XCON: Sharing SMTP Address Spaces in Exchange 2000
Applies To
This article was previously published under Q321721
SUMMARY
In some environments, you may want to share a Simple Mail Transfer Protocol (SMTP) address space, such as an SMTP domain, between Exchange 2000 and another e-mail system. Mailboxes on both Exchange 2000 and the foreign system will have the same SMTP domain in their addresses. This article describes how to configure Exchange 2000 to share SMTP address spaces.
MORE INFORMATION
This article assumes that Exchange 2000 accepts incoming mail from the Internet, looks for a matching recipient in the Exchange organization, and then forwards the mail to the foreign mail system. The receiving system may also do the same: it may look for matching recipients, and then forward the mail to yet a third e-mail system. It is important to keep in mind that the final system in the chain must be authoritative for the domain. That is, the final receiving system must look for a matching recipient and, if one is not found, a non-delivery report (NDR) must be generated for the message. If a receiving system looks for a match and then forwards back to the original system when a match is not found, looping messages occur.
If Exchange 2000 is the last system in the chain, do not use the following procedures to configure Exchange 2000. The final receiving system must return an NDR for any unresolved addresses, which Exchange 2000 does by default. If Exchange 2000 is the last system in the chain, it is better to create contacts in Active Directory for all foreign system recipients, making sure that their target SMTP address is similar to the following format
@SMTPAddressSpace.domain.com
where SMTPAddressSpace provides additional address information to distinguish the address space from the typical "@domain.com" namespace. For example:
@external.domain.com
-or-
@sendmail.domain.com
There are two ways to configure Exchange 2000 to share an SMTP address space. The first method is to share only selected SMTP address spaces while Exchange 2000 remains authoritative for others. This method is preferable because it is more flexible. Also, you must use this method if you create contacts in Active Directory for sending mail to external recipients, if the target SMTP addresses of such external recipients match any of the SMTP domains that are configured on the recipient policies in Exchange 2000. That is, if you have the address, @companyname.com, on one of your recipient policies, and you want to create contacts with a target address of user@companyname.com, you must use the selective sharing method (Method 1) that is described later in this article to share the @companyname.com domain name.
The second method is to share all address spaces. This method is much less flexible, but the configuration can be much simpler to apply in a small environment. You cannot use this method if contacts exist for the external recipients. For additional information about using contacts in a shared SMTP domain, click the article number below to view the article in the Microsoft Knowledge Base:
319759 XADM: How to Configure Exchange 2000 Server to Forward Messages to a Foreign Messaging System That Shares the Same SMTP Domain Name Space
Method 1: Sharing Selected SMTP Address Spaces
First, it is important to understand that Exchange 2000 treats e-mail messages differently depending on whether Exchange 2000 is authoritative or non-authoritative for a particular SMTP address space. To see this setting:
Open the properties on a recipient policy, click the Email Addresses tab, click an SMTP address, and then click Edit.
Examine the setting for the This Exchange Organization is responsible for all mail delivery to this address check box. If this check box is selected, Exchange 2000 is authoritative for the SMTP domain. If this check box is not selected, Exchange 2000 is non-authoritative.
For additional information about authoritative and non-authoritative SMTP domains in Exchange 2000, click the article number below to view the article in the Microsoft Knowledge Base:
315591 XCON: Authoritative and Non-Authoritative Domains in Exchange 2000
Exchange 2000 must always be authoritative for the primary SMTP address (the one in bold) on the default recipient policy. Otherwise, local mail flow may not occur. When you share selected SMTP address spaces, a shared address space is set as non-authoritative in Exchange 2000. If the address space that you want to share is not the primary address on the default recipient policy, click to clear the This Exchange Organization is responsible for all mail delivery to this address check box for that domain.
If you want to share the primary SMTP address on the default recipient policy, set a different address as the primary address on the default recipient policy. You may want to add a new SMTP address for which Exchange 2000 will be authoritative specifically for this purpose. This address might be similar to "@localhost" or "@exchange.domain.com" so that its purpose is purely mail flow in the Exchange organization.
To add such a policy, use the following procedure. Note that you have to add such a policy only if the address space that you want to share is currently set as the primary SMTP address on the default recipient policy. Otherwise, you only have to clear the This Exchange Organization is responsible for all mail delivery to this address check box for the domain in question.
Click the Email Addresses tab on the properties of the default recipient policy.
Click New, click SMTP, and then click OK.
In the Address box, type @localhost or some other address space for which the Exchange organization can be authoritative. Popular choices include: @localhost, @owa.domain.com, or @exchange.domain.com, where domain.com is your Internet domain. You can also use the Active Directory domain name if it is different from your Internet domain.
Make sure that the This Exchange Organization is responsible for all mail delivery to this address check box is selected. This domain must be stamped on all users for them to log on to the default Microsoft Outlook Web Access (OWA) virtual server.
Click OK.
Click the new SMTP address, and then click Set As Primary.
Now that you have a different primary SMTP address for which Exchange 2000 is authoritative, you can share the other address space. To share an address space when it is not the primary SMTP address on the default recipient policy:
Open the properties on the recipient policy, and then click the Email Addresses tab.
Click the SMTP address space that you want to share, and then click Edit.
Make Exchange 2000 non-authoritative for this SMTP address by clicking to clear the This Exchange Organization is responsible for all mail delivery to this address check box.
Click OK twice.
You may want to create a higher-priority recipient policy at this time that ensures that users get the correct primary (reply-to) address. To do so:
Create a new recipient policy for E-Mail Addresses, and name it something similar to "User Addresses".
On the Filter tab, click Modify, and set the filter so that the policy applies to all applicable users. If this policy must be applied to all users, click OK on the Find Exchange Recipients screen.
On the E-mail Addresses (Policy) tab, set the shared domain as primary, leaving the @local domain as a secondary proxy.
Click OK.
Because Exchange 2000 is now non-authoritative for that domain, when Exchange 2000 cannot find a matching address in Active Directory, it tries to find an external path to that namespace, first by looking for a connector, and then by checking Domain Name Server (DNS). Create a connector even if the MX record in DNS already points to the server that Exchange 2000 should forward to. If you do not create a connector, any incoming mail to the shared SMTP address space is interpreted as an attempt to relay. To create an SMTP connector to route the mail to a specific host, follow these steps:
In Exchange System Manager, right-click the Connectors container, click New, and then click SMTP Connector.
Type an appropriate name, and then click the Forward all mail through this connector to the following smart hosts option. Type the fully-qualified domain name (FQDN) or the IP address, in square brackets ([]), of the server that e-mail for the shared SMTP address space is to be routed to.
Click Add, and then select a bridgehead.
Click the Address Space tab, click Add, click SMTP, and then click OK.
In the Email domain box, type the SMTP address space without the at (@) symbol. For example:
nwtraders.com
Because Exchange 2000 must receive messages for this domain also, click to select the Allow messages to be relayed to these domains check box. This setting makes it possible for all SMTP virtual servers that are listed on the Bridgehead tab to accept messages for domain.
Click OK.
After you make these settings, when Exchange 2000 cannot find a local address match in that SMTP domain, Exchange 2000 forwards the mail to the host that is specified on the SMTP connector that has the matching address space.
Method 2: Sharing All Address Spaces
This configuration is much simpler, but much less flexible. In this configuration, Exchange 2000 is authoritative for all address spaces. You cannot have any contacts in your directory that have a target address that matches a domain that Exchange 2000 is authoritative for. To apply this method:
Open the properties on the default SMTP virtual server.
Click the Messages tab.
In the Forward all messages with unresolved recipients to host box, type the FQDN or the IP address, in square brackets ([]), of the server that will receive unresolved mail.
Click OK.
Repeat this procedure for the default SMTP virtual server on all Exchange 2000 servers, except for any virtual server that is acting as an inbound gateway for the other system. It is recommended that no mailboxes reside on this server.
Also, note that this setting only affects authoritative domains. Therefore, for any authoritative domains, messages that are sent to unresolved addresses are forwarded to the server that is specified on the SMTP virtual server. Any domains that are non-authoritative in Exchange 2000 are not affected by this setting. Messages that are sent to unresolved addresses in non-authoritative domains are routed to a matching SMTP connector, if present. If no matching SMTP connector is found, the message is sent to the server that is specified in the MX record found in DNS.
For additional information about how authoritative vs. non-authoritative domains are routed in Exchange 2000, click the article number below to view the article in the Microsoft Knowledge Base:
315591 XCON: Authoritative and Non-Authoritative Domains in Exchange 2000
The information in this article applies to:
Microsoft Exchange 2000 Server
|
