Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 224
  • Last Modified:

Digital Certificate Advice

Hello,

I need to ensure that clients know that an email we send to them has actually come from our email server and has not been "spoofed" from another compromised email server.  I assume I need to digitally sign all emails that go out of our exchange 2003 server at a domain name level if possible.  I cant seem to find the right certificates to do this job as the Digital Signatures seem to be personal and not company wide / enterprise level.  Do you have any suggestions for the best way to achieve my goals?  I am happy to look at other third party products if required.

Thanks
0
cloughs
Asked:
cloughs
  • 2
3 Solutions
 
lamaslanyCommented:
I hope you are prepared for a lot of work!  :)

If I were to do this I would set up an internal public key infrastructure and distrubute the root certificate to the clients' that needed it.  

Or are you looking to avoid the root certificate distribution issue?  If so you may be able to get your PKI it cross-signed by a trusted third party (one of the big one's that most OS/browsers trust).
0
 
cloughsAuthor Commented:
Yes well I dont want to have to give out keys to all the clients that we email, an easy to use ongoing solution would be the best.  Is it not a common thing to do then for large companies to sign their emails etc?
0
 
lamaslanyCommented:
Not that I've seen.

Two that you might want to take a look at:

http://www.verisign.com/authentication/individual-authentication/digital-id/index.html
http://www.comodo.com/products/secure_messaging/

If you want to dispense with the in-house PKI you could look into managed services.
0
 
ParanormasticCryptographic EngineerCommented:
Digital signatures need to match the email address they are sent from, not the server.  If you are looking for a server gated solution, you might find  what you are looking for with PGP by adding a hash or something, but I have a feeling you will probably still fall short of what you are looking for.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now