Signing certificates.

Hi,
I have a group of users sharing an exchange mailbox and need to provide them with with a signing cet' .
Thing is I dont want to let them have access to the cert.
The mailbox is located on dedicated exchange server (it could just the same be on an exchange 2007 box if that is the case)..IIs there a way to implement digital sigening for all outging mail on an exchange server in general (or for a mailbox specificly) regardless of the user that sends?
In other words - the user would even be oblivious to the fact..?
Elad-aAsked:
Who is Participating?
 
MesthaConnect With a Mentor Commented:
I am not aware of any way that you can.
It might be possible to sign all emails, but that is all, certainly using native tools.

Simon.
0
 
AbhijeetNigamCommented:
you can enable TLS on your SMTP gateway that will send mails signed at the SMTP gateway. So In this case user has no access to certificate

http://www.google.co.in/search?hl=en&q=how+to+enable+TLS+exchange+2007&meta=&aq=f&oq=
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Elad-aAuthor Commented:
Thanks for your response.
Once I implement that, what will the recipient (external to my organization) see, a signed Email?
The idea is that Id like the server to do the signing instead of the users within outlook (also I dont want the cert to be individual per user but per server or mailbox). And Id like all mail items that come out of that server to sign -so the recipient that receives a mail item from that account or server knows for a fact that it comes from my organization.
Thanks
0
 
MesthaCommented:
TLS doesn't sign emails. It is a server to server communication protocol. The content isn't touched. The recipient will not know that the message was transferred in that way unless they look at the headers.

If you want to sign the message then it needs to be done client side, which means the users will need to have the certificate in their Outlook.

Simon.
0
 
Elad-aAuthor Commented:
:-) thats exactly what i want to avoid.
0
 
MesthaCommented:
I don't think you can. The message needs to be signed at the point of creation before it is passed in the message transport system. The whole point of messaging signing is that the sender knows the message hasn't be interfered with.

Simon.
0
 
Elad-aAuthor Commented:
Ya, I know. im looking for a way to get that done without client side intervention..
Is ther maybe a way to policy a cert onto a user account (without user interventilon at all)?
Or script it into their working environment (without user interventilon at all)?
Thanks

Jason.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.