Use an alternate address with Microsoft Exchange Server to send a message from a
secondary proxy SMTP address as though the message came directly from that email
Q: How can I use an alternate address with Exchange Server?
A: A common request in Exchange shops is for users to be able to send a message from a
secondary proxy SMTP address or additional mailbox as though the message came
directly from that email address. Support personnel who monitor a secondary alias or
mailbox (e.g., email@example.com, firstname.lastname@example.org) often need this
capability. In addition, a merger of two enterprises might require users to send from
different Exchange organizations for which no trust has been configured.
Because Microsoft Office Outlook uses Messaging API (MAPI) as the message store
provider, you can’t simply change the From address to reflect a different source. A
limitation within MAPI prevents a profile from accessing multiple Exchange servers at
the provider level. You can assign Send On Behalf Of permissions in Outlook, but doing
so exposes the message’s original source address because the recipient will see the text
“From User A sent on behalf of User B.” Fortunately, several options exist.
1. If the secondary address has its own object in Active Directory (AD), such as a
mailbox or distribution group, then permissions can be assigned on that object to
give a user or group Send As permissions. This action can only be performed by
an administrator at the server; you can’t grant these permissions from the Outlook
client. To assign Send As permissions in Exchange Server 2003, perform the
o a. Open the Microsoft Management Console (MMC) Active Directory
Users and Computers snap-in on the Exchange 2003 server or
o b. Ensure Advanced Options is selected in the View menu.
o c. Open the object properties (Mailbox, Group, or Mail-Enabled Contact)
on which you want to assign Send As permissions, and select the Security
o d. Click the Advanced button.
o e. On the Permissions tab, click Add and select the object or user to grant
Send As permissions to.
o f. In the Select User, Computer, or Group dialog box, enter the user to
assign permissions to, and click OK.
o g. In the Permissions Entry dialog box that opens, the value in the Apply
onto drop-down box should be This object only, as in Figure 1. Select the
Allow check box for the Send As permissions, as Figure 1 shows.
For Exchange Server 2007 RTM, Send As permissions are administered through
PowerShell. The cmdlet to invoke these permissions is Add-ADPermission. The
parameters include the identity to apply the rights against, the user to grant the
rights to, and the type of extended rights (which in this case is “Send As”). As an
example, you’d use the following command to assign Send As rights to user
William on Kevin Miller’s mailbox:
Add-ADPermission -Identity “Kevin Miller”
-user MOJAVE\william -extendedRights “Send As”
This command returns confirmation of the rights assignment in a table. Exchange
2007 SP1 adds this functionality to the Exchange Management Console (EMC).
In the EMC, selecting the Recipient Configuration object will show a list of
recipients in the middle pane. Select the recipient against which Send As
permissions are to be applied. In the Action pane on the right, select the new
option Manage Send As Permission. When the wizard opens, select Add and
choose the user or group to grant Send As permissions to and click OK. Clicking
Manage will return a summary of the configuration performed, including the
equivalent PowerShell command.
2. If the secondary address has its own mailbox, use Outlook to connect to the
primary mailbox address as normal and use Outlook Web Access (OWA) via a
Web browser to monitor the secondary mailbox. No conflict is created if a user
has multiple interfaces, such as OWA and Outlook, to access different mailboxes.
3. Use a third-party or custom application that lets you use secondary addresses as
the authoritative From address for outgoing messages. Products such as Ivasoft’s
ChooseFrom (http://www.ivasoft.biz/choosefrom.shtml) are implemented as
transport event sinks in Exchange 2003 and Exchange 2000 Server or as custom
transport agents in Exchange 2007, allowing users to select an authorized
secondary SMTP address to use in the From field. The recipient will receive the
message as though it were sent directly from the secondary address. This solution
is appealing for enterprises, because it’s managed on the server side without any
custom client configuration.
4. Allow POP3 or IMAP4 access to the Exchange server for the secondary supported
mailboxes. Users can then use Outlook for their primary mailboxes and Outlook
Express (or Windows Mail on Windows Vista) to access their secondary
mailboxes. For example, a user could use Outlook for his or her main mailbox
communication and use the secondary (non-Outlook) POP3 or IMAP4 client to
access another mailbox, such as HelpDesk. Alternatively, the POP3 or IMAP4
account access can be added to the same Outlook profile that’s used to access the
mailbox with MAPI. The user must then change the account to send from
whenever trying to represent the secondary mailbox (e.g., HelpDesk).
5. If a user has a secondary proxy SMTP address assigned to his or her AD account,
you can create a POP3 or IMAP4 account in the user’s profile even though the
Exchange server might not be configured for Internet client protocols. This client-
side method lets the user send from an address using an alternate Internet email
account, even though that account doesn’t retrieve inbound messages.
For a user monitoring the Help desk with a secondary proxy address of
email@example.com, adding a POP3 account for the Help desk lets the user
send from the SMTP address firstname.lastname@example.org. By default, Exchange will
resolve the secondary address to the user’s AD account, and internal MAPI
messages will show the primary SMTP address. However, messages destined for
the Internet will reflect the address assigned to the POP3 account. This
configuration is useful for answering external queries from addresses such as
support, webmaster, hostmaster, postmaster, or email@example.com without
revealing a specific user associated with those secondary proxy addresses.
To add a “dummy” POP3 account to an existing Microsoft Office Outlook 2003
profile, from the Outlook client logged on to the user’s Exchange mailbox, select
E-mail Accounts from the Tools menu. Select View or change existing e-mail
accounts in the E-mail Accounts window that opens. This option lets you access
the list of accounts in the profile, which should include the Exchange account.
Click Add to add a new account, ensure that the POP3 radio button is selected
under Server Type, and click Next to continue. You can enter your dummy POP3
account information in the window that opens. Figure 2 shows the address
firstname.lastname@example.org for the user called Help Desk, which is also a
secondary proxy address for the user William.
To add a dummy POP3 account in Microsoft Office Outlook 2007, select Account
Settings from the Tools menu. Select the E-mail tab in the window that opens, and
click New. Ensure that the radio button is selected for the service option that
includes POP3, then click Next. Rather than using the default Auto Account
Setup, select the check box at the bottom of the window to manually configure
server settings, then click Next. Select Internet E-mail in the window that opens,
and click Next. In the next window that opens, the Your Name field should
contain the account name (e.g., Help Desk). The name of the POP3 mail server
isn’t especially important, because we won’t actually be receiving email for this
account—I typically enter localhost just to fill the field. The outbound SMTP mail
server typically should be the Exchange server that hosts the user’s mailbox,
although your company might have a different outbound SMTP server to use. In
my example in Figure 2, this server is mail.mojavemedia.com.
To be able to send messages using the Exchange server, the user must be
authenticated. Click More Settings and select the Outgoing Server tab, as Figure 3
shows. Add the AD account details for the user to automatically authenticate for
outbound email from this account. If the user isn’t configured to authenticate to
the Exchange server or outbound SMTP server, then external messages sent from
the proxy address will bounce back, declaring that address to be unable to relay.
The next step prevents Outlook from trying to retrieve POP3 email for this fake
account. In Outlook 2007 or 2003, select Send/Receive, Send/Receive Settings,
Define Send/Receive Groups from the Tools menu. In the Send/Receive Groups
window that opens, ensure that All Accounts is selected and click Edit. In the next
window that opens, select the POP3 account and clear the Receive mail items
check box, as Figure 4 shows. Click OK to confirm the change. Now, when the
user wants to send email outside of the company and show the mail as being
directly from a secondary address, such as email@example.com, he or she
can select an alternate account in the new message form, as Figure 5 shows.
The ability for users to send messages that appear to have come from a secondary address
is quite useful. Perhaps future versions of Exchange and Outlook will provide a server-
side solution that eliminates client-side hacks such as the Internet account option that I
suggest using. Third-party companies have solved this problem on the server side, so
Microsoft can undoubtedly do so as well.
End of Article
Ref : http://windowsitpro.com/article/articleid/98114/how-can-i-use-an-alternate-address-