locked
Exch2007 Internal NDR forwards to smart host RRS feed

  • Question

  • We recently replaced our smart host appliances that handle outbound mail. Since the change, undeliverable internal e-mail (i.e.- deleted mailox, incorrect address)is being sent to the smart host appliances instead of back to the sender. They are then stuck in a queue until someone deals with them. I found an article suggesting setting "Set-AcceptedDomain -AddressBookEnabled $true". Running this command resulted in a message that it was already set this way. Message tracking results show a Send event from the Hub Transport server to the smart host with a recipient status of 250 2.1.5 Recipient ok. Any suggestions would be greatly appreciated.
    Monday, August 22, 2011 4:41 PM

Answers

  • On Tue, 23 Aug 2011 16:53:55 +0000, Hard2FindAFreeID wrote:
     
    >Thanks again. I understand what you've explained and will test it out soon to ensure it doesn't cause other issues in the environment. One other variable i'd like to confirm - we have about 6 other accepted domains configured for aliases setup in the system. Do they all need to be made Authoritative or does the default domain cover them all for this operation? Darryl
     
    If the domains are used solely by your Exchange organization and you
    don't want messages with unknown addresses within those domains to be
    sent to a smart host for resolution then, yes, those domains should
    also be authoritative.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    • Marked as answer by Evan Liu Wednesday, September 7, 2011 10:05 AM
    Wednesday, August 24, 2011 12:53 AM
  • Hi Hard2FindAFreeID,

     

    Here is a related document for you, hope can give you some help:

     

    Managing Accepted Domains

    http://technet.microsoft.com/en-us/library/bb124423(EXCHG.80).aspx

     

    Thanks,

     

    Evan Liu

     

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com  

    • Marked as answer by Evan Liu Wednesday, September 7, 2011 10:05 AM
    Wednesday, August 24, 2011 5:19 AM

All replies

  • On Mon, 22 Aug 2011 16:41:49 +0000, Hard2FindAFreeID wrote:
     
    >We recently replaced our smart host appliances that handle outbound mail. Since the change, undeliverable internal e-mail (i.e.- deleted mailox, incorrect address)is being sent to the smart host appliances instead of back to the sender. They are then stuck in a queue until someone deals with them. I found an article suggesting setting "Set-AcceptedDomain -AddressBookEnabled $true". Running this command resulted in a message that it was already set this way. Message tracking results show a Send event from the Hub Transport server to the smart host with a recipient status of 250 2.1.5 Recipient ok. Any suggestions would be greatly appreciated.
     
    Was (or is) your organization configured to send e-mail to the smart
    host if it couldn't be delivered to a local mailbox? That is the
    definition of what a smart host does. Your domain should be sonfigured
    as "Authoritative", not as a relay domain.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    • Proposed as answer by Evan Liu Tuesday, August 23, 2011 7:22 AM
    Monday, August 22, 2011 9:55 PM
  • Thanks for your response Rich. Everything is set to Internal Relay, but it was the same with the old appliances. The smart host appliances are content/virus filtering devices that take the place of the Edge server. I was actually looking for something in Exchange that recognized that the domain was internal, and didn't try send the mail beyond the internal system. Thought maybe I had missed something.
    Tuesday, August 23, 2011 12:19 PM
  • On Tue, 23 Aug 2011 12:19:17 +0000, Hard2FindAFreeID wrote:
     
    >Thanks for your response Rich. Everything is set to Internal Relay, but it was the same with the old appliances.
     
    Why are you sending e-mail for unknown addresses in your domain to
    those machines? Do you share your domain name-space with some other
    organization? If your servers are authoritative for your domain then
    the domain should be set to "Authoritative".
     
    >The smart host appliances are content/virus filtering devices that take the place of the Edge server.
     
    That's okay. The Send Connector should have an "Address Space" of "*"
    and your domain (in the "Accepted Domains") should be authoritative.
    No e-mail sent from your servers to your domain should be leaving your
    Exchange organization.
     
    >I was actually looking for something in Exchange that recognized that the domain was internal, and didn't try send the mail beyond the internal system. Thought maybe I had missed something.
     
    Yes, you have -- in "Accepted Domains" your domain is not marked as
    "Authoritative". That means that any unknown addresses in your
    domain's namespace, sent from within your organization, will be sent
    to those appliances.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Tuesday, August 23, 2011 2:25 PM
  • Thanks again. I understand what you've explained and will test it out soon to ensure it doesn't cause other issues in the environment. One other variable i'd like to confirm - we have about 6 other accepted domains configured for aliases setup in the system. Do they all need to be made Authoritative or does the default domain cover them all for this operation? Darryl
    Tuesday, August 23, 2011 4:53 PM
  • On Tue, 23 Aug 2011 16:53:55 +0000, Hard2FindAFreeID wrote:
     
    >Thanks again. I understand what you've explained and will test it out soon to ensure it doesn't cause other issues in the environment. One other variable i'd like to confirm - we have about 6 other accepted domains configured for aliases setup in the system. Do they all need to be made Authoritative or does the default domain cover them all for this operation? Darryl
     
    If the domains are used solely by your Exchange organization and you
    don't want messages with unknown addresses within those domains to be
    sent to a smart host for resolution then, yes, those domains should
    also be authoritative.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    • Marked as answer by Evan Liu Wednesday, September 7, 2011 10:05 AM
    Wednesday, August 24, 2011 12:53 AM
  • Hi Hard2FindAFreeID,

     

    Here is a related document for you, hope can give you some help:

     

    Managing Accepted Domains

    http://technet.microsoft.com/en-us/library/bb124423(EXCHG.80).aspx

     

    Thanks,

     

    Evan Liu

     

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com  

    • Marked as answer by Evan Liu Wednesday, September 7, 2011 10:05 AM
    Wednesday, August 24, 2011 5:19 AM
  • Hi Hard2FindAFreeID

     

    How about the issue, any updates?

     

    Thanks,

     

    Evan Liu

     

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com  

    Friday, August 26, 2011 6:18 AM
  • Testing with an infrequently-used domain seems to prove this out. I now have to go though our Change Control process which may put implementation out another week. I'll post an update when that's complete. In the mean time, thanks to both of you for the assistance. Darryl
    Friday, August 26, 2011 11:14 AM
  • Hi Hard2FindFreeID,

     

    Any updates on this issue?

    Thanks,

     

    Evan Liu

     

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com  

    Tuesday, September 6, 2011 1:00 AM