Solved

Ins and outs of TLS?

Posted on 2012-04-02
6
346 Views
Last Modified: 2012-05-10
Hello!
 Have a client that is required to use TLS for accepting mail from a government agency.  I have a 2003 Small Business Server Std and wonder how to implement it.  Or is it already on?  How do I use it?  Get Exchange to use it?  
 As you may be albe to tell, I am not that familiar with it.  I know its secure smtp over a different port (isnt it?) and just need some guidance on how to implement / configure it.

 Many thanks!
0
Comment
Question by:Lorenzo Cricchio
  • 3
  • 3
6 Comments
 
LVL 39

Expert Comment

by:Adam Brown
ID: 37797427
TLS doesn't run over a separate port for SMTP. Basically what happens in a TLS SMTP transaction is when the two servers communicate with one another, the sending server issues a STARTTLS command to the receiving server. If this command succeeds, the transaction begins to be secured using the server certificate that is assigned to the server, much like HTTPS is secured with SSL. You have to configure it to work with Exchange 2003. I haven't worked with 2003 in a *long* time so I don't know the specifics, but I think you have to create a new send connector that requires TLS to communicate with the government organization. http://www.networkworld.com/news/2007/011807-tls1.html has a lot of information about TLS and how to implement it with Exchange 2003. Note that there are 5 parts to it, so read the first and at the bottom of that there are links to 4 more articles.
0
 
LVL 1

Author Comment

by:Lorenzo Cricchio
ID: 37797783
Does the incoming still travel over port 25?  I dont have the SBS multihoned and is behind a firewall.  Along with 25, 443 is sent to the SBS.  
  I think they already have a cert from Godaddy.  I suspect I can use that one?
0
 
LVL 39

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 37797788
All Secured SMTP traffic using TLS goes over port 25 (Unless you configure it to use a different port, which is possible). And you can use your Godaddy cert for the connection.
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 1

Author Comment

by:Lorenzo Cricchio
ID: 37797819
they do have a cert, but I think it was selfsigned. That still ok to use?
0
 
LVL 39

Expert Comment

by:Adam Brown
ID: 37797854
It's not preferred. You might get some error messages in your event logs regarding the certificate if you use that one, but the TLS session should still work.
0
 
LVL 1

Author Closing Comment

by:Lorenzo Cricchio
ID: 37954496
Cert from godaddy installed and seems to be up and running AOK!  Thanks!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this step by step procedure, you will come to know the details of creating an Outlook meeting in 2007, 2010, 2013 & 2016.
Pop culture is prime bait for hackers seeking to infect user’s computers and mobile devices with malicious malware. Hackers know exactly what the latest trends are online and know how to use them to their advantage.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now