Solved

Exchange 2003 SBS - POP3 Connector - get AND send SSL Mail

Posted on 2006-10-21
5
931 Views
Last Modified: 2008-03-17
We have an Exchange 2003 SBS (SP2) and want to handle also our secure e-mail through the server. Usually we don't use the POP3 connector. Of course from the provider of the e-mail we get only configuration infos for e-mail clients, not for servers. Now I want to get the post and, I think harder, I want also to send SSL e-mails through the server. My idea (I do not know if possible) is that, from within Outlook, I use an other user as sender (from...) and then automatically starts the e-mail through the secure channel.

We do not want to send every e-mail through the secure channel, because the have a lot of other limits and a high cost.

The infos that I get from the provider are these:
e-mail server for incoming: POP3/IMAP, name: mbox.cert.legalmail.it. It needs a protected connections and uses the POP3S port (995) or IMAPS (993).
Server for outgoing: sendm.cert.legalmail.it. I need to comunicate through SSL (port 465).

Further they have a public certificate that they use for signing the e-mails (I do not think that this is a problem).

Of course my scope is that everything works through the server and that I have not to install/configure anything on the client side. I understand that I can handle the POP3S with the server and the SMTPS part with local Outlook client, but this is not what I wish.

The question is not very urgent but I think not easy.

Of course I would prefer to use free products (including the POP3 Connector delivered with SBS) but I accept also answers where I have to buy third-part products. In this case I look for tools that make only this, I do not accept to buy with this POP3 Connector 5 other services that I don't need or already have covered with other products (i.e. Fax, Antispam, Antivirus, e-mail recording, ecc.)

For a full resolution full points, for a parcial (only POP3S with a free tool) half points.
0
Comment
Question by:BrunoSABE
  • 2
5 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 17780789
What benefit do you think you are getting from using secure transport? Unless you are sending the email directly to a remote server AND that remove server supports secure connections (the vast majority of SMTP servers do not) you will not be sending email in a secure manner.

If you are sending email to another recipient on the internet, then you can make the connection between your server and the ISPs server secure, but that is as far as the security of the message will go. Once the email messages go out to the internet it will be in the clear.

You cannot control the delivery mechanism based on the sender. Exchange routes everything by the recipient. Therefore your idea of using a different from account to force email to go down the secure channel isn't going to work.

For the most effective email delivery, use SMTP. Bypass the ISP totally and the POP3 connector. Having a secure connection between your server and the ISP is not much of a benefit at all. The only reason for having a secure connection would be to protect your username and password - but if you are having your email delivered by SMTP then you don't have a username and password to protect.

Rather than trying to use a facility that the ISP has provided, which on the surface looks like something useful to have, look at what you are trying to achieve and whether the solution is appropriate.

Simon.
0
 

Author Comment

by:BrunoSABE
ID: 17783008
Thankyou for your explanation, but I hope to explain in short word the use of the secure channel:
here in Italy there exists a law that has created some (about 15) "Secure e-mail providers". They have to meet several technical standards so that the whole channel from sending untill the final destination is secure (of course only if also the destinator of my e-mail has a secure account with one of the 15 providers). Furthermore, they have to track ALL of the e-mail (including the content) for 36 month from sending. Now, if I send or get an e-mail through this channel, it is from the legal matter like a registered letter (with proof of receipt within 3 days of sending, no difference if the recepeint has read or not the e-mail).

Furthermore, every company has got automatically, through the chamber of commerce, an secure e-mail.

So you may understand, why it is important for me to implement this system

thank in advance to everyone and sorry for my english
Bruno
0
 
LVL 104

Accepted Solution

by:
Sembee earned 400 total points
ID: 17783907
If you know what domains are going to use the secure connections then you could use an SMTP Connector to route email via the service providers system.

For inbound email I would ask the service provider if they support ETRN, so that you can avoid using the awful POP3 connector.

However I think that your best option might be to speak to Microsoft. If legislation has been brought in to mandate the use of secure email then you will not be the only company that needs to make changes to the way that they work. Large companies are not going to use a POP3 connector to collect email from an ISP - it just doesn't happen. You need to find out what others are doing.

Simon.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now