domains that are not local for your Exchange Organization
- SMTP Domains that are shared between your Exchange Organization and another SMTP System
SMTP Domains that are local for your Exchange Organization
You must configure the Recipient Policy on Exchange Server to determine which SMTP domain Exchange Server is responsible for. This process is called Authoritative.
The configured SMTP domain is then responsible for all mail delivery to the specified address.
Figure 1: Authoritative SMTP Domain in Exchange
If you want to accept e-mail messages for the domain it-training-grote.de you must create a recipient policy that includes the it-training-grote.de address space as one address space and you also have to make sure that you tick the checkbox "This Exchange Organization is responsible for all mail delivery to this address". Now Exchange accepts e-mail messages for the domain listed in the Recipient Policy.
SMTP Domains that are not local for your Exchange Organization
One other option in Exchange Server 2003 is SMTP domains that are not local in your Exchange Organization. In this scenario Exchange Server accepts E-Mail messages for another part of your company or for another company and routes these e-mails to the Organizations. This scenario can be used when you have just acquired another company and you want to let the messages flow through your Exchange Organization.
First you must create a Recipient Policy for the new e-mail domain but you must be sure that the checkbox "This Exchange Organization is responsible for all mail delivery to this address" is not activated. A Recipient Policy with the Checkbox cleared is called nonauthoritative.
Next you must create an SMTP Connector for the e-mail Domain and then select the “Allow Messages to be relayed to this domain” check box on the Address Space tab in the Connector properties.
Figure 2: Allow Messages to be relayed to these domains
The Source Bridgehead servers that you specify on the SMTP connector are the Bridgehead servers that accept e-mails for this domain.
SMTP Domains that are shared between your Exchange Organization and another SMTP System
Now I'm going to explain the main reason for this article: how to share the SMTP Namespace with another Messaging System. There are two solutions to our problem.
By default Exchange Server 2003 is authoritative for every SMTP Address space in the Recipient Policies where the Checkbox "This Exchange Organization is responsible for all mail delivery to this address" is activated.
To see if an SMTP address space is authoritative, follow these steps:
- Start Exchange System Manager, click Recipients, and then click Recipient Policies.
- Right-click Default Policy or any other created Policy, and then click Properties.
- Click the E-Mail Addresses tab.
- Click SMTP and then click Edit.
- Check if the Checkbox "This Exchange Organization is responsible for all mail delivery to this address" is activated or not
If the checkbox is selected, than Exchange Server is authoritative for that address space. If this checkbox is not selected, this Exchange organization is not authoritative for that e-mail address space.
When a message arrives, Exchange Server 2003 tries to find the destination address in the Active Directory database. If Exchange Server cannot find the destination address in Active Directory and Exchange Server is not the authoritative, Exchange checks the Exchange connectors and the local DNS for a match and delivers the mail when it finds a corresponding address space.
When Exchange Server 2003 tries to deliver a message to a local address space (an address space that exists on a recipient policy), it tries to find the destination address in the Microsoft Active Directory directory service. If Exchange cannot find the destination address in Active Directory, the following occurs:
- If the Exchange organization is not authoritative, Exchange Server checks connectors and DNS to find another route to that address space. If Exchange finds a matching connector address space, the Message will be routed to that Connector
- If Exchange finds no Connector, it routes the e-mail through DNS and looks for a corresponding MX record and routes the e-mail to this host.
- If Exchange doesn’t find any match, a non-delivery report (NDR) is generated with error code 5.4.0. This error code indicates that there is a name resolution issue.
- If the Exchange organization is authoritative for the e-mail domain, Exchange Server immediately generates an NDR with error code 5.1.1. This error code indicates that the destination address does not exist.
You can modify this behaviour if you specify another host which is responsible for further e-mail delivery and the generation of NDR (Non Delivery Reports).
Figure 3: Forward all mails with unresolved recipients to another Host
Start the Exchange System Manager ...
Expand Administrative Groups
Expand First Administrative Group
Expand your Exchange Server object
Right click SMTP virtual server
Click the Messages Tab
I love Exchange 2007 – Have a look at Exchange 2007 and you will find the information quickly.
Now you can enter the IP Address or FQDN (Fully Qualified Domain Name) of the Host that you want to forward all unresolved messages to authoritative domains. When you type the FQDN or the IP address, enclose it in square brackets ([ ]).
An NDR is not generated if messages are forwarded to this host. The Host that you specify in the Dialog box is responsible for NDR generation.
Another solution is to create different Recipient Policies for the SMTP address Namespace to share. I will show you how to create different Recipient Policies and an SMTP Connector for the shared SMTP namespace.
If the address space that you want to share is not the primary address on the default Recipient Policy, clear the Checkbox “This Exchange Organization is responsible for all mail delivery to this address”. If you want to share the Primary SMTP Address space in the Recipient Policy set a different address as the primary address on that Recipient Policy. Create a new Policy like @local, or something else, and set them as primary. Now that you have a different primary SMTP address that this Exchange Server 2003 is authoritative for, you can share the other address space and clear the Checkbox “This Exchange Organization is responsible for all mail delivery”.
If you want to create a higher Priority recipient Policy to ensure that users receive the correct primary (reply-to) address, you must create a new recipient policy for e-mail Addresses. Specify the Filter so that the policy applies to all users. On the e-mail Addresses Policy tab, set the shared domain as primary, leaving the @local domain (for the example in this article) as a secondary e-mail proxy address. Exchange is now no longer the authoritative for the shared SMTP domain, so Exchange will not find a matching e-mail address in Active Directory. Exchange will now look for an SMTP Connector that matches the address space that you want to share.
Now you have to create an SMTP connector that will forward all Messages to the other mail system that shares the same address space as your Exchange Organization. I will not explain every step on how to create an SMTP connector but I will give you some necessary information that you must use when you create the connector:
- Deliver all e-mails through Smart Host and specify the Destination Server for the Messaging system
- The address space is the address space that you want to share (specify the address space like sharednamespace.tld)
- Activate the Checkbox “Allow messages to be relayed to these domains”
After creating the SMTP connector, Exchange will route all e-mails through this connector for which it doesn’t find any matched e-mail address in the local Active Directory.
As you can see after reading this article, establishing an SMTP shared Namespace is easy but, in my opinion, you should avoid SMTP Namespace sharing whenever you can because it will complicate the understanding of Message flow and can be the reason for some possible misconfiguration.