Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How do we encrypt all external emails using exchange 2010?

Posted on 2011-03-01
9
Medium Priority
?
1,545 Views
Last Modified: 2012-05-11
My CIO wants me to encrypt all emails going outside of our organization.  He wants me to use available Exchange tools, no third-party solution.  He wants no user interaction required on our end.

We are running Exchange 2010 on a Windows 2008 domain.
0
Comment
Question by:derrickmu
8 Comments
 
LVL 5

Expert Comment

by:Ruscal
ID: 35009225
This is an unfortunate problem with email design.  It can only be encrypted if the server you hand the email off to is accepting encryption and has their certificates properly setup.  And even then its "transport encryption" (much like an https web page) where the SMTP transmission of the message from one server to another is encrypted but the message itself is still unencrypted on both servers.

But, if the remote site is set for TLS encryption, then your server will use it first, falling back to plain-jane SMTP only if the remote site isn't configured or the cert fails.

Microsoft does offer Exchange Hosted Encrypted Email http://www.microsoft.com/online/exchange-email-encryption.aspx which natively interfaces with Exchange, but it is a separate service with its own costs.

--
Russell

0
 

Author Comment

by:derrickmu
ID: 35009312
No, we need to encrypt emails and send them out.  Transport encryption is not what we are looking for.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 35009334
IF you encrypt ALL emails going out, are you confident that ALL recipients can decrypt them?
0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 
LVL 5

Expert Comment

by:Ruscal
ID: 35009371
That leaves your only option being an addition to Exchange.  I've worked with Exchange Hosted Email Encryption when working on my Exchange MCITP; the product worked well and integration was easy (and our users didn't have to do anything).

But there isn't a way to perform external message level encryption in Exchange without using additional software.

--
Russell
0
 

Author Comment

by:derrickmu
ID: 35009632
Satya, our requirements are no end user interaction.
0
 
LVL 5

Accepted Solution

by:
Ruscal earned 2000 total points
ID: 35011767
I hate to be the one that has to go ahead and put a flag on it, but the answer is: it isn't possible.

For message encryption in Exchange, either a) your users have to do some setup or b) you have to use software that isn't packaged with Exchange Server
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35339970
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

876 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question