Configure Postmaster, Microsoft Exchange Recipient and NDR forwarding in Exchange Server 2007 and 2010

Postmaster for external messages
In Exchange 2007 and 2010 it is considered best practice to configure a postmaster address in the organization. It is also a requirement to set a postmaster for all SMTP domains according to RFC 2821: http://tools.ietf.org/html/rfc2821

The postmaster address is used to send system-generated messages and notifications.

To set the postmaster address use the following command:
Set-TransportConfig -ExternalPostmasterAddress <email address>

For example:
Set-TransportConfig -ExternalPostmasterAddress postmaster@contoso.com

Microsoft Exchange Recipient for internal messages
There is also another type of recipient configuration that you need to do if you want to be able to monitor NDRs. The Microsoft Exchange recipient is a special recipient object that can be compared to an internal postmaster. The HUB transport servers forwards internal NDRs to this recipient and not the the Postmaster.

To configure an recipient for the Microsoft Exchange recipient  use the following command:
Set-OrganizationConfig –MicrosoftExchangeRecipientReplyRecipient <String>

The String can be one of the following:

  • Distinguished name (DN)
  • Canonical name
  • GUID
  • Name
  • Display name
  • Alias
  • Exchange DN
  • Primary SMTP e-mail address

Note that if the MicrosoftExchangeRecipientReplyRecipient is not configured all messages sent to the Microsoft Exchange recipient will be discarded.

NDR forwarding
Sometimes you have the need to monitor the NDRs sent through the organization. To be able to do that you will have to configure the transport configuration to send a copy of the NDRs to a specific mailbox. Note that this affects the entire organization and not a single transport server.

Using the the GenerateCopyOfDSNFor parameter you can specify which DNS codes that will be forwarded. To save you some work, Microsoft has enabled monitoring for  the following DNSs:

  • 5.4.8
  • 5.4.6
  • 5.4.4
  • 5.2.4
  • 5.2.0
  • 5.1.4

To configure forwarding use the following command:
Set-TransportConfig -GenerateCopyOfDSNFor <DSN1, DSN2, DSN3, …>

Example:
Set-TransportConfig -GenerateCopyOfDSNFor 4.4.7,5.5.2,5.7.3

Note that the use of GenerateCopyOfDSNFor requires you to configure the Microsoft Exchange recipient and/or ExternalPostmasterAddress.

Advertisements

9 Responses to Configure Postmaster, Microsoft Exchange Recipient and NDR forwarding in Exchange Server 2007 and 2010

  1. su27 says:

    External postmaster address must point to a mailbox. It won’t work with distribution group.

    • msundis says:

      Thanks for posting su27,

      Yes that is correct; the postmaster address must point to a existing mailbox. I am sorry for not specifying that in the post.

      Thanks for sharing!

      • David Marcus says:

        Can the external address point to a mail-enabled public folder?

      • msundis says:

        I have done a quick test and it should work. If you do configure it, please write back and let us know if it worked for you. Thanks for reading!

    • vladon says:

      It is well worked with distribution group postmaster@my.domain for me. Exchange 2010 SP2 UR2

      • Martin Sundström says:

        Thanks for the information! My guess is that is has been changed in one of the updates. Thanks again for letting us know!

  2. Pingback: Confluence: IT

  3. Pingback: Confluence: Private

  4. PaulD says:

    Martin,
    Appreciate your post. Its not working for me – no NDRs dumping to my inbox. Any thoughts? My default email policy isn’t running as its needing configuring after an upgrade (emails are being partly managed by a 3rd party app)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: