Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How do we encrypt all external emails using exchange 2010?

Posted on 2011-03-01
9
Medium Priority
?
1,484 Views
Last Modified: 2012-05-11
My CIO wants me to encrypt all emails going outside of our organization.  He wants me to use available Exchange tools, no third-party solution.  He wants no user interaction required on our end.

We are running Exchange 2010 on a Windows 2008 domain.
0
Comment
Question by:derrickmu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 5

Expert Comment

by:Ruscal
ID: 35009225
This is an unfortunate problem with email design.  It can only be encrypted if the server you hand the email off to is accepting encryption and has their certificates properly setup.  And even then its "transport encryption" (much like an https web page) where the SMTP transmission of the message from one server to another is encrypted but the message itself is still unencrypted on both servers.

But, if the remote site is set for TLS encryption, then your server will use it first, falling back to plain-jane SMTP only if the remote site isn't configured or the cert fails.

Microsoft does offer Exchange Hosted Encrypted Email http://www.microsoft.com/online/exchange-email-encryption.aspx which natively interfaces with Exchange, but it is a separate service with its own costs.

--
Russell

0
 

Author Comment

by:derrickmu
ID: 35009312
No, we need to encrypt emails and send them out.  Transport encryption is not what we are looking for.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 35009334
IF you encrypt ALL emails going out, are you confident that ALL recipients can decrypt them?
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 5

Expert Comment

by:Ruscal
ID: 35009371
That leaves your only option being an addition to Exchange.  I've worked with Exchange Hosted Email Encryption when working on my Exchange MCITP; the product worked well and integration was easy (and our users didn't have to do anything).

But there isn't a way to perform external message level encryption in Exchange without using additional software.

--
Russell
0
 

Author Comment

by:derrickmu
ID: 35009632
Satya, our requirements are no end user interaction.
0
 
LVL 5

Accepted Solution

by:
Ruscal earned 2000 total points
ID: 35011767
I hate to be the one that has to go ahead and put a flag on it, but the answer is: it isn't possible.

For message encryption in Exchange, either a) your users have to do some setup or b) you have to use software that isn't packaged with Exchange Server
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35339970
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One-stop solution for Exchange Administrators to address all MS Exchange Server issues, which is known by the name of Stellar Exchange Toolkit.
Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question