Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Secure POP3 and SMTP using SSL

Posted on 2006-06-20
3
Medium Priority
?
675 Views
Last Modified: 2006-11-18
Hi,

I have windows 2003 and MS Exchange 2003 in the organization i work for. Some of the users need to access their email from outside the office. So I'm planning to setup secure POP3 and SMTP using SSL certificate for this purpose.

When a user is outside the office, I want to him/her to be able to connect to the Exchange using POP3 (SSL) and when they want to send mail out, they will send to the office Exchange SMTP server securely using SSL as well.


So question are:

1. do I have to buy two SSL certificates for this purpose? because I want to secure both POP3 and SMTP.

2. How do I configure the Exchange 2003 server to allow both secure and non secure connection (POP3 and SMTP). Because for internal user, there is no need for them to connect securely. but for external user, they have to connect securely.


Thanks,

mrpc_cambodia

0
Comment
Question by:mrpc_cambodia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 104

Accepted Solution

by:
Sembee earned 200 total points
ID: 16956317
One certificate is fine.
I usually purchase the certificate through IIS for web (so that OWA is protected) then export the certificate and import for the other virtual servers.

You should configure additional ports on the server for the secure version of the protocols.

IMAP: 993
SMTP: 465 (TLS)
POP3: 995 (also known as SPOP3)

If you don't, then you may have problems with sending email, as many sites will block port 25.
Note I said ADDITIONAL ports - as Exchange will support SSL on the native ports as well.
You will probably need to reconfigure the clients, so make it work inside as well as outside.

Can you not use RPC over HTTPS though?

Simon.
0
 

Author Comment

by:mrpc_cambodia
ID: 16957138
Actually RPC over HTTPS is good. but in my environment, users are using POP3.

I want to know when I request a certificate, for the common name, should I use my real internet DNS name or my local netbios name.

The reason I ask is like this: my mail server is behind a firewall/NAT server. so in reality, my mail server is local to my LAN. so it makes me confuse what name I should use for the common name to request the certificate.

so can you guide me so I can clear this out?

Thanks,
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 200 total points
ID: 16959839
Common name is what the users will enter in to their browser. It will not be the netbios name as that isn't what the users will be entering.

Certificate use three things to check...

1. Is the certificate valid
2. Was it issued by someone I trust
3. Does the name on the certificate match the name I am accessing.

Any of those fail, then everything fails.

Simon.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The core idea of this article is to make you acquainted with the best way in which you can export Exchange mailbox to PST format.
This month, Experts Exchange sat down with resident SQL expert, Jim Horn, for an in-depth look into the makings of a successful career in SQL.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question