Solved

Signing certificates.

Posted on 2009-05-13
8
237 Views
Last Modified: 2012-05-06
Hi,
I have a group of users sharing an exchange mailbox and need to provide them with with a signing cet' .
Thing is I dont want to let them have access to the cert.
The mailbox is located on dedicated exchange server (it could just the same be on an exchange 2007 box if that is the case)..IIs there a way to implement digital sigening for all outging mail on an exchange server in general (or for a mailbox specificly) regardless of the user that sends?
In other words - the user would even be oblivious to the fact..?
0
Comment
Question by:Elad-a
  • 3
  • 3
  • 2
8 Comments
 
LVL 6

Expert Comment

by:AbhijeetNigam
ID: 24375096
you can enable TLS on your SMTP gateway that will send mails signed at the SMTP gateway. So In this case user has no access to certificate

http://www.google.co.in/search?hl=en&q=how+to+enable+TLS+exchange+2007&meta=&aq=f&oq=
0
 
LVL 6

Expert Comment

by:AbhijeetNigam
ID: 24375107
0
 

Author Comment

by:Elad-a
ID: 24375533
Thanks for your response.
Once I implement that, what will the recipient (external to my organization) see, a signed Email?
The idea is that Id like the server to do the signing instead of the users within outlook (also I dont want the cert to be individual per user but per server or mailbox). And Id like all mail items that come out of that server to sign -so the recipient that receives a mail item from that account or server knows for a fact that it comes from my organization.
Thanks
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 65

Expert Comment

by:Mestha
ID: 24377233
TLS doesn't sign emails. It is a server to server communication protocol. The content isn't touched. The recipient will not know that the message was transferred in that way unless they look at the headers.

If you want to sign the message then it needs to be done client side, which means the users will need to have the certificate in their Outlook.

Simon.
0
 

Author Comment

by:Elad-a
ID: 24382296
:-) thats exactly what i want to avoid.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24382751
I don't think you can. The message needs to be signed at the point of creation before it is passed in the message transport system. The whole point of messaging signing is that the sender knows the message hasn't be interfered with.

Simon.
0
 

Author Comment

by:Elad-a
ID: 24382850
Ya, I know. im looking for a way to get that done without client side intervention..
Is ther maybe a way to policy a cert onto a user account (without user interventilon at all)?
Or script it into their working environment (without user interventilon at all)?
Thanks

Jason.
0
 
LVL 65

Accepted Solution

by:
Mestha earned 500 total points
ID: 24394211
I am not aware of any way that you can.
It might be possible to sign all emails, but that is all, certainly using native tools.

Simon.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question