Exchange Server 2007/2010: How to Change the Primary Email Domain

A common scenario for Exchange Server administrators is a customer that needs to change their primary email addresses to a new domain name.

For example a company that uses @exchangeserverpro.net as their email address might be acquired, or merge, or simply be rebranding to another name and wants to use @exchangeserverpro.com as their email address instead.

The Exchange Server administrator’s task is to:

  • Make the new primary email addresses of @exchangeserverpro.com begin to work
  • Make the previous email addresses of @exchangeserverpro.net continue to work

There are two features of Exchange Server 2007/2010 that need to be changed for this to happen.

Accepted Domains

The first feature is the Accepted Domains. This is the feature that tells an Exchange 2007/2010 organization which domain names it will accept mail for, and how to treat that domain name.

Accepted domains can be authoritative (ie, the organization owns the domain name and uses it for mail recipients) or can be a relay domain (ie, the organization will accept the emails but send them elsewhere).

There are a few other options such as shared SMTP namespaces but for the purposes of this scenario we’re just dealing with authoritative domains.

To add a new domain name to the organization launch the Exchange Management Console and navigate to Organization Configuration/Hub Transport. Select the Accepted Domains tab to view the current list of domains.

In the Actions pane click on New Accepted Domain.

Enter a Name and the Accepted Domain itself. The name can really be anything you like but most administrators just make it the same as the domain they are adding.

Click New and then Finish to complete the wizard.

Note that if you have Edge Transport servers deployed in your network they will not receive the updated list of Accepted Domains until the next scheduled synchronization of the Edge Subscription.

Email Address Policies

Now that the new domain as been added as an Accepted Domain the next step is to configure an Email Address Policy.

Email Address Policies determine which SMTP addresses as are assigned to which objects in the organization, such as mailboxes, contacts, and distribution groups. Each organization has at least one Email Address Policy that by default will apply to all mail-enabled objects.

Here we can see mailbox users assigned with @exchangeserverpro.net email addresses.

In the Exchange Management Console navigate to Organization Configuration/Hub Transport, and then select the Email Address Policies tab.

In this scenario we’ll just modify the default policy for all mail-enabled objects. Right-click the Default Email Address Policy and select Edit.

Click Next to skip past the introduction and conditions, until you reach the Email Addresses part of the policy. Click on the Add button.

The Email address local part is an optional setting. If you do not specify one the Alias is used as the prefix of the email address. If you do specify one you can use the Alias or other combinations such as Firstname.Lastname.

Next type the domain name or click Browse to choose it from the list of Accepted Domains.

Click OK once you have configured the new SMTP email address. Select the newly added SMTP address and click on Set as Reply.

This will change the new address to bold, which means that it is the address that mail will appear to be sent from.  The other email addresses in the policy will allow people to continue to receive email sent to those addresses.

Click Next to continue. Now we can choose when the updated policy will be applied to recipients. Usually this will be immediately, however you can choose not make the changes without applying the policy, or schedule it for a later time.

Click Next, and then click Edit to complete the wizard. Depending on the size of your environment this may take some time to finish applying.

After the new policy has been applied you can see the change by refreshing the list of mailboxes. Notice that the primary SMTP addresses have changed from @exchangeserverpro.com to @exchangeserverpro.net.

If you look at one recipient you can see that the new primary SMTP address has been applied by the policy, and the previous email address has been retained as well to allow mail sent to that address to continue to be received.

You can see that after these tasks have been completed the organization has had the primary email domain changed to a new one while preserving the existing one at the same time.

Comments

  1. saleem says

    thanks for valuable info..
    1) i did the same added new accepted domain abc.test.com
    applied a new mail box policy and the existing email addresses changed to abc.com
    and i can send and receive mails from internet with out any problem,.

    2) i added 3rd accepted domain and applied email address policies
    and i can send and receive mails to the 3rd domain xyz .com
    now i want to apply policies to the 3rd one so that mail will be delivered to only some of them in xyz.com
    any idea ?

    B.R
    ___
    S

  2. DCRG says

    Hi,

    I have recently carried out the above to add a new accepted domain, and set it to be the reply address whilst leaving the original domain intact so external users can still email people on the old email address. is there a way to send an automatic reply to messages that are addressed to the old domain, whilst still ensuring the user receives the email message?

    I have had a play with Transport rule and selected the reject email message when the recipients email address contains XXXXX (the old email address) with a response of “blar blar blar” but this does not have the required results….

    Any help would be appreciated

    Any help would be appreciated

    • says

      I’ve never really looked into this because I’ve never seen the need for it. The whole point of this config is so that mail can still be received on the old addresses but new mail is sent out to the new addresses.

      In my experience it is a situation that just naturally sorts itself out over time. The number of emails sent to the old domain name slowly diminishes.

      Is it that critical for you that you absolutely need to do it?

      • DCRG says

        Hi Paul,

        Thank you for the reply.

        I agree completely and this is the first time i have ever looked into this for that very reason.
        I have been asked the question if this is possible to speed up the time it takes for external senders to start using the new email address.
        I have researched this for a few days and cannot find a suitable way of doing this?
        obviously Auto replies could be used, however this would be impractical as users would not be able to set their own OOF when needed.

        So im stuck really, if you have any ideas that would be great, if i ever get to the bottom of this i will update post…

        cheers

      • says

        Somebody subscribed to my newsletter list does this by the way. I get a “We’ve changed email domains” email every week when I send out the newsletter.

        It’s pretty annoying to be honest, since there is nothing I can do about it. They’ve signed up with that email address, I can’t change it to the new one for them :-)

        Put yourself in the sender’s shoes… do they want to receive that auto-reply? Probably not. As long as their mail is getting through they probably don’t care ;-)

    • Dan says

      If it were up to me, I’d be happy just accepting mail on the new domain. But our management wants to send out an error message and accept the mail at the same time.

      We’re looking at the “send bounce message to sender with enhanced status code” option in hub transport, but it doesn’t look very promising. We can’t get it to trap on inbound messages send to the old domain name.

  3. Jim Sutherlin says

    Since our exchange server requires SSL, do I need to obtain a new certificate with the 2nd domain added to it or would the authentication still happen with the “old” domain?

    Thanks

  4. says

    hi paul,

    Great article(s) as always. I have situation similiar to this. I have 2010 installed in a 2003 exchange org. nothing has been moved over yet.

    the company wants to re-brand their email prior to migrating to 2010. the current mx record is abc.com. they want abcd.com. here is what i am thinking that needs to be done.

    1. add abcd.com mx record.
    2. add policy on exchange 2003 moved this to high priority
    3. re-do the cert but since this is for exchange 2003 how should this be done?

    i am not sure what needs to be done for external access it is webmail.abc.com but now needs to be webmail.abcd.com.

    Once this is done this should update in exchange 2010 automatically, i think.

    Please advise?

    thanks!
    rasheedah

  5. says

    What about setting a rule, that informs the sender with an automatic response that the address he sent the email to, is not used anymore. (emails to the old address will still be forwarded to the new account).
    is there any solution to do this on a exchange server? transport rules?

    Thanks ?_)

    • says

      To be honest those types of auto-replies annoy the heck out of me. My view is that an address should either be silently accepted (eg as a secondary address on the mailbox, or by forwarding it wherever it needs to go), or otherwise it should hard bounce.

  6. Alastair says

    We have already got a second accepted domain that was set up a while a go. I am trying to switch this second domain to being the primary so that the the sent email uses this domain name. (while still recieving emails on the original) neither is the domain for our site.

    When I changed Hub Transport – email policies – Default policy – as the second domain was already there I set it as the default. It updated but in Recipient Config – Mailboxes the Primary SMTP Domain had not updated.
    Do you think this is a time issue or Transport Role restart issue ?

    Also In Hub Trans – Accepted Domains how does changingthe accepted domain default to the new one change things ?

    Finally we have one Send Connector – however the FQDN now points to the original domain and not the new one.

    I have a SSL certificate attached to the original domain but am happy keeping the OWA on this address at present.
    Thanks !

  7. Jim Satterfield says

    I am setting up a new Exchange server and we have multiple domains. In my testing I have set up authoritative accepted domains. I can configure it so that a user receives from multiple domains without any real problem. Is there a way for me to configure users who deal with more than one of these domains to be able to send email from an email address of their choice?

    Example: A customer service person provides support to both ABC Company and XYZ Limited. When they contact someone dealing with ABC they need to send from customerservice@abc.com and when dealing with a customer of XYZ they need to send from customerservice@xyz.com. I haven’t figured out how I can set this up yet and need an answer. Thanks in advance for any help anyone can provide.

  8. Samir says

    Hello,
    Great Article !
    Recently, we had changed the primary address of users but this new address does not appear in outlook of clients. I have no problem with OWA it works fine

    Any suggestions.
    Thanks

      • Dawn says

        Hi Paul,
        I’m having the same issue. We changed primary domain – but on the outlook client, the account is still displaying the old domain name. The top left where the mailbox name is displayed, and if you go into account settings, the mailbox name is still the old, and I can’t change it. Any suggestions without having to remove the mailbox and add new?
        thanks!

        • says

          From what I can see that display doesn’t update without recreating the profile (you would want to test that though to be sure, before you go recreating everyone’s profiles).

  9. Alan Lumley says

    This has worked, very good work and thanks very much for documenting the process, Paul.

    However I do have a small snag.

    In the interim of the changeover for all external contacts getting used to using the new email address, when the execs are receiving emails with multiple recipients to their old domain email address and try to do a reply all.

    They are automatically CC’ing themselves into the reply due to the primary send mail address being the new domain email instead of the prior one.

    Is there a way we can rectify this issue as it has put a halt on the migration.

    Thanks,

    Alan

      • Alan Lumley says

        Hi Paul,

        Managed to pinpoint that it is only happening on Outlook 2011 on the MAC books.
        Outlook on the Windows clients have been clever enough to realise the 2 domains for one user is the same person and this does not cause any confusion.

  10. Andre Boom says

    Hi Paul,

    Thanks for the great instructions, much appreciated.
    Would you be able to confirm if I can delete the old domain later on and if the users are able to use the new domain to log to on Outlook Web app?

    Eg.:
    I had 123.org
    I added 456.org
    Is the user john able to log on to OWA on the new domain name ( 456.org ) and can I delete the old (123.org ) domain?

    • says

      Their OWA logon will be their UPN, not email address. UPN has a similar format to email addresses, but is a different account attribute.

      If you change their UPNs to match their new email addresses, then they can use the new one to login.

      I generally don’t remove the old domains, unless it is a specific reason to, because you never know who might try to send them email to their old addresses for years to come.

  11. mk says

    I have problem. I have 3 domains 1 old one and 2 new one’s. I can reseive masseges from all 3 domains. My primary mail address is changed correctly to @yyy.com, but when i sent mail using imap client like Thunderbird and leave old address as from (@xxx.com), then mail come to external or internal mailbox with old address not (@xxx.com) not default new one (@yyy.com). When I use OWA the from address is setup as new address and there is no problem

  12. mk says

    My default accepted domain is yyy.com and primary smtp address is user@yyy.com.
    When i send email for external/internal users using OWA then address from is user@yyy.com, but using imap client mail come from address xxx.com.
    I found that when i change mail address on imap client server configuration to user@yyy.com then everything is OK.
    Probably i have to use address rewrite agent on my Hub Transport Server using
    http://blogs.msdn.com/b/akashb/archive/2009/02/24/how-to-rewrite-the-to-address-in-transport-agents-on-a-hub-server.aspx

  13. Jeff says

    Hi. We have an issue with meeting requests after the primary smtp address is changed. The attendee is not receiving updates for an existing recurring meeting after their primary smtp address was changed. When viewing the recurring meetings I would see the user listed twice, once with their old address and once with their new one. When the meeting organizer sent out changes they did not receive them. Any thoughts? Thanks.

  14. Raj says

    Paul,
    You’re is just MARVELOUS . Thanks for sharing knowledge.

    Need another help. Is there any way to find out which admin has accessed which users mailbox. I suspect few our exchange administrator not following their ethics and i want to trap them..

    Appreciate your help.

  15. Josh says

    Hey Paul,

    Great article. Is there a way in exchange 2010 to workaround having to manually create security groups in AD for users who want to receive from mulitple authoritative domains as well as send from these domains?

    Primary abc.com
    Secondary def.com
    Tertiary xyz.com

    They can receive mail using this method, however, is there an easy way so the users can send out from Outlook using the domain of their choice? In the past we have setup AD security groups and manipulated them with the secondary accounts so outlook could send using that account. Make sense?

    Thanks!

  16. Freddy says

    Hi Paul,

    I set a new accepted domain on my exchange 2010, in authoritative mode. My users on this accepted domain CAN SEND mail to internal and external mail adresses , also can receive mails from exchange users, but CAN’T RECEIVE any mails from internet.

    Can you help me ?

      • Freddy says

        Yes, for sure. I’ve add mx on my dns server role. And that’s why I can send mails. And I can telnet my server.
        But receiving from internet is not possible. However I don’t reveine any error report from yahoo or gmail. It seems like the mails are well delivered.
        What I do is put a new UPN ( the same as the new accepted domain) and create new mailbox directly with this new domain. In the properties oh this user, his mailbox adresses are first the new domain one as default and the old domain (the active directory one) is the second mailbox

        • says

          The MX record isn’t involved in you sending email, only receiving.

          Without knowing your domain name there’s not much else I can suggest other than you should go to mxtoolbox.com and start running tests.

  17. Andre Boom says

    Don’t want to come between you guys but:

    Could it be that you have a 3th party spam filter between your mailbox server and the internet?
    Some spamfilters require that you add a domain and a forward address. Could it be that you missed/skipped this part?

  18. Freddy says

    Paul,

    Great news, it works now. And as you told it, it was a stuff with the MX record. The solution to make it work was to add the ip public address oh the old domain on the new domain as a A record. And voilà … it works. I can send and receive from inside/outside office, on BB phones, on ipad, iphone, ANdroid tabets and phones.
    Thanks for your ideas on my problem !!

  19. Yves says

    Hi,

    We have just done whats been discribes in this article. We moved from .be to .com Now since we have done that i get alot of complaince that people cant send mails to us getting a message back like this:

    Diagnostische gegevens voor beheerders:

    Server: XXX.ABC.be

    yves.strobbe@OurDomain.com
    mail.OurDomain.be #554 5.7.1 This message has been blocked because the HELO/EHLO domain is invalid. ##

    Are there any other setting i need to reconfigure to make the work?

    • says

      Look at the properties of your Send Connector. The FQDN used for HELO/EHLO must be externally resolvable. If there’s nothing configured there it will just use the name of the server. Either way, it has to be externally resolvable in DNS or a lot of servers will reject your mail.

      • Yves says

        Thanks for the reply.

        There is a FQND thats externaly resolvable. I found the problem. It was our firewal that was checking HELO/EHLO after i did an upgrade of the firmware. Did some changed there and everything is working just fine again!

  20. Ira says

    Hi Paul. Great article. I will be changing the primary domain name on an Exchange 2010 server per your steps. We have a number of iphone and android phone users getting their exchange mail via the active sync exchange account on their phones. What will be the impact on these phones after the primary domain name change on Exchange? Will we have to re-create all these phone email accounts?

  21. L Batchelor says

    Hi Paul,

    Thanks for excellent article.

    For testing the smtp send by just 1 user can you configure the new accepted domain, add the new email policy but not apply the policy with “set as reply” for the new domain? ie leave existing domain as bold and default for email policy and use new domain as a usuable option but not the default “set as reply”.
    Not sure if you apply policy and just do not assign “set as reply” for the new domain.

    Can you then reconfigure 1 user in user email properties and change their “set as reply” to the new domain whilst the rest keep using the old domain until you apply policy for all users?

    Thanks in advance

  22. Alejandro says

    Hello,

    Quick question I hope. I am running Exchange 2013, CU2. For accepted domains, is this only for incoming mail? If I do the steps above, only email will be accepted for each user? I can’t change the outgoing FROM field in outlook to show the same alias and a different domain that’s being accepted?

    For my company it’s very important because we are legally doing business as 1 name as well as the principle name. So do I need to setup a second exchange server? Or use a different mailbox for the different accepted domain?

    It’s weird because I sign into exchange with foo@domain1.com domain and it logs in, dls the email messages. Then When I change the from field to foo@domain2.com it works but foo@domain3.com does not work. It’s weird that it’s working for some and not others. I wonder what exchange does to determine to allow this or not.

  23. says

    Hi Paul, thanks for sharing.

    Imagine an Exchange 2010 scenario with two accepted domains: aaa.com and bbb.com, obviously there’s only one default smtp address, aaa.com.

    Imagine an user with two smtp addresses, user@aaa.com and user@bbb.com, he can receive in his mailbox emails addressed to any of those two email address.

    Imagine sometimes that user needs to send using user@aaa.com and sometimes needs to send using user@bbb.com, there’s any chance to let that user choose outgoing smtp address? I’m thinking about create a couple of powershell scripts (user will execute aaa.ps1 or bbb.ps1 when needed), but it’s risky, user can make a mistake easily…

    Any idea?

    Thank you

  24. Andre Boom says

    Tom,

    Change it with:
    set-mailbox MAILBOXALIAS -primarysmtpaddress THEEMAILADDRESSYOUWANTTOMAKEPRIMARY

    • says

      Yes. Everything in Exchange can be done in PowerShell.

      There isn’t one thing happening in this article though, it’s multiple things put together. So creating the new accepted domain is one part of it, modifying the email address policies is another.

Leave a Reply

Your email address will not be published. Required fields are marked *