Learn Exchange the Guru way !!!


How to configure Accepted domains in Exchange 2016

An accepted domain is a SMTP namespace for which a Microsoft Exchange Server sends or receives emails. Accepted domains comprise the domains that the Exchange organization is authoritative.

When exchange handles mail delivery for recipients in the accepted domain, the Exchange organization is authoritative. Accepted domains also include domains for which the Exchange organization receives mail and then relays it to an external email server.

Accepted domains are organized as global settings and needs to configure every domain for which the Exchange organization relays or delivers messages as an accepted domain in the organization.

NOTE: If there is a subscribed Edge Transport server in the perimeter network, it requires configuring accepted domains on a Mailbox server in the Exchange organization. The accepted domains configuration will be replicated to Edge Transport server during EdgeSync synchronization.

Configure Accepted Domain in Exchange 2016:

We can see there is an MSExchangeGuru1.Local is added by default and the domain type is Authoritative. By default active directory site’s root domain will be added as accepted domain.

Configure New Accepted Domain:

Open EAC and Navigate to Mail Flow àAccepted Domainsà Click on New:

In the new Accepted domain window, provide the name, Accepted domain and select the domain typeàSave:

  1. Authoritative: – An organization may have more than one SMTP domain. The set of email domains for an organization are the authoritative domains. an accepted domain is considered authoritative when the Exchange organization hosts mailboxes for recipients in this SMTP domain

The default accepted domain is the fully qualified domain name (FQDN) of a forest root domain. Usually, the internal domain name differs from the external domain name. Like in my case, internal domain name is MSExchangeGuru1.Local, while the external domain name is the DNS mail exchanger (MX) record for the organization references is the SMTP namespace that is assign to users when we create an email address policy. We need to create an accepted domain to match to the external domain name.

  1. Internal Relay: – In an internal relay accepted domain, Exchange server of the company hosts some mailboxes and rest are hosted outside. This is useful when there is a shared SMTP domain between two organizations where few mailboxes exist in one company and rest on other server. When internal relay is configured, exchange server will try to find mailbox in existing Exchange network first and if it doesn’t find it will forward to another organization using configured send connectors.
  1. External Relay: – In an external relay accepted domain, Exchange server of the company accepts emails for non-authoritative domains and forwards them to authoritative mail servers via send connector. When
    external relay accepted domain is configured, one exchange organization (which doesn’t host mailboxes on it but relay emails to external SMTP servers) will be a SMTP server for other organization.

Once done we can find the Accepted Domains as below under EAC:

Using PowerShell commands we can find the Accepted domain details as below:

To get all accepted Domains in the organization:

To find the details of a particular Accepted Domain:

Accepted domains and email address policies

It’s essential to configure an accepted domain earlier to the SMTP address space can be used in an email address policy. When an accepted domain is created, one can use a wildcard character (*) in the address space to specify that all subdomains of the SMTP address space are similarly accepted by the Exchange organization.

Example: In order to configure and all its subdomains as accepted domains, enter * as the SMTP addresses space and the accepted domain entries will be available to use in the email address policy automatically. When an accepted domain id deleted which is used in an email address policy, the policy will not be valid and the recipients by that email addresses in that SMTP domain will be unable to send/receive emails.

Ratish Nair

Microsoft MVP | Exchange Server

Team @MSExchangeGuru

Leave a Reply




Do NOT follow this link or you will be banned from the site!