Solved

Signing certificates.

Posted on 2009-05-13
8
234 Views
Last Modified: 2012-05-06
Hi,
I have a group of users sharing an exchange mailbox and need to provide them with with a signing cet' .
Thing is I dont want to let them have access to the cert.
The mailbox is located on dedicated exchange server (it could just the same be on an exchange 2007 box if that is the case)..IIs there a way to implement digital sigening for all outging mail on an exchange server in general (or for a mailbox specificly) regardless of the user that sends?
In other words - the user would even be oblivious to the fact..?
0
Comment
Question by:Elad-a
  • 3
  • 3
  • 2
8 Comments
 
LVL 6

Expert Comment

by:AbhijeetNigam
ID: 24375096
you can enable TLS on your SMTP gateway that will send mails signed at the SMTP gateway. So In this case user has no access to certificate

http://www.google.co.in/search?hl=en&q=how+to+enable+TLS+exchange+2007&meta=&aq=f&oq=
0
 
LVL 6

Expert Comment

by:AbhijeetNigam
ID: 24375107
0
 

Author Comment

by:Elad-a
ID: 24375533
Thanks for your response.
Once I implement that, what will the recipient (external to my organization) see, a signed Email?
The idea is that Id like the server to do the signing instead of the users within outlook (also I dont want the cert to be individual per user but per server or mailbox). And Id like all mail items that come out of that server to sign -so the recipient that receives a mail item from that account or server knows for a fact that it comes from my organization.
Thanks
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24377233
TLS doesn't sign emails. It is a server to server communication protocol. The content isn't touched. The recipient will not know that the message was transferred in that way unless they look at the headers.

If you want to sign the message then it needs to be done client side, which means the users will need to have the certificate in their Outlook.

Simon.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:Elad-a
ID: 24382296
:-) thats exactly what i want to avoid.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24382751
I don't think you can. The message needs to be signed at the point of creation before it is passed in the message transport system. The whole point of messaging signing is that the sender knows the message hasn't be interfered with.

Simon.
0
 

Author Comment

by:Elad-a
ID: 24382850
Ya, I know. im looking for a way to get that done without client side intervention..
Is ther maybe a way to policy a cert onto a user account (without user interventilon at all)?
Or script it into their working environment (without user interventilon at all)?
Thanks

Jason.
0
 
LVL 65

Accepted Solution

by:
Mestha earned 500 total points
ID: 24394211
I am not aware of any way that you can.
It might be possible to sign all emails, but that is all, certainly using native tools.

Simon.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
Read this checklist to learn more about the 15 things you should never include in an email signature.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
how to add IIS SMTP to handle application/Scanner relays into office 365.

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now