Ins and outs of TLS?

Hello!
 Have a client that is required to use TLS for accepting mail from a government agency.  I have a 2003 Small Business Server Std and wonder how to implement it.  Or is it already on?  How do I use it?  Get Exchange to use it?  
 As you may be albe to tell, I am not that familiar with it.  I know its secure smtp over a different port (isnt it?) and just need some guidance on how to implement / configure it.

 Many thanks!
LVL 1
Lorenzo CricchioPresidentAsked:
Who is Participating?
 
Adam BrownConnect With a Mentor Sr Solutions ArchitectCommented:
All Secured SMTP traffic using TLS goes over port 25 (Unless you configure it to use a different port, which is possible). And you can use your Godaddy cert for the connection.
0
 
Adam BrownSr Solutions ArchitectCommented:
TLS doesn't run over a separate port for SMTP. Basically what happens in a TLS SMTP transaction is when the two servers communicate with one another, the sending server issues a STARTTLS command to the receiving server. If this command succeeds, the transaction begins to be secured using the server certificate that is assigned to the server, much like HTTPS is secured with SSL. You have to configure it to work with Exchange 2003. I haven't worked with 2003 in a *long* time so I don't know the specifics, but I think you have to create a new send connector that requires TLS to communicate with the government organization. http://www.networkworld.com/news/2007/011807-tls1.html has a lot of information about TLS and how to implement it with Exchange 2003. Note that there are 5 parts to it, so read the first and at the bottom of that there are links to 4 more articles.
0
 
Lorenzo CricchioPresidentAuthor Commented:
Does the incoming still travel over port 25?  I dont have the SBS multihoned and is behind a firewall.  Along with 25, 443 is sent to the SBS.  
  I think they already have a cert from Godaddy.  I suspect I can use that one?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Lorenzo CricchioPresidentAuthor Commented:
they do have a cert, but I think it was selfsigned. That still ok to use?
0
 
Adam BrownSr Solutions ArchitectCommented:
It's not preferred. You might get some error messages in your event logs regarding the certificate if you use that one, but the TLS session should still work.
0
 
Lorenzo CricchioPresidentAuthor Commented:
Cert from godaddy installed and seems to be up and running AOK!  Thanks!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.