Home » Exchange Server » Exchange Server 2007/2010: How to Change the Primary Email Domain

Exchange Server 2007/2010: How to Change the Primary Email Domain

A common scenario for Exchange Server administrators is a customer that needs to change their primary email addresses to a new domain name.

For example a company that uses @exchangeserverpro.net as their email address might be acquired, or merge, or simply be rebranding to another name and wants to use @practical365.com as their email address instead.

The Exchange Server administrator’s task is to:

  • Make the new primary email addresses of @practical365.com begin to work
  • Make the previous email addresses of @exchangeserverpro.net continue to work

There are two features of Exchange Server 2007/2010 that need to be changed for this to happen.

Accepted Domains

The first feature is the Accepted Domains. This is the feature that tells an Exchange 2007/2010 organization which domain names it will accept mail for, and how to treat that domain name.

Accepted domains can be authoritative (ie, the organization owns the domain name and uses it for mail recipients) or can be a relay domain (ie, the organization will accept the emails but send them elsewhere).

There are a few other options such as shared SMTP namespaces but for the purposes of this scenario we’re just dealing with authoritative domains.

To add a new domain name to the organization launch the Exchange Management Console and navigate to Organization Configuration/Hub Transport. Select the Accepted Domains tab to view the current list of domains.

In the Actions pane click on New Accepted Domain.

Enter a Name and the Accepted Domain itself. The name can really be anything you like but most administrators just make it the same as the domain they are adding.

Click New and then Finish to complete the wizard.

Note that if you have Edge Transport servers deployed in your network they will not receive the updated list of Accepted Domains until the next scheduled synchronization of the Edge Subscription.

Email Address Policies

Now that the new domain as been added as an Accepted Domain the next step is to configure an Email Address Policy.

Email Address Policies determine which SMTP addresses as are assigned to which objects in the organization, such as mailboxes, contacts, and distribution groups. Each organization has at least one Email Address Policy that by default will apply to all mail-enabled objects.

Here we can see mailbox users assigned with @exchangeserverpro.net email addresses.

In the Exchange Management Console navigate to Organization Configuration/Hub Transport, and then select the Email Address Policies tab.

In this scenario we’ll just modify the default policy for all mail-enabled objects. Right-click the Default Email Address Policy and select Edit.

Click Next to skip past the introduction and conditions, until you reach the Email Addresses part of the policy. Click on the Add button.

The Email address local part is an optional setting. If you do not specify one the Alias is used as the prefix of the email address. If you do specify one you can use the Alias or other combinations such as Firstname.Lastname.

Next type the domain name or click Browse to choose it from the list of Accepted Domains.

Click OK once you have configured the new SMTP email address. Select the newly added SMTP address and click on Set as Reply.

This will change the new address to bold, which means that it is the address that mail will appear to be sent from.  The other email addresses in the policy will allow people to continue to receive email sent to those addresses.

Click Next to continue. Now we can choose when the updated policy will be applied to recipients. Usually this will be immediately, however you can choose not make the changes without applying the policy, or schedule it for a later time.

Click Next, and then click Edit to complete the wizard. Depending on the size of your environment this may take some time to finish applying.

After the new policy has been applied you can see the change by refreshing the list of mailboxes. Notice that the primary SMTP addresses have changed from @practical365.com to @exchangeserverpro.net.

If you look at one recipient you can see that the new primary SMTP address has been applied by the policy, and the previous email address has been retained as well to allow mail sent to that address to continue to be received.

You can see that after these tasks have been completed the organization has had the primary email domain changed to a new one while preserving the existing one at the same time.

Paul is a Microsoft MVP for Office Servers and Services. He works as a consultant, writer, and trainer specializing in Office 365 and Exchange Server. Paul is a co-author of Office 365 for IT Pros and several other books, and is also a Pluralsight author.
Category: Exchange Server


  1. saleem says:

    thanks for valuable info..
    1) i did the same added new accepted domain abc.test.com
    applied a new mail box policy and the existing email addresses changed to abc.com
    and i can send and receive mails from internet with out any problem,.

    2) i added 3rd accepted domain and applied email address policies
    and i can send and receive mails to the 3rd domain xyz .com
    now i want to apply policies to the 3rd one so that mail will be delivered to only some of them in xyz.com
    any idea ?


      • Royal Wang says:

        I have one problem,

        i have 2 email address, one is primary SMTP@123.com and the other is alias@321.com
        first to say, i can receive the eamails from there 2 mailboxID
        due to business pruposes, i sometimes send emails with my alias as @321,but always failed.

        • Exchange doesn’t allow you to send from an alias on your own account. You’ll need to move that address to a different mailbox (like a shared mailbox) and configure SendAs permissions, or set it up as separate user mailbox and configure both accounts in your Outlook profile.

          • ozgur says:

            Hi thank you great information ..
            I need solution which is i have xx.aaa.com mail server and only use send email,

            But I need all mails sendin like aaa.com. is it possible like this..
            what can ı do.
            Thank you

  2. DCRG says:


    I have recently carried out the above to add a new accepted domain, and set it to be the reply address whilst leaving the original domain intact so external users can still email people on the old email address. is there a way to send an automatic reply to messages that are addressed to the old domain, whilst still ensuring the user receives the email message?

    I have had a play with Transport rule and selected the reject email message when the recipients email address contains XXXXX (the old email address) with a response of “blar blar blar” but this does not have the required results….

    Any help would be appreciated

    Any help would be appreciated

    • I’ve never really looked into this because I’ve never seen the need for it. The whole point of this config is so that mail can still be received on the old addresses but new mail is sent out to the new addresses.

      In my experience it is a situation that just naturally sorts itself out over time. The number of emails sent to the old domain name slowly diminishes.

      Is it that critical for you that you absolutely need to do it?

      • DCRG says:

        Hi Paul,

        Thank you for the reply.

        I agree completely and this is the first time i have ever looked into this for that very reason.
        I have been asked the question if this is possible to speed up the time it takes for external senders to start using the new email address.
        I have researched this for a few days and cannot find a suitable way of doing this?
        obviously Auto replies could be used, however this would be impractical as users would not be able to set their own OOF when needed.

        So im stuck really, if you have any ideas that would be great, if i ever get to the bottom of this i will update post…


      • Somebody subscribed to my newsletter list does this by the way. I get a “We’ve changed email domains” email every week when I send out the newsletter.

        It’s pretty annoying to be honest, since there is nothing I can do about it. They’ve signed up with that email address, I can’t change it to the new one for them 🙂

        Put yourself in the sender’s shoes… do they want to receive that auto-reply? Probably not. As long as their mail is getting through they probably don’t care 😉

    • Dan says:

      If it were up to me, I’d be happy just accepting mail on the new domain. But our management wants to send out an error message and accept the mail at the same time.

      We’re looking at the “send bounce message to sender with enhanced status code” option in hub transport, but it doesn’t look very promising. We can’t get it to trap on inbound messages send to the old domain name.

  3. Jim Sutherlin says:

    Since our exchange server requires SSL, do I need to obtain a new certificate with the 2nd domain added to it or would the authentication still happen with the “old” domain?


  4. Rasheedah says:

    hi paul,

    Great article(s) as always. I have situation similiar to this. I have 2010 installed in a 2003 exchange org. nothing has been moved over yet.

    the company wants to re-brand their email prior to migrating to 2010. the current mx record is abc.com. they want abcd.com. here is what i am thinking that needs to be done.

    1. add abcd.com mx record.
    2. add policy on exchange 2003 moved this to high priority
    3. re-do the cert but since this is for exchange 2003 how should this be done?

    i am not sure what needs to be done for external access it is webmail.abc.com but now needs to be webmail.abcd.com.

    Once this is done this should update in exchange 2010 automatically, i think.

    Please advise?


  5. What about setting a rule, that informs the sender with an automatic response that the address he sent the email to, is not used anymore. (emails to the old address will still be forwarded to the new account).
    is there any solution to do this on a exchange server? transport rules?

    Thanks ?_)

    • To be honest those types of auto-replies annoy the heck out of me. My view is that an address should either be silently accepted (eg as a secondary address on the mailbox, or by forwarding it wherever it needs to go), or otherwise it should hard bounce.

  6. Alastair says:

    We have already got a second accepted domain that was set up a while a go. I am trying to switch this second domain to being the primary so that the the sent email uses this domain name. (while still recieving emails on the original) neither is the domain for our site.

    When I changed Hub Transport – email policies – Default policy – as the second domain was already there I set it as the default. It updated but in Recipient Config – Mailboxes the Primary SMTP Domain had not updated.
    Do you think this is a time issue or Transport Role restart issue ?

    Also In Hub Trans – Accepted Domains how does changingthe accepted domain default to the new one change things ?

    Finally we have one Send Connector – however the FQDN now points to the original domain and not the new one.

    I have a SSL certificate attached to the original domain but am happy keeping the OWA on this address at present.
    Thanks !

  7. Jim Satterfield says:

    I am setting up a new Exchange server and we have multiple domains. In my testing I have set up authoritative accepted domains. I can configure it so that a user receives from multiple domains without any real problem. Is there a way for me to configure users who deal with more than one of these domains to be able to send email from an email address of their choice?

    Example: A customer service person provides support to both ABC Company and XYZ Limited. When they contact someone dealing with ABC they need to send from customerservice@abc.com and when dealing with a customer of XYZ they need to send from customerservice@xyz.com. I haven’t figured out how I can set this up yet and need an answer. Thanks in advance for any help anyone can provide.

  8. Samir says:

    Great Article !
    Recently, we had changed the primary address of users but this new address does not appear in outlook of clients. I have no problem with OWA it works fine

    Any suggestions.

      • Dawn says:

        Hi Paul,
        I’m having the same issue. We changed primary domain – but on the outlook client, the account is still displaying the old domain name. The top left where the mailbox name is displayed, and if you go into account settings, the mailbox name is still the old, and I can’t change it. Any suggestions without having to remove the mailbox and add new?

        • From what I can see that display doesn’t update without recreating the profile (you would want to test that though to be sure, before you go recreating everyone’s profiles).

  9. Alan Lumley says:

    This has worked, very good work and thanks very much for documenting the process, Paul.

    However I do have a small snag.

    In the interim of the changeover for all external contacts getting used to using the new email address, when the execs are receiving emails with multiple recipients to their old domain email address and try to do a reply all.

    They are automatically CC’ing themselves into the reply due to the primary send mail address being the new domain email instead of the prior one.

    Is there a way we can rectify this issue as it has put a halt on the migration.



      • Alan Lumley says:

        Hi Paul,

        Managed to pinpoint that it is only happening on Outlook 2011 on the MAC books.
        Outlook on the Windows clients have been clever enough to realise the 2 domains for one user is the same person and this does not cause any confusion.

  10. Andre Boom says:

    Hi Paul,

    Thanks for the great instructions, much appreciated.
    Would you be able to confirm if I can delete the old domain later on and if the users are able to use the new domain to log to on Outlook Web app?

    I had 123.org
    I added 456.org
    Is the user john able to log on to OWA on the new domain name ( 456.org ) and can I delete the old (123.org ) domain?

    • Their OWA logon will be their UPN, not email address. UPN has a similar format to email addresses, but is a different account attribute.

      If you change their UPNs to match their new email addresses, then they can use the new one to login.

      I generally don’t remove the old domains, unless it is a specific reason to, because you never know who might try to send them email to their old addresses for years to come.

  11. mk says:

    I have problem. I have 3 domains 1 old one and 2 new one’s. I can reseive masseges from all 3 domains. My primary mail address is changed correctly to @yyy.com, but when i sent mail using imap client like Thunderbird and leave old address as from (@xxx.com), then mail come to external or internal mailbox with old address not (@xxx.com) not default new one (@yyy.com). When I use OWA the from address is setup as new address and there is no problem

  12. mk says:

    My default accepted domain is yyy.com and primary smtp address is user@yyy.com.
    When i send email for external/internal users using OWA then address from is user@yyy.com, but using imap client mail come from address xxx.com.
    I found that when i change mail address on imap client server configuration to user@yyy.com then everything is OK.
    Probably i have to use address rewrite agent on my Hub Transport Server using

  13. Jeff says:

    Hi. We have an issue with meeting requests after the primary smtp address is changed. The attendee is not receiving updates for an existing recurring meeting after their primary smtp address was changed. When viewing the recurring meetings I would see the user listed twice, once with their old address and once with their new one. When the meeting organizer sent out changes they did not receive them. Any thoughts? Thanks.

  14. Raj says:

    You’re is just MARVELOUS . Thanks for sharing knowledge.

    Need another help. Is there any way to find out which admin has accessed which users mailbox. I suspect few our exchange administrator not following their ethics and i want to trap them..

    Appreciate your help.

  15. Josh says:

    Hey Paul,

    Great article. Is there a way in exchange 2010 to workaround having to manually create security groups in AD for users who want to receive from mulitple authoritative domains as well as send from these domains?

    Primary abc.com
    Secondary def.com
    Tertiary xyz.com

    They can receive mail using this method, however, is there an easy way so the users can send out from Outlook using the domain of their choice? In the past we have setup AD security groups and manipulated them with the secondary accounts so outlook could send using that account. Make sense?


  16. Freddy says:

    Hi Paul,

    I set a new accepted domain on my exchange 2010, in authoritative mode. My users on this accepted domain CAN SEND mail to internal and external mail adresses , also can receive mails from exchange users, but CAN’T RECEIVE any mails from internet.

    Can you help me ?

      • Freddy says:

        Yes, for sure. I’ve add mx on my dns server role. And that’s why I can send mails. And I can telnet my server.
        But receiving from internet is not possible. However I don’t reveine any error report from yahoo or gmail. It seems like the mails are well delivered.
        What I do is put a new UPN ( the same as the new accepted domain) and create new mailbox directly with this new domain. In the properties oh this user, his mailbox adresses are first the new domain one as default and the old domain (the active directory one) is the second mailbox

        • The MX record isn’t involved in you sending email, only receiving.

          Without knowing your domain name there’s not much else I can suggest other than you should go to mxtoolbox.com and start running tests.

  17. Andre Boom says:

    Don’t want to come between you guys but:

    Could it be that you have a 3th party spam filter between your mailbox server and the internet?
    Some spamfilters require that you add a domain and a forward address. Could it be that you missed/skipped this part?

  18. Freddy says:


    Great news, it works now. And as you told it, it was a stuff with the MX record. The solution to make it work was to add the ip public address oh the old domain on the new domain as a A record. And voilà … it works. I can send and receive from inside/outside office, on BB phones, on ipad, iphone, ANdroid tabets and phones.
    Thanks for your ideas on my problem !!

  19. Yves says:


    We have just done whats been discribes in this article. We moved from .be to .com Now since we have done that i get alot of complaince that people cant send mails to us getting a message back like this:

    Diagnostische gegevens voor beheerders:

    Server: XXX.ABC.be

    mail.OurDomain.be #554 5.7.1 This message has been blocked because the HELO/EHLO domain is invalid. ##

    Are there any other setting i need to reconfigure to make the work?

    • Look at the properties of your Send Connector. The FQDN used for HELO/EHLO must be externally resolvable. If there’s nothing configured there it will just use the name of the server. Either way, it has to be externally resolvable in DNS or a lot of servers will reject your mail.

      • Yves says:

        Thanks for the reply.

        There is a FQND thats externaly resolvable. I found the problem. It was our firewal that was checking HELO/EHLO after i did an upgrade of the firmware. Did some changed there and everything is working just fine again!

  20. Ira says:

    Hi Paul. Great article. I will be changing the primary domain name on an Exchange 2010 server per your steps. We have a number of iphone and android phone users getting their exchange mail via the active sync exchange account on their phones. What will be the impact on these phones after the primary domain name change on Exchange? Will we have to re-create all these phone email accounts?

  21. L Batchelor says:

    Hi Paul,

    Thanks for excellent article.

    For testing the smtp send by just 1 user can you configure the new accepted domain, add the new email policy but not apply the policy with “set as reply” for the new domain? ie leave existing domain as bold and default for email policy and use new domain as a usuable option but not the default “set as reply”.
    Not sure if you apply policy and just do not assign “set as reply” for the new domain.

    Can you then reconfigure 1 user in user email properties and change their “set as reply” to the new domain whilst the rest keep using the old domain until you apply policy for all users?

    Thanks in advance

  22. Alejandro says:


    Quick question I hope. I am running Exchange 2013, CU2. For accepted domains, is this only for incoming mail? If I do the steps above, only email will be accepted for each user? I can’t change the outgoing FROM field in outlook to show the same alias and a different domain that’s being accepted?

    For my company it’s very important because we are legally doing business as 1 name as well as the principle name. So do I need to setup a second exchange server? Or use a different mailbox for the different accepted domain?

    It’s weird because I sign into exchange with foo@domain1.com domain and it logs in, dls the email messages. Then When I change the from field to foo@domain2.com it works but foo@domain3.com does not work. It’s weird that it’s working for some and not others. I wonder what exchange does to determine to allow this or not.

  23. Christian says:

    Hi Paul, thanks for sharing.

    Imagine an Exchange 2010 scenario with two accepted domains: aaa.com and bbb.com, obviously there’s only one default smtp address, aaa.com.

    Imagine an user with two smtp addresses, user@aaa.com and user@bbb.com, he can receive in his mailbox emails addressed to any of those two email address.

    Imagine sometimes that user needs to send using user@aaa.com and sometimes needs to send using user@bbb.com, there’s any chance to let that user choose outgoing smtp address? I’m thinking about create a couple of powershell scripts (user will execute aaa.ps1 or bbb.ps1 when needed), but it’s risky, user can make a mistake easily…

    Any idea?

    Thank you

    • Yes. Everything in Exchange can be done in PowerShell.

      There isn’t one thing happening in this article though, it’s multiple things put together. So creating the new accepted domain is one part of it, modifying the email address policies is another.

  24. Bilal says:

    Would the Address Space tab under Send Connector require changing or the addition of the new domain. Currently we have our old domain , SMTP and Cost 1. Do I add the new domain to this list?

      • Galeboe Mogotsi says:

        Guys! Thank you very much, this article helped me a lot…we have just implemented changing primary Email Domain and it worked wonders.

  25. Gangaiyan says:

    Hi Paul,

    After changing the primary email address how do we address user outlook profile configuration which mean it’s still keep the old address name as top profile entry but we can recreate the profile in order to resolve but how can we do for all users? Please help me

  26. Laurent says:

    Hello all,

    Please consider 2 different forests that share the same email domain.
    Considering that they do not want to set mutual relation ships (trust one each other), is it possible to share between them the free/busy service?
    For example: domA.com and domB.net share id@myLAN.org email domain.
    Can a user user1@domA.com share its free/busy calendar to user7@domB.com ?
    How can the ‘autodiscover’ domain run? (See: http://blogs.technet.com/b/msukucc/archive/2013/11/27/cross-forest-free-busy-in-untrusted-forests.aspx)
    With best regards


  27. Stephen says:

    Thank You for the instructions, this worked great for us. I updated the email policy to reflect the new domain and that populated fine across the domain. How do you get the new domain to populate for Distribution list as well?

  28. Maggie says:

    We did this and switched our primary domain. We have one recipient that we can send to all day long, but if they respond to the email they get a bounce back, with this error
    The following recipient(s) cannot be reached:

    Server error: ‘550 5.1.1 … User unknown’

    however, if they send to our OLD primary address, it goes through fine. Any insight? This is a great article. Thanks for sharing your knowledge.

  29. Robert says:

    Hi Paul,
    Thank you for the tutorial. Since we’ve done this on our server everything seems to be working except for the Out of Office reply. Everyone is getting “Your automatic reply settings cannot be displayed because the server is currently unavailable” even though all other services seem to be working. Any ideas why this would stop after following these instructions? Thanks in advance!

    • OoF can break when the EWS virtual directory URLs and the SSL cert on the server are misconfigured. Check that the EWS virtual directory has the correct internal/external URLs for your environment, and that the SSL cert on the server has those URLs on it. The Application and System logs on the server sometimes also yield clues about other possible causes.

  30. Vicky says:

    Hi Paul,

    Thanks for the article. I have to updated the change the Primary SMTP and add 2 more domains to about 2000 mailboxes for a client. But I have found that the option “Automatically update email addresses based on email address policy” is un-checked on all the mailboxes !
    I guess the policy won’t work right? So can be the option.
    Please advise.

    Many thanks


    • Correct, without that option selected the email address policy won’t apply. You’ll need to either tick the box to let the policy apply, or run a script to manually add the addresses.

  31. Ryan says:

    Hi Paul,

    Great article, i just have a question. i have 1 domain and 1 exchange server i created additional 2 suffixes and those suffixes i also used when creating email. my problem is that the 2 suffixes i created can send email but cant received. what would be the problem?

  32. John Hoye says:

    Thank You Mr Cunningham, your documents and reddit posts and replies have done nothing but help me in my Exchange Administration experiences. If you have a book or t-shirts that I can purchase to support you, let me know 🙂

  33. Shyam Talke says:

    Hi Paul,

    I have gone through many blog sites and landed up here in search of solution to my query.
    We have Exchange 2013 environment where company.com is a default and is primary domain with Active Directory installed on same server. Few months later one new domain company2.in added as secondary in ecp. Now we need to place the company2.in as default and primary and make company.com as a discrete domain ( it may be possible through Multi-tenancy ). Simple words i dont want to have any relation with these two domains. How do i set Company2.in as my default and main ecp domain. Do i need to create new Active Directory for company2.com?

    Shyam T

  34. Roger Fontaine says:

    Is there a way to do this in stages? Step 1, add new authoritative domain. Step 2, add new address policy so we can receive mail, but not change the primary address yet? Step 3, go back a couple days later and change the policy to update the primary? This would allow us to verify incoming mail and make changes to some mailboxes that don’t have the checkmark to update policy, etc. Thanks in advance.

  35. Nino says:

    I have a question, which is related to changing the primary email domain however more to do with the Internal/External URL’s.

    We are already utilising the new domain name as the primary domain, however I would like to reconfigure all of the URL’s to the new domain also such as mail.olddomainname.com/owa to mail.newdomainname.com/owa, oab, autodiscover etc… now that I have purchased a new SAN certificate and can cover all of these URL’s.

    Is there an easy way to change these all in bulk, or do I just go through them all systematically ?

    For Exchange 2007.

    Thanks Paul!

    • Nino says:

      Or, am I best to just go through the EMC GUI, and change them all via Server Configuration>Client Access ?


  36. Mahmood says:

    Do I need to change the CAS URLs? like Auto discover URL?
    Is the Outlook client going to use new domain or old one?

  37. Niyas says:

    Hi, I am facing one problem, here we have several accepted domains.

    consider we have 123.com, abc.com, xyz.com etc, and have many mailboxes.
    some are having 123.com as primary SMTP some are having abc.com as primary SMTP and some are having xyz.com as primary SMTP.
    Now am in a situation that ONLY users having 123.com as primary SMTP need to be changed to abc.com as primary SMTP, no changes should happen to xyz.com, is there any way I can change it without going to every mailbox and change it manually, No idea how I will do it. It will take days to change all manually.

  38. ajendra says:

    Hi Paul,

    I am facing some issue regarding Email Address policy, we have changed our smtp domain address earliar it was @tpc.com and now its changed to @cpl.com the problem is that we have added email address policy and that is replacting to upto 800 mailbox only after that its stoping not changing for rest of mailbox out of 3000,, and second one is how to apply changes for those mailbox whose having “unchecked box for automatically update email address” for some mailbox we have added manually smtp address other than standard address for other as “first name last name” but for these mailbox we have created there emails with different common name. so for these mailbox we are unable to apply the New Email address policy please suggest how to do that we are in middile in this activity.

  39. NewTechie says:

    Hi Paul,

    Could I pick your brain on this problem please?

    We’ve recently moved from Exchange 2003 (domain “A”) to 2010 (domain “B”) with new servers too.

    When outlook 2010 opens for some of our users, it states “the server is unavailable” and if I click ‘work offline’ the wrong server is shown in the ‘general’ tab of the box that opens. It says “ExchangeSVR.a.internal” instead of NewExch.b.internal. For other users, it seems to work fine.

    My question is, how does the Outlook client know which server to go to when creating a profile for the first time? I’m guessing I need to make a change somewhere to remove the old server & domain entry, but would this be on the Exchange Management Console/Powershell or is it set when Outlook gets installed?

    Our users are still on Domain “a”.
    Our PCs and the new exchange server is on Domain “b”.
    ExchangeSVR no longer even exists.

    Should there be an entry in DNS on either domains for autodiscover, as I cannot find anything.

    If you need any further information, please let me know.

    Thanks in advance!

Leave a Reply

Your email address will not be published. Required fields are marked *