Exchange Authoritative domains

Posted on 2011-02-16
Last Modified: 2012-05-11

I'm running Exchange 2007 SP2 in my company. Under remote domains we have loads of domains, and under Accepted Domains we have even more. One of the reasons is that we also relay messages to partner companies.

I want to work out which domains our Exchange system "owns", that is it is purely responsible for. Does anyone know how I can do this?
Question by:Joe_Budden
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34910456
Type the following in the Exchange Management Shell:


That should list the accepted domains and tell you if you are authoritative for them or not.
LVL 58

Expert Comment

ID: 34910460

Accepted Domains which your Exchange system completely "owns" will be the authoritative ones.

The following command, run at Exchange Management Shell, will return a list of all the authoritative domains for you:

Get-AcceptedDomain | where {$_.DomainType -eq "Authoritative"}

Open in new window

That should be the info you are looking for. Of course, you can use the usual Powershell tools to filter the output accordingly.


Author Comment

ID: 34910470
Does this mean that only Exchange owns this domain, no one else? Or that Exchange will purely recv and can relay email for this domain?
Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

LVL 76

Accepted Solution

Alan Hardisty earned 250 total points
ID: 34910583
Yes and No!

A domain can be shared between several servers, but generally if the domain is authoritative for a domain, it is usually the only one that handles mail for that domain.

Exchange can receive and relay mail for other domains and those will be listed an Non-Authoritative.
LVL 58

Expert Comment

ID: 34910597

An authoritative domain is one Exchange "owns" entirely. If Exchange receives an inbound message addressed to someone who doesn't exist, then Exchange will bounce the message with an NDR (or flat out terminate the SMTP session mid-flow, if you have the anti-spam agents installed and recipient filtering enabled).

So... the domains in the results of the above command are ones Exchange "owns" entirely.

LVL 58

Assisted Solution

tigermatt earned 250 total points
ID: 34910612

Alan raises an interesting point - if Exchange isn't the first point of delivery for an authoritative domain (i.e. it isn't the environment listed in the domain's public MX record), it doesn't have to be authoritative for all email to that domain. Email in that case may be delivered to another email organization which is simply forwarding it on to Exchange.

Thanks Alan :)

LVL 76

Expert Comment

by:Alan Hardisty
ID: 34910685
No probs - Shared SMTP Name Space is a possibility where several servers could receive the mail for a domain then pass it on to another server and then another before it finally gets pushed to the last one which has to be authoritative.


Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question