Solved

Hide Internet Header Exchange 2007

Posted on 2009-05-20
13
851 Views
Last Modified: 2012-05-07
Hi all,

I want to know whether possible to hide internet header of outgoing emails. I found out how to hide internal IP Address, but I want to hide or virtually change if possible the domain name example: mx.domain.com to mx.seconddomain.com. The best would be to hide both name, and public IP if possible.

We are using four external different domain names, and we don't want them to show in IP header real name our internal domain.

Thank you for any input
0
Comment
Question by:ICOHelpdesk
  • 7
  • 4
  • 2
13 Comments
 
LVL 6

Accepted Solution

by:
shahsejal earned 200 total points
Comment Utility
Simply change the FQDN on the send connector.
0
 

Author Comment

by:ICOHelpdesk
Comment Utility
Thank you for your answer.

I can do it for one, but how to do it for 4 different domain, and not using an neutral one for all.
0
 
LVL 6

Expert Comment

by:shahsejal
Comment Utility
Using the same Send connector we cannot use multiple FQDN of different domains.
Also even if we try creating any transport rule, it cannot handle which Send connector with which FQDN to be used
0
 

Author Comment

by:ICOHelpdesk
Comment Utility
Than I have to use a general FQDN on the send connector to cover all.
But in that case if I'm not wrong, I have to add that FQDN to a public certificate in order to use TLS, and I don't know what Pubic Certificate Company will say, since they ask for different documentation, and in this case we cannot offer anything apart of domain ownership.
0
 
LVL 65

Expert Comment

by:Mestha
Comment Utility
Use a different certificate provider then.
GoDaddy do not ask for anything other than proof you control the domain by sending you an email to the registered address on the domain or by asking you to put a web page on the domain with a certain name.

A generic name is the only way to go, because Exchange doesn't route based on sender, only on recipient. You can only have one name on the FQDN on the connector.

Simon.
0
 

Author Comment

by:ICOHelpdesk
Comment Utility
It seems that we have no other options, but to use a generic name.

Is it enough to communicate encrypted using TLS if we add an additional FQDN in our public cert only for that generic name, meaning that 2 new other domains won't have their FQDN in our cert, but still can communicate encrypted through FQDN used on the  send connector, and internally. If so, how can I verify that communication is encrypted with other companies (of course if they support TLS).
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 300 total points
Comment Utility
If you want to use TLS, then to ensure that everyone that can use TLS does, the common name needs to match the MX record address.
That will mean the same MX record host name used for all domains, so that the remote server will connect to a name that matches the certificate. Not all email systems can cope with the SAN/UC certificates, so putting the names as additional names will not mean TLS will work (it can do, but only with servers that can use SAN/UC certificates, mainly other Exchange servers).

To confirm if the connection was over TLS, look in the headers. Exchange puts an extra line in the header.

Simon.
0
 

Author Comment

by:ICOHelpdesk
Comment Utility
I'm trying to figure out which is extra line in the header, and I found it in some emails coming from outside. Is this one given below that ensures TLS communications. It comes with some emails from some companies,

with Microsoft SMTP Server (TLS) id 8.1.358.0 ...

I'm receiving this line even from one domain that I'm sure doesn't have Public Certificate.
I've read somewhere that communcation between 2 different domains using Exchange 2007, and Public Certificate is by default encrypted. Is that true, or we need extra steps to make it.

Thank you for all help, and sorry for taking your to much time from you.
0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 300 total points
Comment Utility
For inbound email, it is not the remote side that has to have the certificate, it is your side. Exchange 2007 does opportunist TLS, so if it is available and the sending server supports it then it will be used. If you setup a certificate correctly then it will be surprising how much email will be sent over TLS.

Simon.
0
 

Author Comment

by:ICOHelpdesk
Comment Utility
So, lastly it means that since there is a line in some inbound with Microsoft SMTP Server (TLS) id 8.1.358.0 ...
0
 

Author Comment

by:ICOHelpdesk
Comment Utility
So, lastly  since there is a line in some inbound with Microsoft SMTP Server (TLS) id  ... it means that my Exchange is configured correctly, and we can communicate encrypted as regards of our part.
When I imported Public Certificate, I enabled it for SMTP, and IIS in the same time.
0
 
LVL 65

Expert Comment

by:Mestha
Comment Utility
If the header says TLS then it used TLS.

Simon.
0
 

Author Closing Comment

by:ICOHelpdesk
Comment Utility
Thank you guys.

You help me a lot to configuring multiple domain names in a single Mail Server, and to understand the way TLS works.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now