• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1666
  • Last Modified:

How do we encrypt all external emails using exchange 2010?

My CIO wants me to encrypt all emails going outside of our organization.  He wants me to use available Exchange tools, no third-party solution.  He wants no user interaction required on our end.

We are running Exchange 2010 on a Windows 2008 domain.
0
derrickmu
Asked:
derrickmu
1 Solution
 
RuscalCommented:
This is an unfortunate problem with email design.  It can only be encrypted if the server you hand the email off to is accepting encryption and has their certificates properly setup.  And even then its "transport encryption" (much like an https web page) where the SMTP transmission of the message from one server to another is encrypted but the message itself is still unencrypted on both servers.

But, if the remote site is set for TLS encryption, then your server will use it first, falling back to plain-jane SMTP only if the remote site isn't configured or the cert fails.

Microsoft does offer Exchange Hosted Encrypted Email http://www.microsoft.com/online/exchange-email-encryption.aspx which natively interfaces with Exchange, but it is a separate service with its own costs.

--
Russell

0
 
derrickmuAuthor Commented:
No, we need to encrypt emails and send them out.  Transport encryption is not what we are looking for.
0
 
Neil RussellTechnical Development LeadCommented:
IF you encrypt ALL emails going out, are you confident that ALL recipients can decrypt them?
0
Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

 
RuscalCommented:
That leaves your only option being an addition to Exchange.  I've worked with Exchange Hosted Email Encryption when working on my Exchange MCITP; the product worked well and integration was easy (and our users didn't have to do anything).

But there isn't a way to perform external message level encryption in Exchange without using additional software.

--
Russell
0
 
derrickmuAuthor Commented:
Satya, our requirements are no end user interaction.
0
 
RuscalCommented:
I hate to be the one that has to go ahead and put a flag on it, but the answer is: it isn't possible.

For message encryption in Exchange, either a) your users have to do some setup or b) you have to use software that isn't packaged with Exchange Server
0
 
Glen KnightCommented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now