Solved

Secure POP3 and SMTP using SSL

Posted on 2006-06-20
3
666 Views
Last Modified: 2006-11-18
Hi,

I have windows 2003 and MS Exchange 2003 in the organization i work for. Some of the users need to access their email from outside the office. So I'm planning to setup secure POP3 and SMTP using SSL certificate for this purpose.

When a user is outside the office, I want to him/her to be able to connect to the Exchange using POP3 (SSL) and when they want to send mail out, they will send to the office Exchange SMTP server securely using SSL as well.


So question are:

1. do I have to buy two SSL certificates for this purpose? because I want to secure both POP3 and SMTP.

2. How do I configure the Exchange 2003 server to allow both secure and non secure connection (POP3 and SMTP). Because for internal user, there is no need for them to connect securely. but for external user, they have to connect securely.


Thanks,

mrpc_cambodia

0
Comment
Question by:mrpc_cambodia
  • 2
3 Comments
 
LVL 104

Accepted Solution

by:
Sembee earned 50 total points
ID: 16956317
One certificate is fine.
I usually purchase the certificate through IIS for web (so that OWA is protected) then export the certificate and import for the other virtual servers.

You should configure additional ports on the server for the secure version of the protocols.

IMAP: 993
SMTP: 465 (TLS)
POP3: 995 (also known as SPOP3)

If you don't, then you may have problems with sending email, as many sites will block port 25.
Note I said ADDITIONAL ports - as Exchange will support SSL on the native ports as well.
You will probably need to reconfigure the clients, so make it work inside as well as outside.

Can you not use RPC over HTTPS though?

Simon.
0
 

Author Comment

by:mrpc_cambodia
ID: 16957138
Actually RPC over HTTPS is good. but in my environment, users are using POP3.

I want to know when I request a certificate, for the common name, should I use my real internet DNS name or my local netbios name.

The reason I ask is like this: my mail server is behind a firewall/NAT server. so in reality, my mail server is local to my LAN. so it makes me confuse what name I should use for the common name to request the certificate.

so can you guide me so I can clear this out?

Thanks,
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 50 total points
ID: 16959839
Common name is what the users will enter in to their browser. It will not be the netbios name as that isn't what the users will be entering.

Certificate use three things to check...

1. Is the certificate valid
2. Was it issued by someone I trust
3. Does the name on the certificate match the name I am accessing.

Any of those fail, then everything fails.

Simon.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
AD RMS - Exchange 2010 3 37
Exchange 2007 not reaching Rackspace servers 7 29
Exchange 2016 Autodiscover error 401 unauthorized 28 39
Can't send to contact 6 39
Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

948 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now