Understanding Exchange 2010 Support for X.400 Authoritative Domains
Applies to: Exchange Server 2010
This topic describes the support that Microsoft Exchange Server 2010 provides for X.400 domains. Exchange 2010 enables the configuration of one or more X.400 authoritative domain namespaces by using Exchange Management Shell commands.
Looking for management tasks related to managing transport servers? See Managing Transport Servers.
Contents
X.400 Addresses
Configuring X.400 Authoritative Domains
Recipient Resolution and Routing for X.400 Authoritative Domains
X.400 Addresses
An X.400 address is an address that's defined as part of a suite of e-mail standards that are defined by International Telecommunication Union - Telecommunication [Standardization Sector] (ITU-T) recommendations. An X.400 address uses a hierarchical naming system and consists of a series of attributes, the sum of which form the X.400 address. Some attributes in the address specify the organization. Other attributes specify the recipient. The sum of all the organizational attributes specifies a unique node in the X.400 address hierarchy.
Exchange 2010 doesn't support the following X.400 scenarios:
- Sharing an X.400 address node with another e-mail system. In Exchange 2010, you can share an SMTP domain namespace by configuring an internal relay accepted domain. You can't use this configuration for an X.400 namespace. Exchange 2010 must be authoritative for the X.400 domain. Alternatively, the X.400 domain must be configured as an external relay subdomain of an authoritative X.400 domain.
- Configuring an X.400 authoritative domain on the Edge Transport server.
- Configuring an X.400 authoritative domain in the Exchange Management Console. You must use the Shell to configure X.400 authoritative domains.
- Routing or relaying directly to an X.400 message transfer agent (MTA). Exchange 2010 must route through a source server that's running Microsoft Exchange Server 2003 and hosting an X.400 connector, or through a third-party Exchange 2010 X.400 connector.
Return to top
Configuring X.400 Authoritative Domains
You configure an X.400 authoritative domain on the Hub Transport server role. When an organization is configured as authoritative for a particular domain, it's assumed that the organization hosts all the mailboxes for recipients in that domain. After you create an X.400 authoritative domain name, you can create an e-mail address policy that specifies that domain in the e-mail proxy address. The Exchange organization accepts e-mail that's addressed to recipients who have been assigned an X.400 e-mail proxy address that uses the X.400 authoritative domain namespace. Any X.400 recipient addresses in the authoritative namespace that don't resolve to a mailbox or a contact in Active Directory are treated as an error and cause messages to result in a non-delivery report (NDR). If the message that causes the error is a delivery status notification (DSN), such as an NDR, it's deleted.
Exchange 2010 supports non-authoritative X.400 domains if they're a subdomain of an authoritative domain. You use the X400ExternalRelay parameter of the New-X400AuthoritativeDomain cmdlet to define any exceptions where the Exchange organization isn't authoritative for a subdomain of the authoritative X.400 domain. By default, the value of the X400ExternalRelay parameter is set to $false
. Therefore, a recipient resolution failure for an e-mail message that's sent to a recipient in the X.400 subdomain results in an NDR. If the value of the X400ExternalRelay parameter is set to $true
, Exchange doesn't treat recipient resolution failures as an error and routes messages that are addressed to a recipient in the X.400 subdomain to an external address.
Defining an X.400 Namespace
By default, when you configure an X.400 authoritative domain, the Exchange organization is considered authoritative for all X.400 addresses in the hierarchy.
An X.400 address consists of a series of attributes that define organizational components and specify recipients. The X.400 namespace that's specified in the X400DomainName parameter can only include the X.400 organizational components. The following table lists the attributes that you can use to define an X.400 domain namespace in Exchange 2010. The attributes are listed in hierarchical order.
X.400 organizational components
Attribute abbreviation | Organizational component | Required/Optional | Maximum character length |
---|---|---|---|
C |
Country The value of the Country attribute is the two-letter country/region designation from International Organization for Standardization (ISO) 3166. This attribute identifies the country or region of the X.400 domain namespace. |
Required |
2 |
A |
ADMD The value of the Administration Management Domain (ADMD) typically identifies a public mail service provider. Valid values are decided on a country or regional basis. |
Required |
16 |
P |
PRMD The value of the Private Management Domain (PRMD) defines the top level domain in the namespace of the Exchange organization. |
Optional |
16 |
O |
Organization The value of the Organization attribute is unique within the context of the PRMD or of the ADMD if there is no PRMD. |
Optional |
64 |
OU1 |
Organizational unit 1 The value of each organizational unit identifies a unique address element within the scope of the immediately superior address element in the hierarchy. |
Optional |
64 |
OU2 |
Organizational unit 2 The value of each organizational unit identifies a unique address element within the scope of the immediately superior address element in the hierarchy. |
Optional |
64 |
OU3 |
Organizational unit 3 The value of each organizational unit identifies a unique address element within the scope of the immediately superior address element in the hierarchy. |
Optional |
64 |
OU4 |
Organizational unit 4 The value of each organizational unit identifies a unique address element within the scope of the immediately superior address element in the hierarchy. |
Optional |
64 |
When you specify the X.400 namespace, the address attributes must be separated by semicolons and the address must be enclosed in quotation marks ("), as in the following example.
"C=US;A=ATT;P=Contoso;O=Example"
X.400 domain names can only include the following ASCII characters:
- A to Z
- a to z
- 0–9
- These punctuation and special characters: (space)
' () + , - . / : = ?
The inclusion of a wildcard character, such as an asterisk (*
), isn't supported in the X.400 authoritative namespace. Each attribute can appear only one time in the X.400 namespace.
Any address in the hierarchy that's subordinate to the defined organizational components must resolve to a recipient or contact in Active Directory, unless an exception has been defined for a subdomain by specifying the X400ExternalRelay parameter as $true
. If the categorizer can't resolve a recipient, an NDR is generated for a message. If the message is a DSN, it's deleted.
For example, if you've configured an X.400 authoritative domain as "C=US;A=ATT;O=Contoso"
, the Exchange organization is also considered authoritative for the X.400 namespace "C=US;A=ATT;O=Contoso;OU1=Tailspin Toys"
. If all the recipients for Tailspin Toys are located in another organization, each of those recipients must be represented as a contact in the Active Directory of the Contoso organization. If you can't do this, the Tailspin Toys namespace must be defined as an external relay subdomain.
Return to top
Recipient Resolution and Routing for X.400 Authoritative Domains
To determine how to handle routing of e-mail messages, the Exchange 2010 categorizer compares the recipient addresses to the list of domains for which the Exchange organization is authoritative. This enables the categorizer to determine when to route an X.400 addressed message to an external system and when to generate an NDR for a message if the recipient isn't found in the authoritative namespace. If a message is being sent to a recipient address in an X.400 domain for which the Exchange organization is authoritative, the message is delivered to valid recipients, In addition, an NDR is returned to the sender for any recipient that doesn't appear in Active Directory. If a message is being sent to an X.400 domain for which the Exchange organization isn't authoritative, the message is routed externally through an X.400 connector.
After an X.400 authoritative namespace has been defined, the Exchange organization is assumed to be responsible for message delivery to all recipients that have e-mail proxy addresses that match the namespace. Therefore, X.400 addressed messages that are received by an Exchange 2010 Hub Transport server are processed as follows:
- If the recipient address resolves to a recipient in Active Directory, the message is delivered.
- An NDR is returned to the sender if all the following conditions are true:
- The recipient address doesn't resolve to a recipient in Active Directory.
- The recipient address matches an X.400 namespace for which Exchange is authoritative.
- The e-mail is a message.
- The e-mail is deleted if all the following conditions are true:
- The recipient address doesn't resolve to a recipient in Active Directory.
- The recipient address matches an X.400 namespace for which Exchange is authoritative.
- The e-mail is a DSN.
- The e-mail is routed to an X.400 connector if all the following conditions are true:
- The recipient address doesn't resolve to a recipient in Active Directory.
- The recipient address doesn't match an X.400 namespace for which Exchange is authoritative.
- The e-mail is routed to an X.400 connector.
Although you can configure recipients to receive e-mail that's addressed to an X.400 namespace, Exchange 2010 doesn't provide native transport support for X.400. To send or receive X.400 e-mail messages to or from remote X.400 domains, you must maintain one or more X.400 connectors on an Exchange 2003 server, or configure a Foreign connector to the X.400 backbone.
Exchange 2010 doesn't have an X.400 MTA. Therefore, Exchange 2010 can't convert messages to the X.400 format. An X.400 connector that's hosted on an Exchange 2003 server or a Foreign connector must process the message so that conversion to an X.400 message occurs. To transport X.400 messages, Exchange 2010 routes the message over SMTP as a MIME-encapsulated Transport Neutral Encapsulation Format (TNEF) message.
For more information about how to create an X.400 connector on Exchange 2003, see How to Create an X.400 Connector. For more information about how to create a Foreign connector, see Create a Foreign Connector.
Return to top