Discussion:
REPOST - Allowing inbound secondary smtp address results in Unable to relay for user@domain2.com
(too old to reply)
FastEddie
2005-04-14 12:44:24 UTC
Permalink
I adding another Recipient Policy called "Inbound Domains" and added about
20 domains to it. The check box is selected where it says "This Exchange
Organization is responsible for all mail delivery to this address." But the
check box next to "smtp" and then @domain2.com is not selected. Went into
Recipient Update Service and selected Rebuild. Waited over night, and tested
sending an email to one of my secondary smtp proxy addresses in my AD
account by telneting into the exchange server and I still get the "550 5.7.1
Unable to relay for ***@domain2.com"

Please help!! I am running out of options here...

-FastEddie
I have posted this a few times and have not gotten an answer that works.
I have 3 exchange 5.5 sites in one Organization. One site has Exchange
2003.
The other sites are NT4 with 5.5 servers and a trust relationship.
Some mailboxes in one exchange 5.5 site has secondary email addresses
@domain1.com but their primary SMTP email address is @domain.com
If I have mail coming inbound to the exchange 2003 server, it will not
Then something else is wrong.
I have added these domains to the default recipient Policy and it has not
fixed it. I assume if I check the box, in the recipient policy, it will add
the address for to all recipients (correct?) which I do not want.
There's no need to have the addresses assigned to any objects by the
RUS. Simply having the address in the recipient policy should be
enough. But I wouldn't modify the default policy, I'd create another
policy, add the domains to that policy, and leave the LDAP filter
blank. You can check the boxes, if you like -- with an empty LDAP
filter they won't be assigned to anything.
by the way, each 5.5 site has created recipient policies with higher
prorities than the default policy.
That's normal.
Please help, this is stopping email from coming in for some users.
Have you restarted the System Attendant service? The information in
the recipient policies must be transferred to the metabase file for
the SMTP server to accept mail for the new domains. It doesn't sound
like that's happening.
--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm
Tom Felts
2005-04-14 12:55:28 UTC
Permalink
I think you need to uncheck the box "This Exchange
Organization is responsible for all mail delivery to this address" for the
domain you want to be able to forward to.
See http://support.microsoft.com/?kbid=895853
section on
Domains that are shared between your Exchange organization and another SMTP
server
I adding another Recipient Policy called "Inbound Domains" and added about
20 domains to it. The check box is selected where it says "This Exchange
Organization is responsible for all mail delivery to this address." But the
Recipient Update Service and selected Rebuild. Waited over night, and tested
sending an email to one of my secondary smtp proxy addresses in my AD
account by telneting into the exchange server and I still get the "550 5.7.1
Please help!! I am running out of options here...
-FastEddie
I have posted this a few times and have not gotten an answer that works.
I have 3 exchange 5.5 sites in one Organization. One site has Exchange
2003.
The other sites are NT4 with 5.5 servers and a trust relationship.
Some mailboxes in one exchange 5.5 site has secondary email addresses
@domain1.com but their primary SMTP email address is @domain.com
If I have mail coming inbound to the exchange 2003 server, it will not
Then something else is wrong.
I have added these domains to the default recipient Policy and it has not
fixed it. I assume if I check the box, in the recipient policy, it will add
the address for to all recipients (correct?) which I do not want.
There's no need to have the addresses assigned to any objects by the
RUS. Simply having the address in the recipient policy should be
enough. But I wouldn't modify the default policy, I'd create another
policy, add the domains to that policy, and leave the LDAP filter
blank. You can check the boxes, if you like -- with an empty LDAP
filter they won't be assigned to anything.
by the way, each 5.5 site has created recipient policies with higher
prorities than the default policy.
That's normal.
Please help, this is stopping email from coming in for some users.
Have you restarted the System Attendant service? The information in
the recipient policies must be transferred to the metabase file for
the SMTP server to accept mail for the new domains. It doesn't sound
like that's happening.
--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm
FastEddie
2005-04-14 15:56:40 UTC
Permalink
Tom,

They ARE NOT being forwarded. They are secondary smtp addresses on accounts
in AD and also addresses on other 5.5 mailboxes as secondaries and
primaries.

Please re-read my post as it describes that these addresses are secondary
smtp proxy addresses on my AD account.

More help is appriciated.

-FastEddie
Post by Tom Felts
I think you need to uncheck the box "This Exchange
Organization is responsible for all mail delivery to this address" for
the domain you want to be able to forward to.
See http://support.microsoft.com/?kbid=895853
section on
Domains that are shared between your Exchange organization and another
SMTP server
I adding another Recipient Policy called "Inbound Domains" and added about
20 domains to it. The check box is selected where it says "This Exchange
Organization is responsible for all mail delivery to this address." But the
Recipient Update Service and selected Rebuild. Waited over night, and tested
sending an email to one of my secondary smtp proxy addresses in my AD
account by telneting into the exchange server and I still get the "550 5.7.1
Please help!! I am running out of options here...
-FastEddie
I have posted this a few times and have not gotten an answer that works.
I have 3 exchange 5.5 sites in one Organization. One site has Exchange
2003.
The other sites are NT4 with 5.5 servers and a trust relationship.
Some mailboxes in one exchange 5.5 site has secondary email addresses
@domain1.com but their primary SMTP email address is @domain.com
If I have mail coming inbound to the exchange 2003 server, it will not
Then something else is wrong.
I have added these domains to the default recipient Policy and it has not
fixed it. I assume if I check the box, in the recipient policy, it will add
the address for to all recipients (correct?) which I do not want.
There's no need to have the addresses assigned to any objects by the
RUS. Simply having the address in the recipient policy should be
enough. But I wouldn't modify the default policy, I'd create another
policy, add the domains to that policy, and leave the LDAP filter
blank. You can check the boxes, if you like -- with an empty LDAP
filter they won't be assigned to anything.
by the way, each 5.5 site has created recipient policies with higher
prorities than the default policy.
That's normal.
Please help, this is stopping email from coming in for some users.
Have you restarted the System Attendant service? The information in
the recipient policies must be transferred to the metabase file for
the SMTP server to accept mail for the new domains. It doesn't sound
like that's happening.
--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm
Peter Johnson
2005-04-14 18:09:30 UTC
Permalink
Is the RUS actually running?? Are the mailboxes being stamped with the new
e-mail address? I've done this and it works 100%.
Post by FastEddie
Tom,
They ARE NOT being forwarded. They are secondary smtp addresses on
accounts in AD and also addresses on other 5.5 mailboxes as secondaries
and primaries.
Please re-read my post as it describes that these addresses are secondary
smtp proxy addresses on my AD account.
More help is appriciated.
-FastEddie
Post by Tom Felts
I think you need to uncheck the box "This Exchange
Organization is responsible for all mail delivery to this address" for
the domain you want to be able to forward to.
See http://support.microsoft.com/?kbid=895853
section on
Domains that are shared between your Exchange organization and another
SMTP server
I adding another Recipient Policy called "Inbound Domains" and added about
20 domains to it. The check box is selected where it says "This Exchange
Organization is responsible for all mail delivery to this address." But the
Recipient Update Service and selected Rebuild. Waited over night, and tested
sending an email to one of my secondary smtp proxy addresses in my AD
account by telneting into the exchange server and I still get the "550 5.7.1
Please help!! I am running out of options here...
-FastEddie
I have posted this a few times and have not gotten an answer that works.
I have 3 exchange 5.5 sites in one Organization. One site has Exchange
2003.
The other sites are NT4 with 5.5 servers and a trust relationship.
Some mailboxes in one exchange 5.5 site has secondary email addresses
@domain1.com but their primary SMTP email address is @domain.com
If I have mail coming inbound to the exchange 2003 server, it will not
Then something else is wrong.
I have added these domains to the default recipient Policy and it has not
fixed it. I assume if I check the box, in the recipient policy, it will add
the address for to all recipients (correct?) which I do not want.
There's no need to have the addresses assigned to any objects by the
RUS. Simply having the address in the recipient policy should be
enough. But I wouldn't modify the default policy, I'd create another
policy, add the domains to that policy, and leave the LDAP filter
blank. You can check the boxes, if you like -- with an empty LDAP
filter they won't be assigned to anything.
by the way, each 5.5 site has created recipient policies with higher
prorities than the default policy.
That's normal.
Please help, this is stopping email from coming in for some users.
Have you restarted the System Attendant service? The information in
the recipient policies must be transferred to the metabase file for
the SMTP server to accept mail for the new domains. It doesn't sound
like that's happening.
--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm
FastEddie
2005-04-14 19:06:12 UTC
Permalink
I did not check the box to add the addresses to the mailboxes. I DO NOT want
every mailbox to be stamped with the additional addresses. There are
mailboxes that already have addresses added manually (Prior to Exchange
2003) as either their default SMTP address or an additional SMTP address.
The additional Recipient Policy with the additional domains should allow the
Default SMTP Virtual Server to allow the domains inbound.

-FastEddie
Post by Peter Johnson
Is the RUS actually running?? Are the mailboxes being stamped with the new
e-mail address? I've done this and it works 100%.
Post by FastEddie
Tom,
They ARE NOT being forwarded. They are secondary smtp addresses on
accounts in AD and also addresses on other 5.5 mailboxes as secondaries
and primaries.
Please re-read my post as it describes that these addresses are secondary
smtp proxy addresses on my AD account.
More help is appriciated.
-FastEddie
Post by Tom Felts
I think you need to uncheck the box "This Exchange
Organization is responsible for all mail delivery to this address" for
the domain you want to be able to forward to.
See http://support.microsoft.com/?kbid=895853
section on
Domains that are shared between your Exchange organization and another
SMTP server
I adding another Recipient Policy called "Inbound Domains" and added about
20 domains to it. The check box is selected where it says "This Exchange
Organization is responsible for all mail delivery to this address." But the
Recipient Update Service and selected Rebuild. Waited over night, and tested
sending an email to one of my secondary smtp proxy addresses in my AD
account by telneting into the exchange server and I still get the "550 5.7.1
Please help!! I am running out of options here...
-FastEddie
I have posted this a few times and have not gotten an answer that works.
I have 3 exchange 5.5 sites in one Organization. One site has Exchange
2003.
The other sites are NT4 with 5.5 servers and a trust relationship.
Some mailboxes in one exchange 5.5 site has secondary email addresses
@domain1.com but their primary SMTP email address is @domain.com
If I have mail coming inbound to the exchange 2003 server, it will not
Then something else is wrong.
I have added these domains to the default recipient Policy and it has not
fixed it. I assume if I check the box, in the recipient policy, it will add
the address for to all recipients (correct?) which I do not want.
There's no need to have the addresses assigned to any objects by the
RUS. Simply having the address in the recipient policy should be
enough. But I wouldn't modify the default policy, I'd create another
policy, add the domains to that policy, and leave the LDAP filter
blank. You can check the boxes, if you like -- with an empty LDAP
filter they won't be assigned to anything.
by the way, each 5.5 site has created recipient policies with higher
prorities than the default policy.
That's normal.
Please help, this is stopping email from coming in for some users.
Have you restarted the System Attendant service? The information in
the recipient policies must be transferred to the metabase file for
the SMTP server to accept mail for the new domains. It doesn't sound
like that's happening.
--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm
Rich Matheisen [MVP]
2005-04-15 00:43:36 UTC
Permalink
Post by FastEddie
I did not check the box to add the addresses to the mailboxes. I DO NOT want
every mailbox to be stamped with the additional addresses.
Then just leave the "Filter rules" empty on the policy's "General"
tab. The RUS won't apply the policy to anything.
--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm
FastEddie
2005-04-18 18:26:20 UTC
Permalink
Thanks Rich,

Still not working. It did work for a short while after I rebooted my 5.5
server and 2003 server, but still no go. Explained later in this post.

Here is the layout again. We have 3 Exchange 5.5 servers. They allow inbound
mail for about 20 additional domains through one IMC. They are listed as
<inbound>. Then we manually added the smtp addresses to each users mailbox.
Some domains are primary, some domains are both primary and secondary, and
some are ONLY secondary smtp addresses. Once we brought in Exchange 2003
into one of the sites, inbound email worked for all domains for a short
while. then quit. I had to move my inbound mail back to the 5.5 server to
keep inbound mail for ALL internal domains working.

I have tried the following for Recipient Policies:
Added additional domains like @domain.com and checked the box that says
"This Exchange Organization is resopnsible for all mail delivery to this
address". Tested (no go), rebuilt the RUS, tested (no go) removed the
domains from the Default Policy and created a new one and did the same
tests. All with bad results (cannot relay). I've also restarted the SA
throughout this process.

It did work for about 5 minutes after I added a new Policy called Inbound
Domains, added all the domains with the "This Exchange Organization is
resopnsible for all mail delivery to this address" unchecked, restarted the
SA, then rebuilt the RUS.

Don't forget, I am NOT checking the box to add the @domain.com to every mail
enabled user because the addresses exist in some mailboxes but not all and
we don't want to change anything, we just want inbound for those domains to
work.

Also, there is NO filter rules setup for the new policy called Inbound
Domains.

I think you may be right about having a damaged metabase file. How do I
check it and repair it?

My head is spinning...

Thanks Rich!!

~FastEddie
Post by Rich Matheisen [MVP]
Post by FastEddie
I did not check the box to add the addresses to the mailboxes. I DO NOT want
every mailbox to be stamped with the additional addresses.
Then just leave the "Filter rules" empty on the policy's "General"
tab. The RUS won't apply the policy to anything.
--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm
FastEddie
2005-04-15 12:19:52 UTC
Permalink
Ok... I got it fixed.

Interested in what I did... then read on...

I went back into my new Recipient Policy that I created and opened up each
E-Mail Addresses (Policy) and removed the check box that says "This Exchange
Organization is responsible for all mail delivery to this address" per
Microsoft Document provided by my Microsoft Support Personnel Jennifer A. on
another case. and Rich Matheisen's reply to my repost below.


In the KB article 321721 http://support.microsoft.com/?id=321721 it says
this:

Method 1: Sharing Selected SMTP Address Spaces
Exchange treats e-mail messages differently depending on whether Exchange is
authoritative or non-authoritative for a particular SMTP address space. To
view this setting: 1. Open the properties on a recipient policy, click the
Email Addresses tab, click an SMTP address, and then click Edit.
2. Examine the setting for the This Exchange Organization is
responsible for all mail delivery to this address check box. If this check
box is selected, Exchange is authoritative for the SMTP domain. If this
check box is not selected, Exchange is non-authoritative.
For additional information about authoritative and non-authoritative SMTP
domains in Exchange 2000, click the following article number to view the
article in the Microsoft Knowledge Base:
823158 Authoritative and non-authoritative domains in Exchange 2000 Server
and in Exchange Server 2003
Exchange must always be authoritative for the primary SMTP address (the one
in bold) on the default recipient policy. Otherwise, local mail flow may not
occur. When you share selected SMTP address spaces, a shared address space
is set as non-authoritative in Exchange. If the address space that you want
to share is not the primary address on the default recipient policy, click
to clear the This Exchange Organization is responsible for all mail delivery
to this address check box for that domain.

Then I rebuilt the RUS overnight and this morning and now it works!!
Special thanks to Rich Matheisen for his input and Jennifer A. for hitting
this one on the head on the first shot!!

Now I can continue on my exchange 2003 upgrade/migration!!

~FastEddie
Post by FastEddie
I did not check the box to add the addresses to the mailboxes. I DO NOT
want every mailbox to be stamped with the additional addresses. There are
mailboxes that already have addresses added manually (Prior to Exchange
2003) as either their default SMTP address or an additional SMTP address.
The additional Recipient Policy with the additional domains should allow
the Default SMTP Virtual Server to allow the domains inbound.
-FastEddie
Post by Peter Johnson
Is the RUS actually running?? Are the mailboxes being stamped with the
new e-mail address? I've done this and it works 100%.
Post by FastEddie
Tom,
They ARE NOT being forwarded. They are secondary smtp addresses on
accounts in AD and also addresses on other 5.5 mailboxes as secondaries
and primaries.
Please re-read my post as it describes that these addresses are
secondary smtp proxy addresses on my AD account.
More help is appriciated.
-FastEddie
Post by Tom Felts
I think you need to uncheck the box "This Exchange
Organization is responsible for all mail delivery to this address" for
the domain you want to be able to forward to.
See http://support.microsoft.com/?kbid=895853
section on
Domains that are shared between your Exchange organization and another
SMTP server
I adding another Recipient Policy called "Inbound Domains" and added about
20 domains to it. The check box is selected where it says "This Exchange
Organization is responsible for all mail delivery to this address." But the
Recipient Update Service and selected Rebuild. Waited over night, and tested
sending an email to one of my secondary smtp proxy addresses in my AD
account by telneting into the exchange server and I still get the "550 5.7.1
Please help!! I am running out of options here...
-FastEddie
I have posted this a few times and have not gotten an answer that works.
I have 3 exchange 5.5 sites in one Organization. One site has Exchange
2003.
The other sites are NT4 with 5.5 servers and a trust relationship.
Some mailboxes in one exchange 5.5 site has secondary email addresses
@domain1.com but their primary SMTP email address is @domain.com
If I have mail coming inbound to the exchange 2003 server, it will not
Then something else is wrong.
I have added these domains to the default recipient Policy and it has not
fixed it. I assume if I check the box, in the recipient policy, it will add
the address for to all recipients (correct?) which I do not want.
There's no need to have the addresses assigned to any objects by the
RUS. Simply having the address in the recipient policy should be
enough. But I wouldn't modify the default policy, I'd create another
policy, add the domains to that policy, and leave the LDAP filter
blank. You can check the boxes, if you like -- with an empty LDAP
filter they won't be assigned to anything.
by the way, each 5.5 site has created recipient policies with higher
prorities than the default policy.
That's normal.
Please help, this is stopping email from coming in for some users.
Have you restarted the System Attendant service? The information in
the recipient policies must be transferred to the metabase file for
the SMTP server to accept mail for the new domains. It doesn't sound
like that's happening.
--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm
Loading...