• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 462
  • Last Modified:

TLS on exchange 2003

Hi

One of our clients has asked us to set up a TLS connection from us to them on our exchange 2003 server.  We only have one mail server, is it possible to set this one box up to receive both encrypted and normal smtp traffic?

thanks
0
Nick_D
Asked:
Nick_D
1 Solution
 
TAWpowerCommented:
This is an either or setting. Unfortunately there is not an option to select both.

0
 
Nick_DAuthor Commented:
Not even if i have  2 virtual smtp servers on different IP addresses?
0
 
AmitIT ArchitectCommented:
You can try 3rd party solution like Voltage encrption tool. I have same setup and in my outlook, i have 2 send button. One for normal and one for TLS. But see, if you have ready to spend that much money.
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
Nick_DAuthor Commented:
Thanks for the repsonses guys.  I was hoping that there would be a way to do it with what we already have in the box plus the additon of an ssl cert?  If I have two virtual smtp servers on different ip's and then get my router to map the traffic to to correct ip dependant on it's port number?

will this work?
0
 
GundogTrainerCommented:
You can create a 2nd SMTP connector on the server with specific address space for that domain and set the outbound security on that connector for TLS - I see no reason that wouldnt work.

However if you dont have a second IP address for the received TLS traffic you wont be able to ensure you recieve the email over a TLS connection - but if the other party forces a TLS send then it would be OK.

I use a 3rd party gateway for email as we have some companies that we are contractualy required to encrypt mail between and everyone else if just opertunistic.
0
 
TAWpowerCommented:
Are your clients using specific domains... if so, this may help.

Enable Transport Layer Security Encryption for a Specific Remote Domain in an Exchange Organization

To enable TLS encryption for a specific remote domain in Exchange Server, follow these steps:

Install an X.509 server certificate on the server. For more information about X.509 certificates, click the following article number to view the article in the Microsoft Knowledge Base:

319574  (http://support.microsoft.com/kb/319574/ ) How to use certificates with virtual servers in Exchange 2000 Server

Create a new SMTP Connector. For more information about how to create a new SMTP Connector, click the following article number to view the article in the Microsoft Knowledge Base:

314961  (http://support.microsoft.com/kb/314961/ ) How to install and to configure SMTP Connectors in Exchange 2000 Server

To enable TLS encryption, right-click the SMTP connector, and then click Properties. Click the Advanced tab, click Outbound Security, and then click to select the TLS Encryption check box.

Note If the remote domain does not support TLS encryption, all messages are returned and an NDR is generated. For more information, click the following article number to view the article in the
Microsoft Knowledge Base:

329061  (http://support.microsoft.com/kb/329061/ ) Exchange Server cannot communicate with non-TLS domains

SOURCE: http://support.microsoft.com/kb/829721
0
 
Nick_DAuthor Commented:
Thanks for your response GundogTrainer.  Would you have any recommendations for the gateway software to enable us to do this?
0
 
Nick_DAuthor Commented:
Sorry, for some reason forgot to accept this answer.

Apologies and thanks for your help.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now