Accepted Domains

[Messaging Tech 2]

images within the post ..loading might take some time depending upon your internet speed
[glow=green,2,300]Accepted Domains[/glow]
Accepted domain is any SMTP namespace for which a Exchange organization sends or receives e-mail.An Exchange organization is authoritative when it handles mail delivery for recipients in the accepted domain. Accepted domains also include domains for which the Exchange organization receives mail and then relays it to an e-mail server that's outside the Active Directory forest for delivery to the recipient.
Accepted domains are configured as global settings for the Exchange organization and on computers that have the Edge Transport server role installed. You must configure every domain for which your Hub Transport servers relay or deliver messages as an accepted domain in your organization. The Edge Transport server requires that all domains for which it accepts and relays messages are configured as accepted domains.

You will see accepted domains in two places within an Exchange 2010 infrastructure:
On the Accepted Domains tab of the Hub Transport node under the Organization Configuration node in the Exchange Management Console running against the internal Exchange 2010 organization
On the Accepted Domains tab of the Edge Transport node in the Exchange Management Console running on the Edge Transport server role.


We recommend that you create and manage all accepted domains inside the organization and synchronize that information to the Edge Transport server by creating an Edge Subscription. When you subscribe the Edge Transport server to the Microsoft Exchange Server 2010 organization, all accepted domains that are configured in the organizational settings for the Hub Transport server role are replicated to the Edge Transport server during EdgeSync synchronization. To modify the accepted domain configuration on an Edge Transport server that's subscribed to the Exchange 2010 organization, you must make the change on the Hub Transport server.

There are three types of accepted domains: authoritative, internal relay, and external relay.
Authoritative Domains
An organization may have more than one SMTP domain. The set of e-mail domains for an organization are the authoritative domains. In Exchange 2010, an accepted domain is considered authoritative when the Exchange organization hosts mailboxes for recipients in this SMTP domain. The Edge Transport servers should always accept e-mail that's addressed to any of the organization's authoritative domains.
By default, when the first Hub Transport server role is installed, one accepted domain is configured as authoritative for the Exchange organization. The default accepted domain is the fully qualified domain name (FQDN) for your forest root domain. Frequently, the internal domain name differs from the external domain name. For example, your internal domain name may be messagingtechs.local, although your external domain name is messagingtechs.com. The Domain Name System (DNS) mail exchange (MX) resource record for your organization references messagingtechs.com then messagingtechs.com is the SMTP namespace that you assign to users when you create an e-mail address policy. You must create an accepted domain to match your external domain name.By default, no accepted domains are configured on the Edge Transport server role.





Note: An observation to make here is the situation where the forest root domain name is different to the external SMTP domain name. For example, consider the situation if I had created my Active Directory forest root domain as messagingtechs.local or other such similar variation, but my external SMTP namespace was messagingtechs.com. In this case, the Hub Transport installation program would have automatically created a default authoritative accepted domain of messagingtechs.local; I would therefore need to create a new authoritative accepted domain for messagingtechs.com.

Relay Domains
When e-mail is received from the Internet by an Edge Transport server and the recipient of the message isn't part of an authoritative domain, the sending server tries to relay through the Exchange server.there are scenarios where an organization wants to let partners or subsidiaries relay e-mail through the Exchange servers. In Exchange 2010, you can configure accepted domains as relay domains. Your organization receives the e-mail messages and then relays the messages to another e-mail server.

You can configure a relay domain as an internal relay domain or as an external relay domain. These two relay domain types are described in the following sections.
Internal Relay Domain
When you configure an internal relay domain, some or all of the recipients in this domain don't have mailboxes in this Exchange organization. Mail from the Internet is relayed for this domain through Hub Transport servers in this Exchange organization
An organization may have to share the same SMTP address space between two or more different e-mail systems. For example, you may have to share the SMTP address space between Microsoft Exchange and a third-party e-mail system, or between Exchange environments that are configured in different Active Directory forests. In these scenarios, users in each e-mail system have the same domain suffix as part of their e-mail addresses.

To support these scenarios, you must create an accepted domain that's configured as an internal relay domain. You must also add a Send connector that's sourced on a Hub Transport server and configured to send e-mail to the shared address space. If an accepted domain is configured as authoritative and a recipient isn't found in Active Directory, a non-delivery report (NDR) is returned to the sender. The accepted domain that's configured as an internal relay domain first tries to deliver to a recipient in the Exchange organization. If the recipient isn't found, the message is routed to the Send connector that has the closest address space match

If an organization contains more than one forest and has configured global address list (GAL) synchronization, the SMTP domain for one forest may be configured as an internal relay domain in a second forest. Messages from the Internet that are addressed to recipients in internal relay domains are received and processed by the Edge Transport server and then relayed to the Hub Transport servers in the same organization. The receiving Hub Transport servers then route the messages to the Hub Transport servers in the recipient forest. You configure the SMTP domain as an internal relay domain to make sure that e-mail that's addressed to that domain is accepted by the Exchange organization. The connector configuration of your organization determines how messages are routed

Below example:
A forest trust exists between messagingtechs.com and acquired-partner.com, and GAL synchronization is configured.
The messagingtechs.com Edge Transport server accepts messages for the acquired-partner.com SMTP domain from the Internet and then relays those messages to the Hub Transport servers in the messagingtechs.com Exch org.
A cross-forest Send connector is configured for routing messages from messagingtechs.com to acquired-partner.com
A second cross-forest Send connector is configured for routing messages from acquired-partner.com to messagingtechs.com


External Relay Domain
When you configure an external relay domain, messages are relayed to an e-mail server that's outside the Exchange organization and outside the organization's network perimeter. The messages are relayed by the Edge Transport server.
In this scenario, the MX resource record for the external relay domain references a public IP address for the Exchange 2010 organization that's relaying messages. The Edge Transport server receives the messages for recipients in the external relay domain and then routes the messages to the e-mail system for the external relay domain. A Send connector from the Edge Transport server to the external relay domain is required in this scenario. The external relay domain may also use your organization's Edge Transport server as a smart host for outgoing mail



The external relay domain is a bit different than the internal relay domain. When you configure an external relay domain, messages are relayed to an e-mail server outside your Exchange organization. Messages addressed to an external relay domain are relayed through an Edge Transport Server

Accepted Domains and E-Mail Address Policies
You must configure an accepted domain before that SMTP address space can be used in an e-mail address policy. When you create an accepted domain, you can use a wildcard character (*) in the address space to indicate that all subdomains of the SMTP address space are also accepted by the Exchange organization. For example, to configure Contoso.com and all its subdomains as accepted domains, enter *.Contoso.com as the SMTP address space. The accepted domain entries are automatically available for use in an e-mail address policy.

If you delete an accepted domain that's used in an e-mail address policy, the policy is no longer valid, and recipients with e-mail addresses in that SMTP domain will be unable to send or receive e-mail

Powershell to get users in a specified accepted domain

get-mailbox -resultsize unlimited | where {$_.primarysmtpaddress -like "*@domain.com"}

Powershell to configure new accepted domain:

New-AcceptedDomain -Name “ExtDomainName” -DomainName “extdomain.com” -DomainType Authoritative

Export accepted domains in PowerShell How to Change the Primary Email Domain

get-accepteddomain|fl domainname > C:\list.txt

Save below as ps1 script

get-accepteddomain|ft domainname >c:\list.txt

$f = ${c:\list.txt}
$f[0]=$null
$f[1]=$null
$f[2]=$null

${c:\list.txt} = $f

Import accpeted domains ( during migrations)

$File = Read-Host "Please enter location and filename of the CSV file (example: D:TempAcceptedDomain.CSV)"

# Reading of all lines within the specified CSV file.

$list = Import-Csv $File

foreach($entry in $list) {

# Reading the AcceptedDomain variable from the CSV file.

$AcceptedDomain = $entry.AcceptedDomain

# Running the powershell command for creation of all Accepted Domains.

New-AcceptedDomain -Name $AcceptedDomain -DomainName $AcceptedDomain

}

[Messaging Tech 2]

[glow=limegreen,2,300]Exchange Server 2010/2007: How to Change the Primary Email Domain[/glow]

Sometimes there is a scenario for Exchange Server administrators that customer needs to change their primary email addresses to a new domain name.
For example a company that uses @messagingtechs.com as their email address might be acquired, or merge, or simply be rebing to another name and wants to use @messagingtechs.net as their email address instead.

The Exchange Server administratorfs task is to:
¡Make the new primary email addresses of @messagingtechs.net begin to work
¡Make the previous email addresses of @messagingtechs.com continue to work
There are two features of Exchange 2010 that need to be changed for this to happen.

Accepted Domains
The first feature is the Accepted Domains. This is the feature that tells an Exchange 2007/2010 organization which domain names it will accept mail for, and how to treat that domain name.

Accepted domains can be authoritative (ie, the organization owns the domain name and uses it for mail recipients) or can be a relay domain (ie, the organization will accept the emails but send them elsewhere).There are a few other options such as shared SMTP namespaces but for the purposes of this scenario wefre just dealing with authoritative domains.

To add a new domain name to the organization launch the Exchange Management Console and navigate to Organization Configuration/Hub Transport. Select the Accepted Domains tab to view the current list of domains.
In the Actions pane click on New Accepted Domain.
Enter a Name and the Accepted Domain itself. The name can really be anything you like but most administrators just make it the same as the domain they are adding.



Click New and then Finish to complete the wizard.
Note that if you have Edge Transport servers deployed in your network they will not receive the updated list of Accepted Domains until the next scheduled synchronization of the Edge Subscription.



Exchange Management Shell command for the same:

new-AcceptedDomain -Name 'messagingtechs.net' -DomainName 'messagingtechs.net' -DomainType 'Authoritative'

Email Address Policies
Now that the new domain as been added as an Accepted Domain the next step is to configure an Email Address Policy.

Email Address Policies determine which SMTP addresses as are assigned to which objects in the organization, such as mailboxes, contacts, and distribution groups. Each organization has at least one Email Address Policy that by default will apply to all mail-enabled objects.
In this example we can see mailbox users assigned with @messagingtechs.com email addresses.


In the Exchange Management Console navigate to Organization Configuration/Hub Transport, and then select the Email Address Policies tab.
In this scenario wefll just modify the default policy for all mail-enabled objects. Right-click the Default Email Address Policy and select Edit.


Click Next to skip past the introduction and conditions, until you reach the Email Addresses part of the policy. Click on the Add button.


The Email address local part is an optional setting. If you do not specify one the Alias is used as the prefix of the email address. If you do specify one you can use the Alias or other combinations such as Firstname.Lastname.
Next type the domain name or click Browse to choose it from the list of Accepted Domains.


Click OK once you have configured the new SMTP email address. Select the newly added SMTP address and click on Set as Reply.
This will change the new address to bold, which means that it is the address that mail will appear to be sent from.



The other email addresses in the policy will allow people to continue to receive email sent to those addresses.

Click Next to continue. Now we can choose when the updated policy will be applied to recipients. Usually this will be immediately, however you can choose not make the changes without applying the policy, or schedule it for a later time.


Edit Default Policy
Exchange Management Shell command completed:
set-EmailAddressPolicy -Identity 'Default Policy' -EnabledEmailAddressTemplates 'smtp:@messagingtechs.com','SMTP:%g.%s@messagingtechs.net'

Apply Default Policy
Exchange Management Shell command completed:

update-EmailAddressPolicy -Identity 'Default Policy'

Click Next, and then click Edit to complete the wizard. Depending on the size of your environment this may take some time to finish applying.
After the new policy has been applied you can see the change by refreshing the list of mailboxes. Notice that the primary SMTP addresses have changed from @messagingtechs.net to @messagingtechs.com


If you look at one recipient you can see that the new primary SMTP address has been applied by the policy, and the previous email address has been retained as well to allow mail sent to that address to continue to be received.


You can see that after these tasks have been completed the organization has had the primary email domain changed to a new one while preserving the existing one at the same time.

[Alex]

Deleting Accepted Domain and removing Email Address Policy
Images loading - If you have proxy or polices that block certain websites or images you might not be able to view images, in that case please check with your internet admin



if you get the below error while trying to remove accepted domain



It means that some Email address policy is using that accepted domain



Remove the address from list in the email address policy

i1066.photobucket.com/albums/u401/MessagingTecs/websitePosts/remove-accepteddomain4.gif[/img]





You have deleted the accepetd Domain and you find that the email address is still present on users e.g. we removed messagingtechs.net from accepted domain and email address policy however the email address exists ( michael.chrichton@messagingtechs.net)



To remove that ( e.g. @messagingtechs.net ) from all users save the below as ps1 and run using exchange power shell

$users=get-mailbox -resultsize unlimited

foreach($user in $users){

$user.EmailAddresses | where{$_.AddressString -like
'*@olddomain.com'}| foreach{

Set-mailbox $user -EmailAddresses @{remove=$_}

}

}

Verify on the user accounts that it has been removed ( @messagingtechs.net is removed)