MFCrow
asked on
New SMTP FE server that will host TLS certificate
I have set up an new Frent End Exchange server that will be used to pass TLS traffic.
I already have the Ceritificate and Loaded it on the server.
The question I have is - Does the name of the certificate need to match the name of the server or does the certificate just need to match the MX record you have posted in DNS.
Currently when users try and send to the new server they get the message that the server does not except TLS traffic.
I already have the Ceritificate and Loaded it on the server.
The question I have is - Does the name of the certificate need to match the name of the server or does the certificate just need to match the MX record you have posted in DNS.
Currently when users try and send to the new server they get the message that the server does not except TLS traffic.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
A quick telnet to your server indicates that it wants to start a TLS session on port 25.
Have you tested this yourself? You can make Outlook Express use TLS and it should then be in the SMTP headers of the sent message that TLS was used.
Simon.
Have you tested this yourself? You can make Outlook Express use TLS and it should then be in the SMTP headers of the sent message that TLS was used.
Simon.
ASKER
The actual cuase was the fire wall. When a new pix is installed it automatically blocked port 25 until you told it not to.
Thanks for the help.
Thanks for the help.
ASKER
Final-Recipient: rfc822;xxxxxxx@incresearch
Diagnostic-Code: smtp; 5.7.4 Your mail administrator requires that all email addressed to this domain <incresearch.com> is delivered over a secure channel using SSL. The recipient server does not support extended SMTP options. Contact your mail administrator to verify that mail to this domain <incresearch.com> must be delivered over a secure channel.
Remote-MTA: dns; mx1.incresearch.com
Action: failed
Status: 5.0.0
What am I missing??????