Monday, October 13, 2008

Hosting Multiple Domains on SBS 2008/Exchange 2007

[This post comes courtesy of Adam DePue]

A long time ago, in a version far far away, I blogged how to have Exchange 2003, on SBS 2003 answer for multiple domain names in this blog post (along with 3 other parts for across SBS 2003). For all 4 of blog posts, the idea is still the same, except the steps and UI may have changed.  Since I’ve already we’ve already seen people asking how to have Exchange host multiple domains with SBS 2008, I thought I’d blog it.  Adam beat me to building and testing the steps, so this post comes from him!

So, to set up your primary domain name, please do run the Internet Address Management Wizard.

To set up your secondary (and more) domain, follow these steps:

  1. Click Start and point to All Programs and click on Microsoft Exchange Server 2007 and then launch the Exchange Management Console.
  2. Expand Organization Configuration and select Hub Transport.
  3. On the right, under Actions, click on New Accepted Domain …, and wait for the wizard to pop-up
    1. In the Name field, enter a friendly name, like Contoso Email
    2. Accepted Domain field, enter the domain name you’d want to appear after the “@” in the email, e.g.. contoso.com
    3. Finally, leave setting set to Authoritative Domain.
    4. Click New to create the new domain name, and then Finish once it’s done processing.
  4. On the right, under Actions, now click on New E-Mail Address Policy …, and wait for the wizard to pop-up
    1. Enter a friendly name, like Contoso Email Policy, leave the default as All recipient types, and click Next.
    2. Ensure no extra conditions are applied and click Next.
    3. Click Add… to add a new E-mail address format
      1. Ensure E-mail address local part is checked, and use alias is selected.
      2. Specify a custom fully qualified domain name (FQDN) for e-mail address should read the same as the domain name you’re adding from above.  Here is a screenshot: image
      3. Note: double check the use alias, as it could change by specifying a FQDN, then click OK.
    4. On the Schedule page, ensure Immediately is selected and click Next.
    5. Click New to execute the policy, and then Finish once it’s applied.

Important: Any new domain you set up becomes primary (what users send-as), so you’ll have to use the steps below to update which one should be primary.

At this point, provided your Internet DNS MX addresses for both domain names are pointed to the WAN IP of the SBS network (typically the WAN IP of the router, or ISA firewall), you will now receive email for both domain names.  By default, the new domain you added will be the primary domain name, and the domain everyone sends as.

One important thing to note is that the SBS console will only show the primary domain name in the console.  If you want to switch which domain is primary, you can do that too:

  1. Open up the Exchange Management Console again and expand Organization Configuration, and select Hub Transport.
  2. Right-click on the policy for the address you want to be primary, and click on Change Priority, and change it to “1” (without the quotes), and click OK.  Exchange will adjust the priorities on the other policies automatically.

One final thing to note, is that if you’re primary domain name is automatically managed by a domain name provider, we will only keep the primary domain IP address up to date with the domain name provider.  So if you are on a Dynamic IP, and rely on the Dynamic DNS client included with SBS 2008, you may want to consider some DNS configuration that keys off the “A Record” of the primary domain name, as that’s the only one we adjust.


24 comments:

Anonymous said...

Great info. However in doing this a couple days ago, I found that in creating the new email policy, it made that new email address the default by changing the priority to 1 for that policy without asking me.
So for a half day I was sending mail from the "new" email address.

Just a heads up...no a biggie to change back...

Sean Daniel said...

Thanks, I tried to get that across, but apparently have failed. I updated the post with a red -important- note. Hopefully that helps clear things up.

Thanks Cris!

Gordon Mankelow said...

Just the sort of info I was looking for. Thanks Quick question, is there any way for the user to be able to choose which address they send from.

Sean Daniel said...

Exchange is designed to send as the primary domain and accept as all the other domains. So it's not designed how to do this,

there is some discussion on if this is possible on the One Way to "Send As" using Multiple Domains post, and the original 2003 Hosting Multiple Domains on SBS 2003 post. The discussions on those two posts might be able to help you.

Anonymous said...

Thanks for the info on hosting multiple domains. In SBS2003 you could add all the domains you want, then make any one the primary for any user (as long as you turned off the 'automatically update email based on recipient policy' box).

This was done from the "email address" tab in AD which is magically missing in SBS2008.

Any info on how to set the primary email address would be greatly appreciated. The 2003 article from 5/2005 doesn't seem to be appropriate.

Sean Daniel said...

I believe you just un-check update from recipient policy, and then select the one you want to be primary, and say "Make Primary"

John McNickname said...

Excellent, I spent the entire day trying to find this and everything I came across was assuming a large scale Exchange environment with Edge Transport servers, ISA firewalls, crazy configurations. This is great, thanks a million for this.

Sean Daniel said...

My pleasure.. glad it helped.

Anonymous said...

I followed the instructions, everything seems tobe right but somehow when I send an email from my personal email to the second domain email user , I get the follwing error

relevant MX records point to non-existent hosts.

Am I supposed to add a new zone and MX record on the SBS2008 server.

My books says exactly the same thing as you, but no DNS changes

Sean Daniel said...

The records you need to create are called out on the The Official SBS Blog

Anonymous said...

Thanks for the info. I did all this and can send email from the server, but I cannot send to the new domain. I get the error:


550
5.7.1 Unable to relay (in reply to RCPT TO command)


Any help would be appreciated. :-)

Anonymous said...

This works just fine, but it does not explain how you add the second domains trusted certificate without removing the primary domain's certificate.

Ie. I have a client who has started thier business with one domain and now they have changed their company name and use a new domain. The catch is they want to receive email from both domains and have secure certificates installed on the SBS 2008.

Mr.E said...

Thanks for the great, detailed article -- Your postings are 2nd to none.

Got the 2nd domain working OK and did not have the problem with the 2nd domain becoming the default address. The problem I have is that the new E-mail address policy does not get applied to existing or new accounts. I have to go to their mailbox in Exchange Mgmt Console to add the 2nd domain to their E-mail addresses and select their default address. Infact, in trying to debug it I walked through an edit of the standard "Windows SBS Email Address Policy" which rebuild the policy -- I didn't change anything during the walk through, but now when I creat a new user the @.local address is no longer added to the account and the Welcome E-mail cannot be sent to the new user account.

Any suggestions how to fix the standard E-mail policy as well as the 2nd E-mail policy?

Anonymous said...

Good staff thank you very much. You make IT worth

skyshrouder said...

This is just amazing. Thank you for posting this. We also are still using the old version of SBS and I was having difficulty configuring it to host multiple domains.

from a grateful: white label seo company.

M. Ahmed said...

I needed go to each user and add a new SMTP email address before the policy applied.

Anonymous said...

Excellent work sir. process worked flawlessly for me. thanks

Anonymous said...

I can send but not recieve
550 #5.1.0 Address rejected

Daniel B said...

Thanks for the post. Very helpful.

Anonymous said...

thank you so much for the accurate and clear information.

Anonymous said...

Thank you for this! I am about to embark on this journey--I am wondering how, or if this effects the SharePoint services?

Thank you,

dp

Sean Daniel said...

This post only affects Exchange. There is another post that affects SharePoint, but I only wrote it for 2003, the concepts still apply though.

Anonymous said...

Hello ,
does this affect the primary domain at all ??
i need to create a second domain just a different mail .
I have users that need to send from another mail address .

thanks

Sean Daniel said...

No, it doesn't affect the primary domain. however, please note that this is only for receiving on seperate domain, not actually sending on a seperate domain, unless you set up the specific user to use the other domain. Exchange only allows you to send on one domain