This article describes how to configure an Exchange-based computer to receive mail for multiple domains.

MORE INFORMATIONBy default, you are not allowed to relay unsolicited commercial e-mail in Exchange. If mail for multiple domains is being accepted on an Exchange computer, then the Default Recipient Policy must contain all domains. To configure an Exchange computer to receive mail for multiple domains:

1. Start Exchange System Manager.2. Click to expand the Recipients container.3. Click Recipient Policies.4. Open the properties of the appropriate policy that is displayed in the right pane.5. Click the E-Mail Addresses tab, and then add any additional Simple Mail Transfer

Protocol (SMTP) addresses that you want the Exchange-based computer to host. For example, to add a new SMTP mail domain, follow these steps:

a. Click New, click to select SMTP Address, and click OK.b. In the Address box, type the at sign (@) followed by the name of the

SMTP domain.

For example, to accept mail for Contoso.com, type the following in the Address box, and then click OK:

@contoso.com

6. Your new address space is now listed on the E-Mail Address tab. To enable your new address space, click to select the check box next to the address that you created, and then click OK.

PropertiesArticle ID: 268838 - Last Review: December 3, 2007 - Revision: 4.5

APPLIES TO

Microsoft Exchange Server 2003 Enterprise Edition Microsoft Exchange Server 2003 Standard Edition Microsoft Exchange 2000 Server Standard Edition Microsoft Windows Small Business Server 2003 Premium Edition Microsoft Windows Small Business Server 2003 Standard Edition

Configuring Exchange to host multiple e-mail domains

Overview

It's fairly common for most organizations to have multiple Internet domain names. In some of those cases those Internet domain names need to be used for incoming SMTP e-mail. Exchange provides support to accept mail from multiple domain names and also set the SMTP e-mail address on users based on recipient policies. In this article I will cover configuring Exchange to accept e-mail for multiple SMTP domains and creating recipient policies to give users the correct e-mail addresses.

The first step in configuring Exchange to accept e-mail for any domain is to register the domain at one of the many registrars. During the registration process you need to list the DNS servers that will be servicing the new domain. I suggest using an external provider to host your external DNS entries for Internet queries. I also suggest using the external provider as a secondary\backup DNS provider and keep a local DNS server as your primary\master DNS server. This will allow you to easily make changes to your DNS records and these changes will then be replicated to the external provider's DNS servers. This will allow you to lock down your firewall and DNS server to only allow zone transfers and queries from the external provider's IP addresses. Once the domain has been registered and DNS is setup you will then need to add MX record(s) for the Exchange servers that will be handling incoming e-mail.

Configuring Exchange to accept e-mail for a new domain

Once the domain and DNS are configured, Exchange needs to be configured\told to accept e-mails from the domain. To do this, follow the steps below:

1.      Open up Exchange System Manager (ESM)

2.      Navigate to <Org>\Recipients\Recipient Policies

?

3.      Double click on the "Default Policy"

In a fresh Exchange single admin group environment you will only have the "Default Policy" listed; in my environment I have multiple recipient policies.

If you upgraded from Exchange 5.5, a policy might exist for legacy Exchange 5.5 site.

 

4.      Click on the "E-Mail Address (Policy)" tab

?

In a fresh environment only two entries will normally be listed, one for SMTP and another for X400.

 

5.      Click New?

6.      Select "SMTP Address" and click OK

7.      Enter in the new domain you want Exchange to accept mail for, it must start with an "@"

8.      Click OK

9.      If you want all users to get this new e-mail domain name as an additional SMTP address click the check-box in front of it

Users will be given an address of <mailbox alias>@<domain> if you check the box.  In most cases you will want to control who gets certain e-mail addresses.  This will be covered next.

Recipient policies

Before I go on, let me cover how recipient e-mail address policies work. Exchange only accepts e-mails for domain names that are listed in one of the recipient polices. If the Exchange server receives a message for a domain name, or e-mail suffix that does not exist as a policy, it will return an NDR (Non-Deliver Receipt) to the sender. This assumes Exchange is configured to send NDR to all domains. Even if you add an e-mail address to a user in ADU&C, Exchange will still reject e-mail for the user it if the e-mail suffix isn't listed in the recipient policies.

When Exchange does accept mail from a domain, which is listed in the policies, it will check to see if it is the last mail system to accept mail for this domain. If it is and the e-mail address does not exist in the domain it will generate an NDR. This setting is controlled by the check box in the last screen shot, called "This Exchange Organization is responsible for all mail delivery to this address." If this check-box is unchecked and the recipient ca not be resolved, Exchange will then attempt to send the message though an SMTP connector. In order for the other system to receive the e-mail, an SMTP connector must be configured for the domain in question that forwards the messages to the other mail server. For example, a company has both Exchange and Sendmail in their environment and users on both systems have a "@company.com" address. When mail comes in from the Internet it makes the most sense to have either Sendmail or Exchange handle all incoming e-mail for the domain. If Exchange is the primary mail system it needs to send any unresolved e-mails to Sendmail. In order for this to happen the checkbox discussed above must not be checked and an SMTP connector or DNS must be configured to send mail to the Sendmail system.

The last setting is the priority of the recipient policy. When the Recipient Update Service (RUS) runs, it checks each object to see which policies apply to them. RUS then uses the policy with the highest priority to set the e-mail address for an object. Each policy can have an LDAP filter applied to it that controls what objects the policy applies to. These filters must be based on static attributes of the object, calculated attributes like DN and OU membership cannot be used. So it is important that the filter and priority on a recipient policy are set correctly.

Adding a new recipient policyThis takes us to how to create a recipient policy that only applies to certain objects in the AD. In the steps below I will cover creating a recipient policy that only applies to members of a "Sales" group.

1.      Right click on the Recipient Policies container and choose New\Recipient Policy...

2.      On the New Policy dialog check "E-Mail Addresses" and click OK

3.      Enter in "Sales" for the Name and click Modify... on the General tab

4.      On the Find Exchange Recipients dialog leave the default options on the General tab and click the Advanced tab

The General tab controls what object types the policies will apply to The Storage tab can be used to filter objects by the server or mailbox store they are on Advanced can be used to filter objects by almost any AD attribute

 

5.      Click the Field button and choose User\Member Of

6.      Enter in the full DN of the group, example: "CN=Sales,OU=Group,DC=Altered,DC=com"

 

Instead of using group membership, you could use State, Department, Company or any other attribute.  If you use a linked attribute, like Member Of or Manager, you have to enter the DN of the object.

If you don't know the DN of the object, open up ADU&C and make sure "Advanced Features" is enabled under the View menu.  Then open up the object and click the Object tab.  This will display the canonic path of the object, reverse the path and change it to the distinguished name format.  Example: altered.com\ Groups\Sales becomes CN=Sales,OU=Groups,DC=Altered,DC=com"

 

7.      Click Add

8.      Click Find Now to verify that the DN path you entered is valid

In the search results, any object that is in the Sales group, or matches the criteria you entered, and is mail or mailbox enabled should be shown.

 

9.      Click OK

10.  Click OK on the information message

11.  You should now see a filter like the one below, click on the "E-Mail Address (Policy)" tab now

 

12.  The current e-mail generation rules will be displayed, remove any address that you do not want to be added to the objects that are a member of the Sales group

You have to leave one X.400 address and SMTP address

 

13.  Click New... and choose SMTP Address

14.  In the address box enter "%g@sales.<domain>", example "%g@sales.izzy.org" and click OK

This will tell Exchange to create a <givename>@sales.izzy.org address for all users who match the recipient policy filter, members of the Sales group in this case.

 

15.  Enter any additional address you would like the users to haveExamples

1. %g@<domain>, example: %g@izzy.org becomes Jason@izzy.org2. %g.%s@<domain>, example: %g.%s@izzy.org becomes Jason.Sherry@izzy.org3. %1g%s@<domain>, example %1g%s@izzy.org becomes JSherry@izzy.org

For more details on using replacement strings\variables see KB822447

 

16.  Click the address you want to be the primary address, the one that shows up as the Reply To address on all e-mails and click Set as Primary

17.  Check the checkbox for all e-mail aliases you want users who match this policy to have

18.  Click OK

19.  When prompted, if you want to update the e-mail address for objects that match the new address, click No.  You will be prompted for each address you added or changed

If you click Yes, Exchange will add the new e-mail address to the object that matches the rules.

Configuring Exchange to host multiple e-mail domains

Setting the priority on the new policy

Now that the new policy is created we need to adjust its priority so it is the last one that applies to the sales users. If this is the only policy you have in place it should get a priority of 1, which makes it the highest priority recipient policy. The Default Policy is always the lowest.

1.      Under Recipient Policies, right click on the new Sales policy and choose All Tasks\Move up

2.      Repeat until it is higher than any other policy that would apply to the users who match the filter.

In my environment, my "Main" policy includes the main domain names and various string replacement e-mail address templates.  The other polices above Sales are filtered by other attributes.  If a user matches sales and any of the lower priority policies, the

lower priority ones will be ignored.  If they match sales and a higher priority policy, the sales policy will be ignored.

Forcing a recipient policy update

Now that the new policy has been created and the priorities are setup correctly, you can force Exchange to stamp the new policy on the matching objects.

1.      In ESM, goto <Org>\Recipients\Recipient Update Service

2.      Right click "Recipient Update Services (<domain name>)" and choose Update Now

3.      Open up one of the users who met the filter criteria and view their e-mail addresses, their e-mail addresses should look similar to those below

It may take several minutes for the RUS to start and finish processing all users.  If the DC that the RUS is communicating with is in a different AD site it may take over 15 minutes.

 

Conclusion

Using the steps above you can configure Exchange to accept mail for a new SMTP domain. In addition, you should now be able to setup new policies to control the e-mail addresses of objects.

Note:If you change the e-mail address generation rules on an existing recipient policy or delete a recipient policy, Exchange does not remove the old\previous addresses set by those policies. This is to prevent the removal of addresses that users might have used in the past that mail is still being sent to. To remove old\invalid address, use VBScript or other means.

Multiple SMTP domains on one exchange serverHi all,

I am currently trying to set up our exchange 2003 server to host email for about 8-9 domains. Our setup is that we have one domain controller(w2k3), which hosts all users for 4 different in-house companies. Basically what I need to set up exchange to handle all the seperate smtp domains. Is it possible to use exchange to set all the users working for abc.com, to adopt the email address @abc.com, and etc etc for def.com, ghi.com..... Also, we are currently using pop3 accounts and pst files but we would like to migrate to using server mailboxes, is there an easy way to do this

Tags: e-mail, exchange 2003 deployment implementation

boomio

23rd Apr 2007

Ask for Clarification Favorite

Answer the Question

Answers (1)Preferences

0

+ -

to host multiple domainsfor email, you also have to host their DNS or have some way in which the MX records point to your public address.

that's why most hosting companies don't host email services for other people's domains. First the administrative effort for each DNS and Exchange isn't cost effective. Second is hardware resources. You can't host multiple domains with multiple email services without a server farm. One box or even 2 boxes just won't cut it. Third is CALs. Even if you were able to host domain names using Linux or Novell DNS, Exchange will require CALs for connections from every user in every domain.

A better bet would be an email platform other than Exchange Server.

CG IT

23rd Apr 2007

Reply Favorite

RepliesSorry, just reading back, I can see that i probably didnt explain the situation correctly. We have an external company that hosts our dns and MX records for all the domains we own, I just need to facilitate the email for all those domains in here. i.e we just get the hosting company to redirect all emails to mail.abc.com, mail.xyc.com, etc to our email firewall on our new exchange server. But we need to have the exchange server set up first to handle all the domains we own. Apologies if this makes no sense, I only do desktop support and have no experience of any version of exchange server.

boomio 24th Apr 2007

Do they actually need to belong to a different domain or is this just a way to fix email? We're smaller, but we setup all users in the same domain and then they get an SMTP address added in the Exchange properties for def.com, ghi.com, etc. as default for each separate domain.

heathj@... 30th May 2007

And how did you accomplish this? I have a company that is being integrated in to my current company and they need to retain their abc.com SMTP address when sending Email out.

cparrish@... 4th Jun 2007

I think two issues are getting confused here. One is actual domains, such as having a computer a member of a domain, and the other is having exchange except mail for various internet domain names.Basically, you just need to configure exchange to accept mail from each domain (exch system manager -> recipients -> recipient policies -> default policy -> email addresses (policy) tab -> add your domain). Now exchange will accept mail addressed to each of these domain names. You simply need to make sure that the DNS records for each domain point the MX record to your firewall's wan IP address. Then you would just add the appropriate email address for each user in active directory. Mail sent to any of the domains will arrive in that user's mailbox.Things get hairy when trying to reply to those emails if users have more than one email domain (only one can be set as primary, and that is what it will send out as). Third party software exists to work around this flaw however. If each user has only one domain though, it shouldn't be an issue.

moracca@... 13th Jun 2007

we are attempting the same setup. I have 3 public domain names due to mergers and acquisitions. all public DNS and MX records now point to my in-house server. what we WANT to do is have

joe.smith@abc.com, joe.smith@def.com and joe.smith@ghi.com all go to the SAME user mailbox. I added the email addresses to the user, but all emails to domains other than abc.com (our original) are being rejected.

any ideas?

jim.dolan@... 7th Apr 2008

I understand what you are takling about. You want someone to be able to send an email to user1@abc.com, and send an email to user1@def.com. both emails would go to user1.

http://articles.techrepublic.com.com/5100-10878_11-1048995.html

This is an article for exchange server 2000, but it applies to 2003 as well. Follow the second way of setting it up. It is much easier than setting up multiple vitrual servers.

ow to setup Exchange for multiple domains

Q: We are running SBS 2003 with Exchange. Can we setup Exchange for multiple domains? If yes, how?

A: With Exchange 2003, you can setup Exchange for multiple domains easily. First, you need points all domain names to the Exchange and setup MX records.

To configure an Exchange computer to receive mail for multiple domains:

1. Start Exchange System Manager.2. Click to expand the Recipients container.3. Click Recipient Policies.4. Open the properties of the appropriate policy that is displayed in the right

pane.5. Click the E-Mail Addresses tab, and then add any additional Simple Mail

Transfer Protocol (SMTP) addresses that you want the Exchange-based computer to host. For example, to add a new SMTP mail domain, follow these steps:

a.Click New, click to select SMTP Address, and click OK.

b. In the Address box, type the at sign (@) followed by the name of the SMTP domain.

For example, to accept mail for Chicagotech.net, type the following in the Address box, and then click OK:

@chicagotech.net

6. Your new address space is now listed on the E-Mail Address tab. To enable your new address space, click to select the check box next to the address that you created, and then click OK.

Also please refer to Multiple Domain setup in Server 2003

Post your questions, comments, feedbacks and suggestions

Contact a consultant

Related Topics

How to manage mailbox

Find out how to use the Exchange Server Mailbox Merge (ExMerge.exe) tool to move ... Exchange 2000 Server Upgrade Series: Chapter 6, "Moving Mailboxes and ...www.howtonetworking.com/articles/mailboxmanagement.htm

troubleshooting smtp issues

SMTP is an add-on to Exchange Server 5.5 through Internet Mail Service. SMTP is native to Exchange 2000 and Exchange 2003. Everything is SMTP-based. ...www.howtonetworking.com/articles/troubleshootingsmtp.htm 

Exchange Case Studies

Exchange Case Studies. Can’t send/receive email to/from outside ... Your account in Microsoft Exchange Server doest not have permission to synchronize with ...www.chicagotech.net/casestudy/exchangecases.htm

Troubleshooting exchange issues

Your account in Microsoft Exchange Server doest not have permission to synchronize with ... You successfully create a new mailbox on your Exchange Server, ...www.chicagotech.net/troubleshootingexchange.htm

Exchange Server

How to remove the Exchange Server 5.5 computer from an Exchange 2000 administrative group ... You successfully create a new mailbox on your Exchange Server, ...www.chicagotech.net/exchange.htm

Unexpected Exchange mailbox server error

Your account in Microsoft Exchange Server doest not have permission to ... The Event Viewer lists Event ID 3005 - Unexpected Exchange mailbox Server error: ...www.chicagotech.net/troubleshooting/event3005.htm

Troubleshooting Exchange ActiveSync & OMA errors

Troubleshooting Exchange ActiveSync and OMA errors. Symptoms: 1. When using Exchange ActiveSync, you will receive following errors: 1) “Your account in ...www.chicagotech.net/troubleshooting/activesync1.htm

Some sent emails are dropped occasionally

That fixes the problem. Related Topics. Exchange Case Studies. Exchange Case Studies. Can’t send/receive email to/from outside · Event ID 1000, ...

Configuring multiple E-mail domains in exchange 2010June 2, 2010 Shareef

We can configure Microsoft Exchange Server 2010 to accept e-mail for more than one SMTP domains. In this article I will show you how to configure the accepted domains and how to create the new email address policy for the new e-mail domain

Scenarios:-

Your Company has different independent business units and the each of them need different e-mail domains; company management doesn’t want to spend money for this.

You Providing the email hosting service and have to accept e-mail for more than one SMTP domain name

Prerequisites

A public DNS MX resource record is required for each SMTP domain for which you accept e-mail from the Internet. Each MX record should resolve to the Internet-facing server that receives e-mail for your organization.

Send and Receive connectors should be configured, so that the Exchange organization can send e-mail to and receive e-mail from the Internet.

There are two steps to configure exchange 2010 to accept e-mail for more than one SMTP domains. The initial step is configuring the accepted domain and the second one is create or modify the email policy.

Use the EMC to configure Exchange 2010 to accept e-mail for more than one domain

Expand the Organization Configuration node, and then click Hub Transport. In the results pane, click the Accepted Domains tab.

In the action pane, click New Accepted Domain, or right-click and select the New Accepted Domain from the Accepted Domains tab. Then the New Accepted Domain wizard appears.

Figure: 1

On the New Accepted Domain page, type a name to identify the accepted domain entry. In the Accepted Domain field, type the SMTP domain name. Select Authoritative Domain. E-mail is delivered to a recipient in this Exchange organization.

Click New to create the Accepted Domain.

Figure: 2

Now you can see that the Authoritative Accepted Domain shareef.info has been created and listed in the Accepted Domain tab

Figure: 3

Now we need to configure the email address policy for the newly created authoritative domain. To do this either we can create new email address policy or edit the existing email address policy. I prefer to create the new email address policy.

To create the new email address policy expand the Organization Configuration node, and then click Hub Transport. In the results pane, click the E-mail Address Policies tab.

In the action pane, click New E-mail Address Policy or right-click and select the New E-Mail Address Policy from the E-mail Address Policies tab.

Figure: 4

Type a name for the e-mail address policy in this example its @shareef.info. If the users that will be assigned this new e-mail address policy are all in a specific organizational unit (OU), click Browse to restrict this e-mail address policy to that specific OU. Select an option under Include these recipient types to determine to which recipient types this e-mail address policy will be applied, in this example I choose Users with Exchange Mailbox, you can select this option as per your exchange environment. Click Next.

Figure: 5

If you want to specify any condition for this policy specify the same. In this example I prefer not to specify any condition. Click Next to continue.

Figure: 6

On the E-mail Addresses page, click Add to specify the domain for the E-mail Address and the E-mail address local part.

Figure: 7

In the SMTP E-mail Address dialog box, select the option under E-mail address local part that determines how the recipient’s e-mail address alias will be generated.

Click the Select the accepted domain for the e-mail address option, and then click Browse. In the Select Accepted Domain dialog box, select an accepted domain, in this example its shareef.info and then click OK. Click OK again to close the SMTP E-mail Address dialog box.

Figure: 8

Click Next to continue.

Figure: 9

In the Schedule page, select an option to specify when the e-mail address policy will be applied and the maximum length of time that the task is permitted to run. I am choosing immediately.

Click Next.

Figure: 10

Click New to create the new E-Mail Address Policy

Figure: 11

The New E-Mail Address Policy task has been completed successfully. Click Finish to exit the wizard.

Figure: 12

In this screenshot you can see the new email address policy has been applied.

Figure: 13

PowerShell commands for configuring the Exchange 2010 to accept e-mail for more than one domain

To create the New Authoritative Accepted Domain

New-AcceptedDomain -Name “blog.shareef.info” -DomainName shareef.info -DomainType Authoritative

To create the New E-Mail Address Policy

New-EmailAddressPolicy -Name “@shareef.info” -IncludedRecipients UserMailbox -ConditionalDepartment “Fourth Coffee” -Priority 1 -EnabledEmailAddressTemplates “SMTP:@fourthcoffee.com”

To apply the New E-Mail Address Policy to the recipients

Update-EmailAddressPolicy -Identity “@shareef.info”

 

 

Share this:

22 comments Accepted Domain, Email policy, Multiple Domain

22 comments

1. Brian

March 18, 2011 at 10:01 pm

Okay, this is great, but my issue is not adding a domain to Exchange2010…how do I assign the new domain in AD?? I’ve got my DC running Server 2008R2, and I don’t see anywhere I can add the new domain such that I would then be able to assign new users with ONLY the new domain as their SMTP address instead of the old domain. That’s the piece I’m missing.

Thanks very much for any help you can provide!Brian

Reply

o Shareef

March 19, 2011 at 5:22 pm

Brian,

You can add the UPN suffix on the forrest level then assign the new name to the users. Please do the below mentioned steps for adding the UPN Suffix to a forrest.

Adding a UPN Suffix to a Forest

1. Open Active Directory Domains and Trusts.2. Right-click Active Directory Domains and Trusts in the Tree window pane, and then click Properties.

3. On the UPN Suffixes tab, type the new UPN suffix that you would like to add to the forrest.4. Click Add, and then click OK.

Now when you add users to the forest, you can select the new UPN suffix to complete the user’s logon name.

Regards,Shareef

Reply

2. Brian

March 31, 2011 at 4:53 am

Yea, that works, but I am unable to add a login id that is already being used in the “pre-windows 2000″ login name. Even if I use a different login name, it will not create the new user because the proper name (John Smith) is in use. This means that users of one domain can not overlap with any other domain. There must be a way to have mutually exclusive domains/users in one forest.

Reply

o Shareef

March 31, 2011 at 11:21 am

In this case you have to choose different name or use dot (.) between the names as the “pre-windows 2000 login name”

Regards,Shareef

Reply

3. Levan Begiashvili

June 29, 2011 at 2:40 pm

i have done it but now have another problem i can send email outside but cannot recievehere is Deliveri failure from gmail to my new domain:

Delivery to the following recipient failed permanently:mymail@newdomain.com

Technical details of permanent failure:Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 550 550 “Unknown User” (state 14).

when i use telnet says the recipient is okis this spam filter or some agent problem ?

Reply

o Shareef

June 29, 2011 at 2:56 pm

This error seems to be some kind of relay issue. Please make sure that your MX records are configured properly, Also try to test the exchange ‘send and receive’ using the below ms site.

https://www.testexchangeconnectivity.com/

Reply

4. Samer

January 13, 2012 at 10:39 pm

The above work perfectly but I have a minor issue where I want multiple OWA redirection on same CAS 2010 SP2 server

so if we have 2 domains x.com and y.com when we type:

mail.x.com it redirects to https://mail.x.com/owamail.y.com it redirects to https://mail.y.com/owa

Reply

o Shareef

March 8, 2012 at 8:22 pm

Hi Samer,

Sorry for late reply. As per my knowledge, this feature is not possible with the above configuration.

Reply

o anh

May 31, 2012 at 5:48 pm

Hi Samer,

Please share your solution to fix 2 error:1. create same username on other domain2. send email ok, but cannot receive email.

Thanks!Anh

Reply

5. Mubashir Shah

February 13, 2012 at 12:10 am

Hi,how do u do?Boss i am new to exchange server,I have installed exchange 2010 on win server 2008 R2 with an unregistered domain say abc.com from which i only send emails works fine.I have same task that u discussed here..I create second domain say xyz.com by adding UPN suffix in AD and also create user1@xyz.com.Now I cant send email by user1@xyz.com even though by setting custom email address policy for xyz.com through your help here.does it necessary to create user first with another domain on AD,then in exchange?Thanks for any reply you can provide

Reply

o Shareef

March 8, 2012 at 8:42 pm

Hi Mubashir,

Sorry for the late reply, I do not understand your issue completely; you mentioned you can’t send mail, is that means mails are not going out at all or only with specific domain?

If it’s only for specific domain, are you getting any error when you try to send the mail?

Reply

6. Brent

March 8, 2012 at 4:05 am

I realize this is an older post but it was helpful. I was able to add the 3 domains I need but here’s my challenge. Some people (including me) do work for all 3 organizations. I need to be able to reply from the same address the original email was sent to.

In other words – I receive an email on my brent@abc.com and brent@xyz.com. When I reply to the brent@xyz.com email, I need the FROM to be brent@xyz.com, not the default reply address. I want the FROM to be the appropriate domain name so as not to confuse the sender.

I can set the reply domain to one of the three but I don’t appear to have an option to change the FROM when sending an email from Outlook.

Am I missing something or is this not part of 2010 SP1 functionality?Regards

Reply

7. Shareef

March 8, 2012 at 8:48 pm

Hi Brent,

Thank you for the comment, as per my knowledge to use this feature with outlook MAPI connection, you have to create different user for different domains.

Reply

8. Ahmed Zidan

March 26, 2012 at 11:35 pm

after Configure Multiple Domain Names to One Exchange Server cannot send mail to Hotmail but can send to yahoo or gmail

Reply

o Shareef

March 29, 2012 at 1:54 am

Hi Ahmed,

Most probably your public IP is blacklisted. Can you run a blacklist test against your Public IP?

Reply

9. khaled

April 10, 2012 at 9:48 am

hi there , let me make sure that i get the full picture.my case is :we are two companies , we have two exchange server with differant domain , can i put them in one server ? can i have a saperate mailDB for every doamin in the smae server ?? can i have a saparate CAS for every domain in the same server ??? if yes that means we need to do something to have a root for the second domain in the AD or somthing like this.

is it possible .

Reply

o Shareef

April 14, 2012 at 2:17 pm

Hi Khaled,

These are the answer of your questions

1. can i put them in one server ? yes you can.2. can i have a saperate mailDB for every doamin in the smae server ?? Yes you can create separate DB for the different domain users.3. can i have a saparate CAS for every domain in the same server ??? I am not clear about your question, if your question is about creating UPN suffix for each domain, yes you can configure it, and the steps are below.

Adding a UPN Suffix to a Forest

1. Open Active Directory Domains and Trusts.2. Right-click Active Directory Domains and Trusts in the Tree window pane, and then click Properties.3. On the UPN Suffixes tab, type the new UPN suffix that you would like to add to the Forest.4. Click Add, and then click OK.

Reply

10. Craig

April 11, 2012 at 5:50 pm

Does anyone know of a way that a user can tell which smtp address received the email in their inbox? I have Exchange setup as an authoritative host for a few domains, everyone has company.com as their primary SMTP and companyb.com and companyc.com as additional smtp’s in their account. When an email is sent to a companyb.com address and you right click the message in the inbox it only displays the primary SMTP. We have an outside POP/SMTP still setup so the users can send as companyb and companyc but need to figure out how they can tell which outside account to use when neccessary.

Reply

11. Tom

May 1, 2012 at 7:24 am

Hi,

So i have read everything above and all the comments, i get i can put different Domains into a ainslge server box without any issue.

The issue i a m having is, the 2 companies (same staff) want to be able to receive e-mail from both on one user name, So ABC.com & XYZ.com are recieved into single users mailbox’s. But they also want to be able to SEND from either if they chose using the single user name.

Is this possible, running SBS2011 STD with Exchange 2010

Thanks in advanced for any help regarding this!

Reply

o Craig

June 2, 2012 at 3:57 pm

Tom,

You can accomplish sending two ways. First is to setup outside hosting for the other domain. You won’t point MX traffic there, it will only be used for sending. You create user@domainb.com on that host and setup an IMAP (or POP) in Outlook for those credentials. You’ll have to configure the IMAP and SMTP in Outlook witht he IP address of your shared hosting since the URL of that domain will be pointing to your in house server. When users compose an email they click the Account tab and select user@domainb.com. There is a software solution from Ivasoft.com that will accomplish using multiple SMTP addressing as well but it’s expensive. I’ve used that on Exchange 2003 years ago but not 2007 or 2010 yet.

Reply

12. fazlin

June 15, 2012 at 5:50 am

Hi

I am trying to setup company exchange 2010 std server fro about 50 users. We have 4 different domains eg com1.com, com2.com, com3.com and company.com. All users have primary email accounts as user@company.com, the other domain names are old domians which the company has kept and I would like users to receive emails from them as well. All the 4 company MX records point to mail.company.com, For OWA etc do I need to purchase SSL certificate for each domain (old domain name are not used to send out emails)

Reply

o Shareef

June 30, 2012 at 2:44 am

Hi Fazlin,

Thank you for the comment, if you are using the OWA for only one domain, you don’t need to buy additional SAN certificate. One SAN Certificate is more than enough

3. Running Exchange Server 2013 setup

Preparing Active Directory for Exchange Server 2013When you are installing Exchange Server 2013 for the first time the Active Directory needs to be prepared.

There are a series of requirements for Active Directory preparation to be successful:

Schema master running Windows Server 2003 with SP2, or a later version of Windows Server

At least one Global catalog server per site that Exchange will be installed in that is running Windows Server 2003 SP2 or later

At least one Domain controller per site that Exchange will be installed in that is running Windows Server 2008 or later

Forest functional mode of Windows Server 2003 or higher

An account with Schema Admins, Domain Admins, and Enterprise Admins permissions to run Exchange setup

Although Active Directory preparation can occur as part of the installation of the first Exchange Server 2013 server, you can also run the Active Directory preparation as a separate task beforehand on a 64-bit server running Windows Server 2008 or higher.

Because the Active Directory preparation requires the RSAT-ADDS tools I am running it on the domain controller in my test lab.

Alternatively, you can install the tools on a member server to run Exchange 2013 Active Directory preparation.

For Windows Server 2008 R2 (SP1 or later), in PowerShell run:

Import-Module ServerManager

Add-WindowsFeature RSAT-ADDS

For Windows Server 2012, in PowerShell run:

Install-WindowsFeature RSAT-ADDS

If you are installing Exchange Server in the AD forest for the first time run the following Exchange 2013 setup command to prepare Active Directory:

setup /PrepareAD /OrganizationName: "your organization name" /IAcceptExchangeServerLicenseTerms

Note: if your organization name contains spaces then it must be enclosed in quotes as shown above.

If an Exchange organization already exists you can omit the /OrganizationName parameter.

setup /PrepareAD /IAcceptExchangeServerLicenseTerms

For other Active Directory preparation scenarios, such as multiple forests or multiple domains, refer to this article on TechNet.

Installing the Exchange Server 2013 Pre-RequisitesExchange Server 2013 can be installed on either Windows Server 2008 R2 (SP1 or later) or Windows Server 2012. Depending on the server roles you are installing the pre-requisites vary.

Installing Exchange Server 2013 Pre-Requisites on Windows Server 2008 R2 Installing Exchange Server 2013 Pre-Requisites on Windows Server 2012

Installing Exchange Server 2013 Using the Setup WizardAfter installing the pre-requisites a restart of the server may be required. If you proceed without restarting then setup may be unable to proceed when it detects the pending restart.

From the location where you have stored your Exchange 2013 files run Setup.exe.

The first dialog gives you the opportunity to check for updates to the setup files before you proceed.

Check for updates to Exchange 2013 setup files

After the setup files have updated click Next to continue.

Click Next to continue past the Introduction message.

Exchange 2013 setup introduction

Accept the license agreement and click Next to continue.

Exchange 2013 license agreement

Choose whether or not to enable Error Reporting and click Next to continue.

Configure Exchange 2013 error reporting

After a check that all the pre-requisites are installed the setup wizard will move on to the next step automatically (if the check was successful).

Now we can choose the server roles to install. If this is the first server you’re installing Microsoft recommends you install the Mailbox server role first (this can be either a Mailbox-only server or a combined Mailbox/Client Access server).

Choose the Exchange 2013 server roles to install

Verify that you have enough disk space for the installation, or choose a path that does have enough disk space, and click Nextto continue.

Choose the location to install Exchange 2013

If there is no existing Exchange organization in Active Directory, and you haven’t already prepared Active Directory for Exchange, you will be prompted to enter an Exchange organization name.

When installing the Mailbox server role you are given the option to disable malware protection. If you disable it now you can enable it again later.

Configure anti-malware protection for the Mailbox server

Some readiness checks are performed. If this is the not the first server you’re installing and there is no Send Connector defined for outbound email then you may see a warning, but you can still proceed with the server installation.

Setup can’t detect a Send connector with an address space of ‘*’. Mail flow to the Internet may not work properly.

Exchange 2013 setup pre-requisite warning

When you are ready to proceed you can click Install to begin.

Begin the installation of Exchange 2013

The install is a fairly lengthy process, so you may want to go and do something else while you wait. When setup has finished click Finish.

Exchange 2013 setup is finished

Filed Under: Tutorials Tagged With: Deployment, Ex

5 down vote favorite4

SPF (Sender Policy Framework) seems like a good way to combat spammers/spoofing.

However, despite reading the explanations several times, I'm not quite understanding how to configure it correctly.

Let's say I have my server at a.x.com which hosts www.x.com and b.x.com and c.x.com and so on.

I also have a.co.uk b.net c.info and so on, each of these with an assortment of sub-domains, all hosted on x.com

For all of these domains and sub-domains, I want to permit mail to be sent from a.x.com

I would also like them all to permit mail sent from Gmail for all these domains.

How do I set this up with SPF?

Can I set one SPF record for x.com (or a.x.com) and then for everything else just have a simple include/pointer to x.com's record, or would it need to be done differently?

Can anyone provide some SPF records for the above example?

Note: The second part of my question has been answered (use "v=spf1 include:x.com -all" to include/point at x.com's record), but the key part of what to set on x.com remains unanswered...

dns email spam spf

share|improve this question edited May 9 '09 at 0:36

asked May 4 '09 at 22:15

Peter Boughton26049

Actually it's proved a hopelessly ineffective way of reducing spam. In fact, arguably, it's only really meant to address sender address spoofing anyway. – Christopher Edwards May 5 '09 at 0:57

2"it's only really meant to address sender address spoofing" - exactly, to stop spammers from sending mail appearing to come from others' domains. – Peter Boughton May 5 '09 at 7:47

5 Answers active oldest votes up vote 5 down vote accepted

You can't avoid having to alter the zone files for the domains other than x.com, but you can save yourself a lot of trouble by defining common policies hosted on one domain and using the redirect SPF keyword on the other domains. Example:

In the zonefile for the x.com domain:

_policy1 IN TXT "v=spf1 a:a.x.com -all"_policy2 IN TXT "v=spf1 include:_spf.google.com a:a.x.com -all"

_spf.google.com is the record holding the Gmail SPF record. Not sure whether it's documented. Theoretically you should include:gmail.com but that's a redirect to _spf.google.com and there has been at least one widely used SPF patch for qmail which didn't follow it properly (got fixed in August 2008 but might still be deployed.) The two policies are examples, of course - having more than one with various levels of strictness is extremely useful when debugging since you only have to alter a short name in the target domain instead of error-prone copypasting.

In the zonefiles for the other domains:

@ IN TXT "v=spf1 redirect=_policy1.x.com"

or

@ IN TXT "v=spf1 redirect=_policy2.x.com"

etc. I'm using redirect, not include, to cause the SPF check to completely replace the currently evaluated record with the one I'm redirecting to. include does not do

that - for example, an -all at the end of an include does not cause evaluation to stop (include is a big misnomer.) You should avoid using include when you want to "alias" a SPF record from another domain, since it's quite brittle - if you accidentally forget the trailing -all you might render your entire SPF on that domain ineffective.

Edit: Please note, though, that you need to be on guard if you want to allow Gmail's servers as senders. The Gmail chaptcha has been cracked, which means that it's possible to automate account signups, which means Gmail can be (indirectly) used as an open relay (I'm getting tens of spambot signup requests per week for my company discussion forum, all using gmail.com email addresses - and those addresses are live, I've allowed a few to go through for checking purposes.) Additionally, anyone with a Gmail account can bypass SPF checking if familiar with the uwsername parts of the email addresses at your domains.

share|improve this answer edited May 9 '09 at 10:36

answered May 9 '09 at 8:34

Mihai Limbăşan2,4591015

Thanks, this is a helpful answer. Last time I checked, Gmail requires email validation before you can send emails from other addresses - so once the inbox for that address is secure, things are ok? How important is/isn't also having 'www' lines as in bortzmeyer's answer? – Peter Boughton May 9 '09 at 15:11

1

True, but once a crack appears in the foudation I'm sure someone will find a way to squeeze half the river through :) Not saying you shouldn't, I'm just recommending to be on your toes and periodically check whether Gmail is being exploited, i.e. please don't abandon authority to Gmail indefinitely. I trust them more than I trust more online entities, but that's just a little trust versus no trust at all. – Mihai Limbăşan May 9 '09 at 18:47I have no idea why bortzmeyer included the www entries. They are entirely useless unless you actually send mail from @www.x.com which (apart from not being used much) looks plain weird and induces confusion in less than technically savvy people. – Mihai Limbăşan May 9 '09 at 18:48

2

Additionally, I would NOT use SPF record types. I recommend you stick with TXT. The SPF record type is only supported by BIND 9.4 and higher, per RFC you must also maintain replicas of the TXT records i.e. you must copypaste stuff (bad) and you must maintain them in sync (hard). The gain is nonexistent since TXT will be the primary SPF delivery mechanism for the foreseeable future, quoth openspf.org. – Mihai Limbăşan May 9 '09 at 18:50

1 @Mihai Limbasan: excellent answer, thanks for sharing. In case you think it's necessary to update your answer, Google seems to prefer v=spf1 include:_spf.google.com ~all in place of -all, supposing I understood properly, ref. google.com/support/a/bin/answer.py?answer=178723 – Marco

Demaio Jul 22 '11 at 16:59show 4 more comments

up vote 4 down vote

Yes, you can include the config from one of your domains in the SPF records for all the other domains. Setting the other domains' SPF record to the following should do the trick:

v=spf1 include:x.com -all

share|improve this answer

answered May 4 '09 at 22:51

womble57.4k555113

Will this "just work", or does it require a _spf sub-domain, or similar? – Peter Boughton May 5 '09 at 19:51I'm pretty sure that if you've got the SPF records defined directly on x.com initially, the include for the other domains can just point directly at x.com as well. If you define your SPF record in _spf.x.com route, then yeah, you'll need to change the include a bit to point to that FQDN as well. – womble May 6 '09 at 0:14

up vote 2 down vote

Have you tried using the web tool at http://www.openspf.org/? It might make it a bit easier for you to deal with this...

Just enter your domain in the top-right box and click the go button. From there, you should be able to set things up in a hurry.

share|improve this answer

answered May 4 '09 at 22:32

Avery Payne9,71311954

1 I've tried several times with that tool, but the explanations are not clear enough. – Peter Boughton May 4 '09 at 22:35

up vote 2 down vote

The standard, RFC 4408, provides some examples that are very close from what you want. Here is an extract of x.com's zonefile:

@ IN TXT "v=spf1 a:a.x.com -all" IN SPF "v=spf1 a:a.x.com -all"

www IN TXT "v=spf1 a:a.x.com -all"

IN SPF "v=spf1 a:a.x.com -all"

Notes:

I did not add Gmail email servers because I do not know them, ask Gmail people

'a' is for 'address' (it is not a DNS A record, it includes IPv6) I added SPF records, per the RFC, although almost all implementations use

only the TXT record

share|improve this answer

answered May 9 '09 at 6:33

bortzmeyer2,368815

up vote 1 down vote

Yes, you need to add the specific SPF record to each domain individually.

The reason for this is that the only (useful) aliasing type record in the DNS is the CNAME record. However the CNAME record causes aliasing to happen for ALL of the RRtypes in an RRset - there's no way to say "CNAME the SPF record but not the MX records"

4 down vote favorite

2

We have a Windows 2008 Enterprise R2 SP1 server with multiple accepted domains configured on our Exchange 2010 console.

Configuration of exchange 2010: In exchange console, under organization configuration > hub transport > accepted domains, we have:

domain1 > authoritative > default = truedomain2 > authoritative > default = falsedomain3 > authoritative > default = falsedomain4 > authoritative > default = false

We are able to RECEIVE e-mails on ALL the above domains.

Just to be clear: I can receive emails to userX@domain1.com , userX@domain2.com, userX@domain3.com and userX@domain4.com without any problems. I am able to send email from userX@domain1.com (the default domain). However, when trying to send emails from userX@domain2.com, userX@domain3.com, and userX@domain4.com, I receive the following error:

Delivery has failed to these recipients or groups:

destination_example_email You can't send a message on behalf of this user unless you

have permission to do so. Please make sure you're sending on behalf of the correct sender, or request the necessary permission. If the problem continues, please contact your helpdesk.

If I change the primary email address for userX to userX@domain3.com , I am able to send as userX@domain3.com and only from that mail.

The question:

How can I enable sending emails from ALL the authoritative domains at any single moment without having to manually change the default email address of the user?

windows-server-2008-r2 exchange-2010 send-as

share|improve this question

edited Jan 21 '12 at 16:48

MDMarra55.8k669167

asked Jan 19 '12 at 16:34

Bdevelle241

I would also like an answer to this topic. – Fase Feb 6 '12 at 21:58

1 Answer active oldest votes

up vote 0 down vote

We've found a work-around in the meanwhile.

If we split up the accounts into 4 different accounts, and grant the correct permissions, we are able to send as any user.

However this is a very pale solution. this would multiply the number of accounts in both AD and Exchange

Still searching for a official fix on this.

share|improve this answer

andling Multiple Email Accounts

 

A number of the unique features available with myhosting.com Hosted Exchange Email provide you with various ways of handling your existing mailbox.

 

If you have multiple email addresses or domain names that you want to consolidate into fewer mailboxes, we can help you accomplish this.

 

 

Do you want to...Have 2 different email addresses going to one inbox, and be able to send email from either address?

 

There are a few reasons why you might need two different email addresses. Perhaps you want a personalized email address for communicating with your colleagues and associates, and also want a generic email address for communicating with your customers. This can be accomplished easily without having to activate 2 full myhosting.com Exchange Email accounts.

 

 

1. First you can activate a full myhosting.com Exchange account using your personalized email address. You could use something like john.smith@your-company.com.

2. Next, you can activate a myhosting.com Basic mailbox using the generic email address. For example you can use something like customer.service@your-company.com.

3. Now that your Basic mailbox is set up, you can set up an Email Aggregator for your "john.smith" account to download email for the "customer.service" mailbox. This will download the email directly into your Exchange account without you having to do it manually using Outlook

4. Now you can configure the "john.smith" user in Outlook as an Exchange Account. When complete, you can configure the "customer.service" user in Outlook as a POP3 Account.

5. When you are composing or replying to an email, simply click on the Account drop down menu to select which email address to send your email from.

 

Now you can receive email from both accounts and send email from either!

Have 2 different email addresses going into one inbox, but be able to send email only from one?

 

With myhosting Hosted Exchange you can add additional Email Addresses to your domain that act as aliases to an existing mailbox without adding a new Exchange account. This free feature is included, and allows you to create an email address that can automatically forward email into one Exchange mailbox. For example, you can create an email address like sales@your-company.com that forwards email to john.smith@your-company.com. John will then receive the email sent to "sales" and will be able to reply using his "john.smith" email address.

Have a different email address going into multiple inboxes?

 

With distribution lists, you can add a new email address without adding a new Exchange account. This feature is also free and is included with myhosting.com Hosted Exchange Email. It allows you to create an email address that can automatically forward email into one or more Exchange mailboxes. For example, you can create a distribution list like marketing@your-company.com that forwards email to both bob.thomas@your-company.com and sally.jones@your-company.com!

 

Each user will receive a separate copy of the email, and can reply with their own Exchange email address.

Have 2 or more different domain names and have an email address on each one?

 

By adding Domains to your myhosting.com Hosted Exchange email, you can use one Exchange server to host many different domain names. For example, if your company owns domain names for the .com, .net and .org TLDs, you can have your-name@your-company.com, your-name@your-comany.net and your-name@your-company.org all resolving to a single mailbox.

You can even use our Primary Email Address feature to change which email address you want to have your email sent from.

 

Have an email address in your Exchange organization that forwards to a third party email address?

 

If you want a user to have an email address on your Exchange domain, but don’t want to give them an exchange mailbox, this can be done easily by adding them into your Global Contact List. Through our control panel we allow you to manually add entries in your Global Address List, and to specify the internal and external email addresses that correspond with this contact.

 

For example, you can create a contact entry for "Jon Doe" that has an internal email address of jon.doe@your-company.com and forwards all email to the external mailbox jondoe2001@some-isp.com. Jon will appear in your Global Contact list so that everyone in your organization will see his contact details and send him email, and people from outside the organization will be able to send him email through either email address.

 

Have a distribution list that forwards email to internal and external contacts?

 

Using the distribution list feature, you can create an email address that will forward email to one or more Exchange mailboxes as well as forwarding email to one or more Global Contacts! After adding a member to your Global Address List, the contact will be assigned an email address within your domain. This allows you to add them to any distribution list that you want to create.

 

For example you can create a distribution list like consultants@your-company.com that forwards email to sally.jones@your-company.com (an Exchange User) and jon.doe@your-company.com (a Global Contact with external email address jondoe2001@some-isp.com). So any email sent to the "Consultants" distribution list will arrive in Sally’s Exchange mailbox and Jon’s external ISP mailbox.

 

Keep your company domain name with your existing provider while adding Exchange features to only a few mailboxes? Or keep your existing email address from your ISP while adding Exchange features?

 

This functionality can be achieved using mail2web Mobile Email. Also based on Exchange but a more customized offering, mail2web Mobile Email offers the means to consolidate your email into a full featured Exchange 2007 mailbox and begin using that mailbox as if it were your ISP or other mailbox.

 

Using our simplified setup wizard, you can opt to forward or use the mail2web Email Aggregator to move your existing mail into your mail2web Mobile Email account and then using the Primary From Address feature to modify the appearance of your outbound email. Your email is sent and received as though it were always with your existing provider, but you get all the great features of Exchange Calendar, Contacts and Email Sync and much more! Get more info here.