Before we jump directly on the solution, it will be vital to look at the background.
Working with Microsoft Exchange for a decade, specifically with multi-tenant Exchange deployments. I remember the days, when we use to segregate tenants via ACL approach, creating SG for a tenant, applying certain permissions on tenant AL, GAL, OAB and so on for segregation & Isolation. It was a nightmare, due to work load of support tickets because of all sort of misconfiguration, mistakes and on top of this very limited support by Microsoft itself because we were doing something critical to Exchange built-in nature.
Address Book Policy:
Later on with Exchange 2010 SP2, Microsoft came up with ABP (Address Book Policy) approach and wow it made our life easier, by migrating tenants from ACL based segregation to ABP based segregation. As it was from Microsoft so yes it was fully supported and we were confident that it will address all our segregation issues so that we could focus on the core business. But it proved us wrong and of course ABP made our horizon high to explore high level issues than we were focusing previously. It was a time when we found that tenants on a single Exchange platform while exchanging emails across, could see and explore that they are on a same Exchange hosting platform sharing same resources. They could see complete contact card of a sender, with their phone number, groups association and many more attributes that one would only want visible to their own GAL members.
With a passage of time, the concept of sender based routing agents came in picture, where using a combination of transport rules, smart host gateway and sender routing agent did a trick and make it possible to overcome this data loss issue, but again it was not out of the box, either you had to buy third part tool, with requirement of smart host and even then we have limitation like if we do CC.
ABP Routing Agent:
Finally in Exchange 2013 CU1 Microsoft come up with a ABP routing agent, which was really needed to take full advantage of ABP approach. In short ABP routing agent show / represent sender as an external contact if it is not associated with tenant ABP even residing on same exchange deployment but should be a member of another ABP.
In order to apply ABP routing Agent, follow below steps:
- Be patient for at least 30 minutes to see ABP routing agent in action
- You may face an issue of non-delivery report, for recipients with hide for address list checked. Please deploy 2013 CU2 to overcome this issue.