Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Exchange 2010 - Enable TLS on a external domain

Posted on 2011-10-21
Medium Priority
Last Modified: 2012-05-12

We need some assistance on configuring our Exchange 2010 regards to TLS. We need to enable TLS on an external domain source. For example, i want TLS enable to emails goint only to ie.vendor.com. Our current send connector goes to a smart host. Thanks for your support in advance.

Question by:occredit

Expert Comment

ID: 37010395
You have to create another send connector, limited to that domain, that connects directly to the SMTP server of the remote domain.
You have to obtain a TLS certificate for this goal from a certificate provider (I think you couldn't use a self signed cert). Please give the provider all the info he needs, together with the indication that this is a certificate for TLS email to be used with exchange.
You also have to open on the firewall the related outbound port to the remote SMTP server.
In any case, you couldn't use your smarthost to send TLS email.

Accepted Solution

sshoe0 earned 2000 total points
ID: 37014518
You don't need a cert to *send* TLS email, only to receive it.

I don't think there will be a firewall issue because the request to send email will originate from an inside address.

Bottom line for the OP -- you just need the new send connector.  You can route multiple domains for which you want to use TLS through it.  Start with the one to be sure it's working, then add others as you need them.

Author Comment

ID: 37028067
Any special configs on the send connectors?

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
There can be many situations demanding the conversion of Outlook OST files to PST format and as such, there is no shortage of automated tools to perform this conversion. However, what makes Stellar OST to PST converter stand above the rest? Let us e…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Suggested Courses

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question