Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Inbound TLS on Exchange 2003

Posted on 2009-07-16
5
Medium Priority
?
606 Views
Last Modified: 2013-11-30
I've a Exchange 2003 server and I want to be able to accept incoming TLS from one source. I've installed a certificate. If the sending server requires TLS, will my default SMTP VS accept TLS? Even though I don't have "require tls" enabled?

I'd like to avoid setting up multiple VS and connectors if possible, since I only need to accept incoming TLS if it's required.
0
Comment
Question by:Jason Wilcox
  • 2
  • 2
5 Comments
 
LVL 65

Accepted Solution

by:
Mestha earned 375 total points
ID: 24873731
Exchange 2003 doesn't do opportunist TLS. It is either ON or OFF for all traffic.
Therefore you will need multiple SMTP virtual servers and if you want to have TLS going over port 25, multiple IP addresses. The remote side will need to know either the alternative port (465 is the usual port used) or the alternative IP address.

SMTP connectors are only concerned with outbound traffic, nothing to do with inbound, so additional connectors are not required.

Simon.
0
 
LVL 3

Author Comment

by:Jason Wilcox
ID: 24873792
I only want one way TLS (just incoming). The sender is requiring TLS on his Exchange server, I'm not. I ran a test and determined that the sender can send TLS to my server through the default VS when the sending server is set to require TLS.

I think the confusion here is that most cases are such that TLS is set to required on the recipient side as well, so then I would have to have two SMTP VS's.
0
 
LVL 11

Expert Comment

by:tmeunier
ID: 24874015
Well, when I want to set up TLS-required between two companies using Exchange Server 2003, what I do is I create SMTP connectors on each of the servers.  One for *, with a cost of 10 (for example), and one for othercompany.com with a cost of 5.  Then on THAT CONNECTOR, I require TLS.  I then make sure I've got the SSL certificate installed for the SMTP virtual server.  It sounds like you have that part all set, as does your business partner.   Now, company A and company B will ALWAYS communicate using TLS.  

Opportunistic TLS, as Mestha notes, is one of the upgrade benefits of Exchange 2007.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24874041
You will need to have two SMTP virtual servers to receive email on TLS - one that has TLS enabled, one that does not. You will also need to have a valid SSL certificate on the SMTP virtual server so that the session can be established.

Simon.
0
 
LVL 3

Author Comment

by:Jason Wilcox
ID: 24874108
I think i've not been clear in my circumstance. I have Exchange server A, the sender has Exchange server B. ExchB is set to only allow TLS when sending. ExchB is trying to send email to my ExchA. So as far as TLS is concerned, I'm only needing to be able to receive TLS from ExchB. I don't want to require all incoming email to ExchA be TLS.

In testing what I've found... Sending from ExchB to ExchA failed with TLS failed to connect errors. I installed a certificate on ExchA. Now ExchB can send using TLS to ExchA. I did not setup a second SMTP VS nor did I enable "require tls".

Thanks all for your input.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
There can be many situations demanding the conversion of Outlook OST files to PST format and as such, there is no shortage of automated tools to perform this conversion. However, what makes Stellar OST to PST converter stand above the rest? Let us e…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question