Solved

Signing certificates.

Posted on 2009-05-13
8
230 Views
Last Modified: 2012-05-06
Hi,
I have a group of users sharing an exchange mailbox and need to provide them with with a signing cet' .
Thing is I dont want to let them have access to the cert.
The mailbox is located on dedicated exchange server (it could just the same be on an exchange 2007 box if that is the case)..IIs there a way to implement digital sigening for all outging mail on an exchange server in general (or for a mailbox specificly) regardless of the user that sends?
In other words - the user would even be oblivious to the fact..?
0
Comment
Question by:Elad-a
  • 3
  • 3
  • 2
8 Comments
 
LVL 6

Expert Comment

by:AbhijeetNigam
Comment Utility
you can enable TLS on your SMTP gateway that will send mails signed at the SMTP gateway. So In this case user has no access to certificate

http://www.google.co.in/search?hl=en&q=how+to+enable+TLS+exchange+2007&meta=&aq=f&oq=
0
 
LVL 6

Expert Comment

by:AbhijeetNigam
Comment Utility
0
 

Author Comment

by:Elad-a
Comment Utility
Thanks for your response.
Once I implement that, what will the recipient (external to my organization) see, a signed Email?
The idea is that Id like the server to do the signing instead of the users within outlook (also I dont want the cert to be individual per user but per server or mailbox). And Id like all mail items that come out of that server to sign -so the recipient that receives a mail item from that account or server knows for a fact that it comes from my organization.
Thanks
0
 
LVL 65

Expert Comment

by:Mestha
Comment Utility
TLS doesn't sign emails. It is a server to server communication protocol. The content isn't touched. The recipient will not know that the message was transferred in that way unless they look at the headers.

If you want to sign the message then it needs to be done client side, which means the users will need to have the certificate in their Outlook.

Simon.
0
Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

 

Author Comment

by:Elad-a
Comment Utility
:-) thats exactly what i want to avoid.
0
 
LVL 65

Expert Comment

by:Mestha
Comment Utility
I don't think you can. The message needs to be signed at the point of creation before it is passed in the message transport system. The whole point of messaging signing is that the sender knows the message hasn't be interfered with.

Simon.
0
 

Author Comment

by:Elad-a
Comment Utility
Ya, I know. im looking for a way to get that done without client side intervention..
Is ther maybe a way to policy a cert onto a user account (without user interventilon at all)?
Or script it into their working environment (without user interventilon at all)?
Thanks

Jason.
0
 
LVL 65

Accepted Solution

by:
Mestha earned 500 total points
Comment Utility
I am not aware of any way that you can.
It might be possible to sign all emails, but that is all, certainly using native tools.

Simon.
0

Featured Post

Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

Join & Write a Comment

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now