Solved

exchange 2003 hosting multiple domains

Posted on 2004-03-31
5
1,525 Views
Last Modified: 2010-03-05
My exchange 2003 server is working fine. I now have to host another domain on this server. The MX record for this second domain points to a different IP. i.e domainA.com = 64.3.3.1 domainB.com =64.3.3.2 We own the IP's I have setup my firewall to for 1 to 1 NAT for the 64.3.3.1 and configured my exchange server with another private ip address of 192.168.1.2. I have also created a recipient policy with the new domain name and applied the policy to the users who need it, and i checked the box "this organization is responsible for" I then went to my default SMTP server, clicked the advanced tab, and added in the private ip 192.168.1.2 so it would listen on it.

When i try and send an email to  user@domainB.com from an outside account I get a return message that says


Final-Recipient: RFC822; <user@domainB.com >
Action: failed
Status: 5.1.1
 (64.3.3.2)
Diagnostic-Code: smtp; 550 5.7.1 Unable to relay for user@domainB.com

Am I on the right track here or way off?


0
Comment
Question by:kjman
  • 2
  • 2
5 Comments
 
LVL 2

Expert Comment

by:timiano
ID: 10723428
Make sure that once you have created the policy, you right click on it and choose to apply this policy now, and hit yes, to apply now.

Might be one thing

Timiano
0
 

Author Comment

by:kjman
ID: 10723698
Yea I did that, but still no luck. Am i on the right track here?
0
 
LVL 20

Expert Comment

by:ikm7176
ID: 10724784
you should point your MX record for DomainB to the same IP address as DomainA.

i.e DomainA-->  MX record= 64.3.3.1 and
     DomainB---> MX record = 64.3.3.1.

Since your exchange server is having 1 to 1 NAT with firewall. the mail for user@domainA.com is arriving to the IP address 64.3.3.1 and then passed on to your exchange server (NAT rule). But the mail for user@domainB.com is arriving at IP address 64.3.3.2 and ending up nowhere as your exchange is having 1 to 1 mapping with IP address 64.3.3.1
test your DNS report and MAIL test at  http://www.dnsreport.com
So change the MX record for domainB to IP address 64.3.3.1. to allow the the e-mail flow.
change of MX record will take 48 hours to propogate to all the public DNS servers.

Hope this solves your problem .

Also check http://support.microsoft.com/default.aspx?scid=kb;EN-US;318635 for server configuration
0
 

Author Comment

by:kjman
ID: 10725195
But the mail for user@domainB.com is arriving at IP address 64.3.3.2 and ending up nowhere as your exchange is having 1 to 1 mapping with IP address 64.3.3.1

Well I created a separate 1 to 1 NAT rule for 64.3.3.2 to map to 192.168.1.2 so this would mean that I have two 1 to 1 NAT rules configured. one for 64.3.3.1 maping to 192.168.1.1 and one for 64.3.3.2 maping to 192.168.1.2. With this in place I can send emails to user@domainA.com no sweat, and i know that the second 1 to 1 NAT rule on the firewall is setup correctly because when i send an email to user@domainB.com I get a unable to realy message bounced back to me. This tells me that the port 25 is open on the firewall for 64.3.3.1 but its exchagne that doesnt like domainB.com

You are right though about making both domains MX records point to the same IP address, and i have done that. I think this will make things a bit less complicted, and easy to understand.

Skip
0
 
LVL 2

Accepted Solution

by:
timiano earned 500 total points
ID: 10725791
Its almost certainly the recipient update service not adding the policy....I'm confused!, but then I suppose you are too :-)

Go into AD users and computers and check that the user you are sending to has that domain listed as one of its proxy addresses.  If not, go back into the policy and make sure the tick is in the box, and make sure you haven't got some funky ldap filter on it.

Timiano
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now