Solved

How do we encrypt all external emails using exchange 2010?

Posted on 2011-03-01
9
1,321 Views
Last Modified: 2012-05-11
My CIO wants me to encrypt all emails going outside of our organization.  He wants me to use available Exchange tools, no third-party solution.  He wants no user interaction required on our end.

We are running Exchange 2010 on a Windows 2008 domain.
0
Comment
Question by:derrickmu
9 Comments
 
LVL 5

Expert Comment

by:Ruscal
ID: 35009225
This is an unfortunate problem with email design.  It can only be encrypted if the server you hand the email off to is accepting encryption and has their certificates properly setup.  And even then its "transport encryption" (much like an https web page) where the SMTP transmission of the message from one server to another is encrypted but the message itself is still unencrypted on both servers.

But, if the remote site is set for TLS encryption, then your server will use it first, falling back to plain-jane SMTP only if the remote site isn't configured or the cert fails.

Microsoft does offer Exchange Hosted Encrypted Email http://www.microsoft.com/online/exchange-email-encryption.aspx which natively interfaces with Exchange, but it is a separate service with its own costs.

--
Russell

0
 

Author Comment

by:derrickmu
ID: 35009312
No, we need to encrypt emails and send them out.  Transport encryption is not what we are looking for.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 35009334
IF you encrypt ALL emails going out, are you confident that ALL recipients can decrypt them?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 5

Expert Comment

by:Ruscal
ID: 35009371
That leaves your only option being an addition to Exchange.  I've worked with Exchange Hosted Email Encryption when working on my Exchange MCITP; the product worked well and integration was easy (and our users didn't have to do anything).

But there isn't a way to perform external message level encryption in Exchange without using additional software.

--
Russell
0
 
LVL 20

Expert Comment

by:Satya Pathak
ID: 35009607
0
 

Author Comment

by:derrickmu
ID: 35009632
Satya, our requirements are no end user interaction.
0
 
LVL 5

Accepted Solution

by:
Ruscal earned 500 total points
ID: 35011767
I hate to be the one that has to go ahead and put a flag on it, but the answer is: it isn't possible.

For message encryption in Exchange, either a) your users have to do some setup or b) you have to use software that isn't packaged with Exchange Server
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35339970
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
In-place Upgrading Dirsync to Azure AD Connect
This video discusses moving either the default database or any database to a new volume.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question