Exch2007 Internal NDR forwards to smart host
We recently replaced our smart host appliances that handle outbound mail. Since the change, undeliverable internal e-mail (i.e.- deleted mailox, incorrect address)is being sent to the smart host appliances instead of back to the sender. They are then stuck
in a queue until someone deals with them. I found an article suggesting setting "Set-AcceptedDomain -AddressBookEnabled $true". Running this command resulted in a message that it was already set this way. Message tracking results show a Send event from the
Hub Transport server to the smart host with a recipient status of 250 2.1.5 Recipient ok. Any suggestions would be greatly appreciated.
August 22nd, 2011 7:41pm
On Mon, 22 Aug 2011 16:41:49 +0000, Hard2FindAFreeID wrote:
>We recently replaced our smart host appliances that handle outbound mail. Since the change, undeliverable internal e-mail (i.e.- deleted mailox, incorrect address)is being sent to the smart host appliances instead of back to the sender. They are then
stuck in a queue until someone deals with them. I found an article suggesting setting "Set-AcceptedDomain -AddressBookEnabled $true". Running this command resulted in a message that it was already set this way. Message tracking results show a Send event from
the Hub Transport server to the smart host with a recipient status of 250 2.1.5 Recipient ok. Any suggestions would be greatly appreciated.
Was (or is) your organization configured to send e-mail to the smart
host if it couldn't be delivered to a local mailbox? That is the
definition of what a smart host does. Your domain should be sonfigured
as "Authoritative", not as a relay domain.
---
Rich Matheisen
MCSE+I, Exchange MVP
--- Rich Matheisen MCSE+I, Exchange MVP
Free Windows Admin Tool Kit Click here and download it now
August 23rd, 2011 12:55am
Thanks for your response Rich. Everything is set to Internal Relay, but it was the same with the old appliances. The smart host appliances are content/virus filtering devices that take the place of the Edge server. I was actually looking for something
in Exchange that recognized that the domain was internal, and didn't try send the mail beyond the internal system. Thought maybe I had missed something.
August 23rd, 2011 3:19pm
On Tue, 23 Aug 2011 12:19:17 +0000, Hard2FindAFreeID wrote:
>Thanks for your response Rich. Everything is set to Internal Relay, but it was the same with the old appliances.
Why are you sending e-mail for unknown addresses in your domain to
those machines? Do you share your domain name-space with some other
organization? If your servers are authoritative for your domain then
the domain should be set to "Authoritative".
>The smart host appliances are content/virus filtering devices that take the place of the Edge server.
That's okay. The Send Connector should have an "Address Space" of "*"
and your domain (in the "Accepted Domains") should be authoritative.
No e-mail sent from your servers to your domain should be leaving your
Exchange organization.
>I was actually looking for something in Exchange that recognized that the domain was internal, and didn't try send the mail beyond the internal system. Thought maybe I had missed something.
Yes, you have -- in "Accepted Domains" your domain is not marked as
"Authoritative". That means that any unknown addresses in your
domain's namespace, sent from within your organization, will be sent
to those appliances.
---
Rich Matheisen
MCSE+I, Exchange MVP
--- Rich Matheisen MCSE+I, Exchange MVP
Free Windows Admin Tool Kit Click here and download it now
August 23rd, 2011 5:25pm
Thanks again. I understand what you've explained and will test it out soon to ensure it doesn't cause other issues in the environment. One other variable i'd like to confirm - we have about 6 other accepted domains configured for aliases setup in the system.
Do they all need to be made Authoritative or does the default domain cover them all for this operation? Darryl
August 23rd, 2011 7:53pm
On Tue, 23 Aug 2011 16:53:55 +0000, Hard2FindAFreeID wrote:
>Thanks again. I understand what you've explained and will test it out soon to ensure it doesn't cause other issues in the environment. One other variable i'd like to confirm - we have about 6 other accepted domains configured for aliases setup in the
system. Do they all need to be made Authoritative or does the default domain cover them all for this operation? Darryl
If the domains are used solely by your Exchange organization and you
don't want messages with unknown addresses within those domains to be
sent to a smart host for resolution then, yes, those domains should
also be authoritative.
---
Rich Matheisen
MCSE+I, Exchange MVP
--- Rich Matheisen MCSE+I, Exchange MVP
Free Windows Admin Tool Kit Click here and download it now
August 24th, 2011 3:53am
Hi Hard2FindAFreeID,
Here is a related document for you, hope can give you some help:
Managing Accepted Domains
http://technet.microsoft.com/en-us/library/bb124423(EXCHG.80).aspx
Thanks,
Evan Liu
TechNet Subscriber Support
in forum
If you have any feedback on our support, please contact
tngfb@microsoft.com
August 24th, 2011 8:19am
Hi Hard2FindAFreeID
How about the issue, any updates?
Thanks,
Evan Liu
TechNet Subscriber Support
in forum
If you have any feedback on our support, please contact
tngfb@microsoft.com
Free Windows Admin Tool Kit Click here and download it now
August 26th, 2011 9:18am
Testing with an infrequently-used domain seems to prove this out. I now have to go though our Change Control process which may put implementation out another week. I'll post an update when that's complete. In the mean time, thanks to both of you for the
assistance. Darryl
August 26th, 2011 2:14pm
Hi Hard2FindFreeID,
Any updates on this issue?
Thanks,
Evan Liu
TechNet Subscriber Support
in forum
If you have any feedback on our support, please contact
tngfb@microsoft.com
Free Windows Admin Tool Kit Click here and download it now
September 6th, 2011 4:00am