This is going to be long and drawn out, please take time to read carefully.
Some information is left out to protect the client/network.
Exchange server "A" Primary (bridge head) (global catalog here, dns etc)
8 servers at this location
Exchange server "B" Secondary (global catalog here, dns etc)
3 servers at this location
There is a fully functioning VPN between locations. Ad and DNS are fine as well as email.
Users account sits on Exchange server "B"
1. User from the "domain" sends email to email@example.com resolves and sends to Exchange server "A", email is then sent via forward connector in active directory (contact created underneath) to firstname.lastname@example.org (copy only) email is then delivered to users blackberry normaly.
2. User on blackberry replys to email, goes through blackberry servers to exchange server "A" and is deliver to user normaly.
3. Domain User replys to email (email@example.com) and gets (blocked/denied) as we are blocking internet based email from specific users account in the domain. HOWEVER....Domain User CAN send to other domain users without issues. E.G. firstname.lastname@example.org, and users CAN'T send to say email@example.com (internet based email)
This is why firstname.lastname@example.org gets denied as it internet based not domain based.
On the blackberry website you can add an email account which should resolve the issue and make it seem like the email is coming from email@example.com when sent from the blackberry.
We cant add the account, we presume because the actual exchange email box sits on the bridge head server in another geographical location. If we add an account based on exchange server "A" then it works fine.
There will be nothing done on this untill we sort out the issues. Please take your time and attempt to truly understand the issue before replying.