Solved

Exchange Authoritative domains

Posted on 2011-02-16
7
475 Views
Last Modified: 2012-05-11
Hello

I'm running Exchange 2007 SP2 in my company. Under remote domains we have loads of domains, and under Accepted Domains we have even more. One of the reasons is that we also relay messages to partner companies.

I want to work out which domains our Exchange system "owns", that is it is purely responsible for. Does anyone know how I can do this?
0
Comment
Question by:Joe_Budden
  • 3
  • 3
7 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34910456
Type the following in the Exchange Management Shell:

get-accepteddomain

That should list the accepted domains and tell you if you are authoritative for them or not.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 34910460

Accepted Domains which your Exchange system completely "owns" will be the authoritative ones.

The following command, run at Exchange Management Shell, will return a list of all the authoritative domains for you:

Get-AcceptedDomain | where {$_.DomainType -eq "Authoritative"}

Open in new window


That should be the info you are looking for. Of course, you can use the usual Powershell tools to filter the output accordingly.

-Matt
0
 
LVL 1

Author Comment

by:Joe_Budden
ID: 34910470
Does this mean that only Exchange owns this domain, no one else? Or that Exchange will purely recv and can relay email for this domain?
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 250 total points
ID: 34910583
Yes and No!

A domain can be shared between several servers, but generally if the domain is authoritative for a domain, it is usually the only one that handles mail for that domain.

Exchange can receive and relay mail for other domains and those will be listed an Non-Authoritative.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 34910597

An authoritative domain is one Exchange "owns" entirely. If Exchange receives an inbound message addressed to someone who doesn't exist @myauthoritativedomain.com, then Exchange will bounce the message with an NDR (or flat out terminate the SMTP session mid-flow, if you have the anti-spam agents installed and recipient filtering enabled).

So... the domains in the results of the above command are ones Exchange "owns" entirely.

-Matt
0
 
LVL 58

Assisted Solution

by:tigermatt
tigermatt earned 250 total points
ID: 34910612

Alan raises an interesting point - if Exchange isn't the first point of delivery for an authoritative domain (i.e. it isn't the environment listed in the domain's public MX record), it doesn't have to be authoritative for all email to that domain. Email in that case may be delivered to another email organization which is simply forwarding it on to Exchange.

Thanks Alan :)

-Matt
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34910685
No probs - Shared SMTP Name Space is a possibility where several servers could receive the mail for a domain then pass it on to another server and then another before it finally gets pushed to the last one which has to be authoritative.

0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now