Exchange server 2019: Email Address Policies, Do you need one?

Well, of course you need an email address policy in your exchange organisation to manage email addresses for recipients. An e-mail address policy is used to generate email addresses for recipients in the organisation based on patterns provided. In fact, you may create more than just one policy to meet various business needs.

It is absolutely unthinkable that we will manage email addresses manually for N number of recipients. What I mean by that, Just push your imagination and think of a scenario where you have to update 10k (I am still taking easy example here) email addresses across your organisation. And not just that it is one time task, you have to think about employees joining, name change, acquisitions and so many other things on day to day basis.

Email address policies in Exchange Server 2016 and Exchange Server 2019 are unchanged from that of Exchange Server 2010.

So do we need to create an email address policy initially?

To make things easy for you, Exchange Server by default contains an email address policy (Default policy) that assigns one or more email addresses to all recipients in the organisation. You can use default policy or modify default policy to generate email addresses for recipients based on business needs. Also, you can always create additional new policies and use new policy to generate the email addresses. 

Default email address policy

As mentioned earlier, Exchange setup creates a default email address policy that generates and applies email addresses to all recipients in an exchange organisation. The properties of the default email address policy are:

  • Name: Default Policy
  • Priority: Lowest (all other email address policies are evaluated before the default policy).
  • Email address format
    • TypeSMTP (primary email address)
    • Domain<alias>@<ADForestRootFQDN>. This domain value is used because it’s the first accepted domain in the Exchange organization.
  • Apply to: All recipient types.

You cannot delete the default email address policy, or you can’t promote another policy as the default policy. You can modify some properties of the default policy, however the modification options are limited:

  • You cannot filter recipients by type or properties (applies to all recipient types).
  • You cannot change the name or priority of the policy.
  • You can fully customise the email address templates in the policy (modify, add, or remove templates). The default policy uses recipients alias and the default accepted domain to generate email addresses for all types of reciepients.
Image: Microsoft

As discussed, earlier, we may need to create additional policies in an exchange organisation in order to fulfil business requirement. Before we talk about creating custom policies, it is important to know the components of an email address policy. The basic components of an email address policy are:

Components of an email address policy

Email Address templates:

Defines the email address format to be used for the recipients (e.g. <firstname>@domain.com or something like <lastname>.<firstname>@domain.com).

Image: Microsoft
  • Custom SMTP email address templates

If you don’t want to use default SMTP email address templates, you can specify a custom SMTP email address template as well. When creating a custom SMTP email address template, you can use the variables listed in the following table to specify values for the local part of the email address. 

VariableValue
%dDisplay name
%gGiven name (first name)
%iMiddle initial
%mExchange alias
%rxyReplace all occurrences of x with y
%rxxRemove all occurrences of x
%sSurname (last name)
%ngThe first n letters of the first name. For example, %2g uses the first two letters of the first name.
%nsThe first n letters of the last name. For example, %2s uses the first two letters of the last name.

The local part of an email address is the name that appears before the @ symbol. Each time a recipient is modified and saved, Exchange enforces the correct application of the email address criteria and settings as per policy defined. When an email address policy is modified and saved, all associated recipients are updated with the change in policy.

Exchange Server always ensures that the email address that are assigned to the recipients are unique. For example, if two users have the same first name and last name, Exchange server appends a number to the local part of the second user’s email address when the email address policy assigns an email address to the mailbox and the email address is based on the user’s first name and last name.

Recipient filter:

Specifies the types of recipients whose email addresses are configured by the policy.

  • Recipient filters for email address policies

Recipient filters identify the recipients that the email address policy applies to. There are two basic options: precanned recipient filters and custom recipient filters. These are basically the same recipient filtering options that are used by dynamic distribution groups and address books.

The following table summarises the differences between the two filtering methods.

Recipient filtering methodUser interfaceFilterable recipient properties
Precanned recipient filtersExchange admin center & Exchange Management ShellLimited to: 
• Recipient type (All recipient types or any combination of user mailboxes, resource mailboxes, mail contacts, mail users, and groups) 
• Company 
• Custom Attribute 1 to 15 
• State or Province 
• Department
Custom recipient filtersExchange Management Shell onlyYou can use virtually any available recipient attributes.

Priority:

Specifies the order to apply the email address policies (important if a recipient is identified by more than one policy).

Accepted domains

Registered domains of your company (aka SMTP domain) such as virtualmaestro.in, that are available to use in email address policies are defined as accepted domains. Accepted domains are configured in the Exchange organisation as authoritative domains or relay domains (Internal or External).  For more detailed information on accepted domains, refer Microsoft Docs.

Email address policies can be created using the Exchange Admin Center or the Exchange Management Shell.

Creating an Email Address Policy using the Exchange Admin Center

Below are the steps to create an email address policy.

  1. Navigate to Mail flow > Email address policies, and then click the Add icon.
  2. In Email Address Policy, complete the following fields:
    • Policy name
    • Email address format
    • Specify the types of recipients this email address will apply to
  3. Click Add a rule to further restrict the recipients that this policy will apply to. This creates a Boolean And statement.
  4. Click Preview recipients the policy applies to to view the recipients the policy will apply to.
  5. Click Save to save your changes and create the policy.
  6. You’ll receive a warning that the email address policy won’t be applied until you update it. After it’s created, select it, and then in the details pane, click Apply.

Refer below link where complete step by step process is elaborated with screenshots.

https://social.technet.microsoft.com/wiki/contents/articles/52390.exchange-2019-create-email-address-policy.aspx

Creating an Email Address Policy using the Exchange Management Shell

The following example creates an email address policy that includes mailbox users in the “India Offices” who will have email addresses that include their last name initial combined with the their first name:

New-EmailAddressPolicy -Name "India offices" -IncludedRecipients MailboxUsers -ConditionalStateorProvince "New Delhi","Maharashtra","Karnataka" -EnabledEmailAddressTemplates "SMTP:%1s%g@virtualmaestro.in"

Applying an email address policies

After you create or modify an email address policy in the EAC or the Exchange Management Shell, the policy needs to be applied to the affected recipients.

If large number of recipients (more than 3000) needs to be updated, you should use the Exchange Management Shell to apply the updates to the affected recipients instead of EAC.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.