Solved

Hide Internet Header Exchange 2007

Posted on 2009-05-20
13
897 Views
Last Modified: 2012-05-07
Hi all,

I want to know whether possible to hide internet header of outgoing emails. I found out how to hide internal IP Address, but I want to hide or virtually change if possible the domain name example: mx.domain.com to mx.seconddomain.com. The best would be to hide both name, and public IP if possible.

We are using four external different domain names, and we don't want them to show in IP header real name our internal domain.

Thank you for any input
0
Comment
Question by:ICOHelpdesk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
  • 2
13 Comments
 
LVL 6

Accepted Solution

by:
shahsejal earned 200 total points
ID: 24434162
Simply change the FQDN on the send connector.
0
 

Author Comment

by:ICOHelpdesk
ID: 24434510
Thank you for your answer.

I can do it for one, but how to do it for 4 different domain, and not using an neutral one for all.
0
 
LVL 6

Expert Comment

by:shahsejal
ID: 24435750
Using the same Send connector we cannot use multiple FQDN of different domains.
Also even if we try creating any transport rule, it cannot handle which Send connector with which FQDN to be used
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:ICOHelpdesk
ID: 24435947
Than I have to use a general FQDN on the send connector to cover all.
But in that case if I'm not wrong, I have to add that FQDN to a public certificate in order to use TLS, and I don't know what Pubic Certificate Company will say, since they ask for different documentation, and in this case we cannot offer anything apart of domain ownership.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24436109
Use a different certificate provider then.
GoDaddy do not ask for anything other than proof you control the domain by sending you an email to the registered address on the domain or by asking you to put a web page on the domain with a certain name.

A generic name is the only way to go, because Exchange doesn't route based on sender, only on recipient. You can only have one name on the FQDN on the connector.

Simon.
0
 

Author Comment

by:ICOHelpdesk
ID: 24444024
It seems that we have no other options, but to use a generic name.

Is it enough to communicate encrypted using TLS if we add an additional FQDN in our public cert only for that generic name, meaning that 2 new other domains won't have their FQDN in our cert, but still can communicate encrypted through FQDN used on the  send connector, and internally. If so, how can I verify that communication is encrypted with other companies (of course if they support TLS).
0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 300 total points
ID: 24444730
If you want to use TLS, then to ensure that everyone that can use TLS does, the common name needs to match the MX record address.
That will mean the same MX record host name used for all domains, so that the remote server will connect to a name that matches the certificate. Not all email systems can cope with the SAN/UC certificates, so putting the names as additional names will not mean TLS will work (it can do, but only with servers that can use SAN/UC certificates, mainly other Exchange servers).

To confirm if the connection was over TLS, look in the headers. Exchange puts an extra line in the header.

Simon.
0
 

Author Comment

by:ICOHelpdesk
ID: 24450286
I'm trying to figure out which is extra line in the header, and I found it in some emails coming from outside. Is this one given below that ensures TLS communications. It comes with some emails from some companies,

with Microsoft SMTP Server (TLS) id 8.1.358.0 ...

I'm receiving this line even from one domain that I'm sure doesn't have Public Certificate.
I've read somewhere that communcation between 2 different domains using Exchange 2007, and Public Certificate is by default encrypted. Is that true, or we need extra steps to make it.

Thank you for all help, and sorry for taking your to much time from you.
0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 300 total points
ID: 24455593
For inbound email, it is not the remote side that has to have the certificate, it is your side. Exchange 2007 does opportunist TLS, so if it is available and the sending server supports it then it will be used. If you setup a certificate correctly then it will be surprising how much email will be sent over TLS.

Simon.
0
 

Author Comment

by:ICOHelpdesk
ID: 24466230
So, lastly it means that since there is a line in some inbound with Microsoft SMTP Server (TLS) id 8.1.358.0 ...
0
 

Author Comment

by:ICOHelpdesk
ID: 24466264
So, lastly  since there is a line in some inbound with Microsoft SMTP Server (TLS) id  ... it means that my Exchange is configured correctly, and we can communicate encrypted as regards of our part.
When I imported Public Certificate, I enabled it for SMTP, and IIS in the same time.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24466375
If the header says TLS then it used TLS.

Simon.
0
 

Author Closing Comment

by:ICOHelpdesk
ID: 31583600
Thank you guys.

You help me a lot to configuring multiple domain names in a single Mail Server, and to understand the way TLS works.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
Suggested Courses
Course of the Month8 days, 14 hours left to enroll

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question