How to configure a shared e-mail namespace between Exchange 2003 and Exchange 2010

In this post we will configure a shared namespace between an Exchange 2003 and an Exchange 2010 platforms.

Part 1 – The Environment:

The LAB has two forests, one with an Exchange 2003 org and the other with an Exchange 2010 org.

The shared namespace will be myitlab.com

The Exchange 2003 infrastructure:

Exc2k3.sporting.local

172.16.88.2/24

Exchange Org: SportingORG

The Exchange 2010 infrastructure:

Exc2k10.resource.benfica.local

172.16.88.53/24

Exchange org: BenficaEXC

Part 2 – How To

So first thing is to confirm that both orgs have the same namespace.

On Exchange 2003 the address policy is:

Also on Exchange 2003 here we have one user addresses as an example:

Now the e-mail address policy and the accepted domains on Exchange 2010:

The user addresses on Exchange 2010:

Now let’s test and send some e-mails.

Let’s try and send an e-mail from a user on 2003 to a user on 2010. This test is from user1@myitlab.com to newuser1@myitlab.com

And the result was:

Undeliverable mail. The reason: The e-mail account does not exist at the organization this message was sent to.  Check the e-mail address, or contact the recipient directly to find out the correct address.

Why does this happen? Well because the myitlab.com domain is configured on Exchange 2003 as authoritative. Let’s then solve this issue for the 2003 organization first, and then go on to the 2010 Organization.

First thing you need to do is to configure the e-mail domain on 2003 not to be authoritative.

Open Exchange 2003 System Manager.

Go to Recipients -> Recipient Policies

Right click on your default recipient policy and choose properties.

Go to the e-mail address policies tab, choose the domain you want to share and click remove.

In my case I will choose sporting.local to be the primary address on the default address policy and remove myitlab.com. If you don’t have a .local address you might create one.

It does not need to have DNS resolution over the Internet so all you have to do is create a domain in the xpto.local or xpto.dummy format.

The Sporting.local should have checked the “This organization is responsible for all mail delivery to this address”.

Now let’s create a second and new e-mail address policy for the domain we want to share.

Click New -> Recipient Policy

Choose e-mail addresses and click OK.

On the first tab click modify and click ok.

On the Email Addresses tab click New and add the shared domain.

Uncheck the “This Exchange Organization is responsible for all mail delivery for this address” box. And click apply.

Then set the shared domain as primary and click Ok.

The second thing to do is to create a send connector, specific to that domain name, pointing to the destination e-mail platform, in our case, our Exchange 2010 organization.

In Exchange 2003 System Manager, go to Connectors and right click to create a new SMTP Connector.

On the first tab, choose a name to the connector, one of your Exchange 2003 as local bridgehead, and the IP address of the destination Exchange on the “Forward all mail trough this connector to the following smart hosts” option.

On the namespace tab, click on add, choose SMTP and enter the domain name you are sharing.

Click apply and OK.

On the Address Space Tab check the box “Allow Messages to be relayed to this Domain”. This will allow the 2003 bridgehead server to also relay messages locally for the domain myitlab.com.

The connector is now created.

The Last thing to do is to allow Exchange 2010 receive connector to receive anonymous messages from the Exchange 2003.

So logon to the destination e-mail server and Open the Exchange 2010 Management Console.

Go to Server configuration -> Hub Transport

Double click your default receive connector and go to the Permission Groups tab.

Check the box Anonymous Users and apply the changes.

Note: If you do not wish to give anonymous permissions on your default receive connector, you can create a new one, bind it to the IP address of the Exchange 2003 and configure it to accepted anonymous connections.

So now the shared namespace should be working for users on the Exchange 2003. Let’s test.

Test e-mail from user1@myitlab.com to newuser1@myitlab.com (Exchange 2003 or to Exchange 2010 org)

And when I logon to the newuser1 mailbox on the other domain

WORKING!!! 🙂

Now let’s configure Exchange 2010 to be able to send e-mails to exchange 2003 users with the same namespace. As you can see below on the error e-mail it’s not working from 2010 to 2003 and configurations need to be done also on the 2010.

So the first thing to do on Exchange 2010 is to configure the accepted domain.

Within the Exchange Management Console, go to Organization Configuration -> Hub Transport. Click on the Accepted Domains tab. Go to myitlab.com properties. Change the domain to Internal Relay Domain.

The next thing to do is to create a send connector to that specific namespace, pointing to Exchange 2003.

Go to Organization Configuration -> Hub Transport. Click on the Send Connectors Tab and click new send connector on the right hand pane.

Choose a name for the connector and click Next.

On the address space, click add and add the shared namespace. Click next.

On the network settings, choose “Route Mail through the following smart hosts” and add the IP address of the Exchange 2003 server of the other organization.

On the authentication choose none. Make sure that your Hub transport server is scoped to this connector and click new to create the connector.

Finally the last thing to do is to allow the Exchange 2010 Hub transport server to relay on the Exchange 2003.

Go to the Exchange 2003 System Manager. Choose Servers -> Server Name -> Protocols -> SMTP and right click on Default SMTP virtual server to go to properties.

Go to Access tab and click on Relay. Add there the IP address of Exchange 2010.

Also click Authentication on Access tab to make sure that anonymous authentication is allowed.

Finally let’s test.

Email from user on 2003 user1@myitlab.com to user2@myitlab.com also on 2003 and to newuser1@myitlab.com on 2010.

User2 on 2003 got the e-mail!!

Newuser1 on 2010 also got the e-mail!!!

And the reply to test 2010 to 2003 mail flow for the shared namespace!!

Job done!! Feel free to comment or ask questions 🙂

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s