Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET
Exchange Server

Defining an Exchange 2007 E-Mail Address Policy, Part 1

As we all know, Exchange Server 2007 is a lot different from previous versions of Exchange.  One of the changes that Microsoft made in creating Exchange Server 2007 was to get rid of the Recipient Update Service.  In case you’re not familiar with the Recipient Update Service, it was the mechanism responsible for stamping e-mail addresses onto Active Directory objects.  As you may know, the Recipient Update Service didn’t always behave as anticipated, and sometimes the result long delay before user accounts would be assigned an e-mail address.

In Exchange Server 2007, the Recipient Update Service has been replaced by a new synchronous process that assigns e-mail addresses to Active Directory accounts immediately via the EmailAddressPolicy command.  Of course one of the side effects to this change is that the method for creating a new e-mail address policy has changed.  The process is still simple, and straight forward, but it is quite a bit different from the process used in Exchange Server 2003.

Accepted Domains

Before you can create an e-mail address policy, you must first define at least one excepted domain.  Accepted domains are generally domains for which the Exchange organization should be authoritative for.  In some cases though, an accepted domain can be a domain in a different Active Directory forest within the organization, or an external domain.

Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

When you deploy the first hub transport server in your Exchange Server organization, Exchange configures the forest root domain as an accepted domain by default.  This works fine if your internal and external domain names match, but it causes problems if you use separate domain names.  For example, in my organization my production network uses an internal domain name of  However, my external domain name is By default, Exchange is aware of the domain, but not of the domain name.

Creating a New Accepted Domain

Creating a new accepted domain is a simple, but essential process. To do so, open the Exchange Management Console and navigate through the console tree to Organization Configuration | Hub Transport. Now, click the New Accepted Domain link, found in the console’s Actions pane. When you do, you will be taken to the screen shown in Figure A. As you can see, you must enter a name for the new domain, and the accepted domain name. Generally, these can be one in the same. You must also specify whether the new domain is an authoritative domain, an internal relay domain, or an external relay domain. When you are done, click the New button, and the new accepted domain will be added to the Accepted Domains tab, as shown in Figure B.

Figure A You must enter a display name and the name of the new accepted domain.

Figure B The new accepted domain appears on the Accepted Domains tab.

An Alternative Method for Defining an Accepted Domain

In case you are wondering, you can use the Exchange Management Shell to define an accepted domain. The command that you would use for doing so is:

​New-AcceptedDomain –Name “” –DomainName “” –DomainType “Authoritative”

As you can see, the New-AcceptedDomain command shown above uses the exact same parameters as the New Accepted Domain Wizard does. Simply use the –Name and the –DomainName parameters to supply the display name and the domain name respectively. Notice in the command above that the actual display name and display name are enclosed in quotation marks.

In this particular case, I have set the domain type to Authoritative. However, I could have specified InternalRelay or ExternalRelay instead as a way of defining an internal or an external relay domain.

As you can see, the New-AcceptedDomain command is one of the easier Exchange Management Shell commands to use. Even so, some people seem to have a mental block when it comes to performing actions from the command line. If you need additional help with the New-AcceptedDomain command, you can enter the following command into the Exchange Management Shell to get the command’s full syntax:

​Help New-AcceptedDomain


In this article, I have explained that defining an accepted domain is a prerequisite to creating an E-mail address policy. I have also walked you through the process of creating an accepted domain. In Part 2, I will conclude the series by showing you how to create an E-mail address policy.

Got a question? Post it on our Exchange Server Forums!

Related Topics:

Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: