none
Exchange 2013 - changing default authoritative domain from domain.com to *.domain.com

    Question

  • Team,

    help me out please. I need to change the existing authoritative domain from something.com to *.something.com - this is to block spam messages sent to us using @w.<random-entry>.something.com. Normally we blocked sending emails with 'from' value pointing to any of our authoritative domains, but since wildcard is not there then above messages get thru. As the domains are random I cannot really block them by listing all of them, so editing the default authoritative domain to *.something would rule them all out. But there is no such option with Exchange :( What am I missing?

    Thanks, Marcin


    Marcin Dobija | MCSE:Security | MCITP:DBA,EA,EMA,SA | MCDBA | MCTS:W2k8,E2k7,SQL2005,OCS,ISA,Vista | MCITP Dynamics:CRM4 | MS ITAC Member | VCP4

    Monday, March 21, 2016 10:25 PM

Answers

  • Hi Marcin,

    Base on my knowledge, you can't add the wildcard to an existed authoritative domain, however, if you want to remove this domain and re-add it with the wildcard, you must make sure the domain is not default domain and not be applied as an address policy, otherwise, you will get a error when removing the domain as below:

    As Ed recommended, you can try to use transport rule to block these spam messages, it could be an easier way.

    Best regards,


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Niko Cheng
    TechNet Community Support


    Tuesday, March 22, 2016 8:51 AM
    Moderator

All replies

  • Even if you could do it, that's not really going to help you.  Just pay the price and get an antispam server, appliance or cloud service.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Monday, March 21, 2016 10:38 PM
    Moderator
  • I'm not sure how this answers my question... Since it helped me to stop a lot of spam sent as my domain, then it would help here as well. So the question remains - how one can do that? If edit is not possible what are the implications of removing this domain and re-adding it with the wildcard? I assume any email address already associated with existing users will stay with them and after re-adding the domain they will still be working, right? Or not?

    Marcin Dobija | MCSE:Security | MCITP:DBA,EA,EMA,SA | MCDBA | MCTS:W2k8,E2k7,SQL2005,OCS,ISA,Vista | MCITP Dynamics:CRM4 | MS ITAC Member | VCP4

    Monday, March 21, 2016 10:47 PM
  • You could try blocking such messages with a transport rule that uses FromAddressMatchesPatterns.

    https://technet.microsoft.com/en-us/library/dd638183(v=exchg.160).aspx


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Monday, March 21, 2016 11:10 PM
    Moderator
  • Hi Marcin,

    Base on my knowledge, you can't add the wildcard to an existed authoritative domain, however, if you want to remove this domain and re-add it with the wildcard, you must make sure the domain is not default domain and not be applied as an address policy, otherwise, you will get a error when removing the domain as below:

    As Ed recommended, you can try to use transport rule to block these spam messages, it could be an easier way.

    Best regards,


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Niko Cheng
    TechNet Community Support


    Tuesday, March 22, 2016 8:51 AM
    Moderator
  • Thanks, I'm going to give it a try over the weekend, after full backup. Hope fully it will not mess things up when removed and re-added quickly.

    Marcin Dobija | MCSE:Security | MCITP:DBA,EA,EMA,SA | MCDBA | MCTS:W2k8,E2k7,SQL2005,OCS,ISA,Vista | MCITP Dynamics:CRM4 | MS ITAC Member | VCP4

    Wednesday, March 23, 2016 8:44 AM
  • Did it work?

    Staple Bench Computers

    Friday, February 24, 2017 6:50 AM