Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Hide Internet Header Exchange 2007

Posted on 2009-05-20
13
Medium Priority
?
903 Views
Last Modified: 2012-05-07
Hi all,

I want to know whether possible to hide internet header of outgoing emails. I found out how to hide internal IP Address, but I want to hide or virtually change if possible the domain name example: mx.domain.com to mx.seconddomain.com. The best would be to hide both name, and public IP if possible.

We are using four external different domain names, and we don't want them to show in IP header real name our internal domain.

Thank you for any input
0
Comment
Question by:ICOHelpdesk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
  • 2
13 Comments
 
LVL 6

Accepted Solution

by:
shahsejal earned 800 total points
ID: 24434162
Simply change the FQDN on the send connector.
0
 

Author Comment

by:ICOHelpdesk
ID: 24434510
Thank you for your answer.

I can do it for one, but how to do it for 4 different domain, and not using an neutral one for all.
0
 
LVL 6

Expert Comment

by:shahsejal
ID: 24435750
Using the same Send connector we cannot use multiple FQDN of different domains.
Also even if we try creating any transport rule, it cannot handle which Send connector with which FQDN to be used
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 

Author Comment

by:ICOHelpdesk
ID: 24435947
Than I have to use a general FQDN on the send connector to cover all.
But in that case if I'm not wrong, I have to add that FQDN to a public certificate in order to use TLS, and I don't know what Pubic Certificate Company will say, since they ask for different documentation, and in this case we cannot offer anything apart of domain ownership.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24436109
Use a different certificate provider then.
GoDaddy do not ask for anything other than proof you control the domain by sending you an email to the registered address on the domain or by asking you to put a web page on the domain with a certain name.

A generic name is the only way to go, because Exchange doesn't route based on sender, only on recipient. You can only have one name on the FQDN on the connector.

Simon.
0
 

Author Comment

by:ICOHelpdesk
ID: 24444024
It seems that we have no other options, but to use a generic name.

Is it enough to communicate encrypted using TLS if we add an additional FQDN in our public cert only for that generic name, meaning that 2 new other domains won't have their FQDN in our cert, but still can communicate encrypted through FQDN used on the  send connector, and internally. If so, how can I verify that communication is encrypted with other companies (of course if they support TLS).
0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 1200 total points
ID: 24444730
If you want to use TLS, then to ensure that everyone that can use TLS does, the common name needs to match the MX record address.
That will mean the same MX record host name used for all domains, so that the remote server will connect to a name that matches the certificate. Not all email systems can cope with the SAN/UC certificates, so putting the names as additional names will not mean TLS will work (it can do, but only with servers that can use SAN/UC certificates, mainly other Exchange servers).

To confirm if the connection was over TLS, look in the headers. Exchange puts an extra line in the header.

Simon.
0
 

Author Comment

by:ICOHelpdesk
ID: 24450286
I'm trying to figure out which is extra line in the header, and I found it in some emails coming from outside. Is this one given below that ensures TLS communications. It comes with some emails from some companies,

with Microsoft SMTP Server (TLS) id 8.1.358.0 ...

I'm receiving this line even from one domain that I'm sure doesn't have Public Certificate.
I've read somewhere that communcation between 2 different domains using Exchange 2007, and Public Certificate is by default encrypted. Is that true, or we need extra steps to make it.

Thank you for all help, and sorry for taking your to much time from you.
0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 1200 total points
ID: 24455593
For inbound email, it is not the remote side that has to have the certificate, it is your side. Exchange 2007 does opportunist TLS, so if it is available and the sending server supports it then it will be used. If you setup a certificate correctly then it will be surprising how much email will be sent over TLS.

Simon.
0
 

Author Comment

by:ICOHelpdesk
ID: 24466230
So, lastly it means that since there is a line in some inbound with Microsoft SMTP Server (TLS) id 8.1.358.0 ...
0
 

Author Comment

by:ICOHelpdesk
ID: 24466264
So, lastly  since there is a line in some inbound with Microsoft SMTP Server (TLS) id  ... it means that my Exchange is configured correctly, and we can communicate encrypted as regards of our part.
When I imported Public Certificate, I enabled it for SMTP, and IIS in the same time.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24466375
If the header says TLS then it used TLS.

Simon.
0
 

Author Closing Comment

by:ICOHelpdesk
ID: 31583600
Thank you guys.

You help me a lot to configuring multiple domain names in a single Mail Server, and to understand the way TLS works.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
One-stop solution for Exchange Administrators to address all MS Exchange Server issues, which is known by the name of Stellar Exchange Toolkit.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question