SMTP via TLS
I need to allow one vendor to send email from their MS Exchange server to our MS Exchange 2003 server via TLS, but I’m confused as to what needs to be done…
From reading on this site and others, I see that Exchange 2003 doesn’t allow Opportunistic TLS. All indications point to setting up an additional SMTP VS and another routing connector. But because of our current configuration, I’m not sure how best to proceed…
Exchange 2003 is behind Forefront TMG 2010 server that has port 25 open. On the TMG server, Trend Micro InterScan VirusWall 7 listens on port 25. It does first level spam filtering, prevents relaying, etc…
TM Interscan VirusWall forwards mail to an internal SMTP virtual server “SERVER-A” running GFI Mail Essential… Here we do additional spam checking… From here, mail is passed to the MS Exchange server for delivery….
We have one SMTP VS and one connector on MS Exchange. The connector passes all external mail back to SERVER-A for spam checking, adds our company disclaimer and then sends it to the TMG Server where the TM Interscan VirusWall handles sending it out….
Given this scenario, what would be the best way to set up TLS? Could I just install the certificate on the Forefront TMG server or does it actually have to go on SERVER-A, the mail server or both?
Thanks very much for your input…
From reading on this site and others, I see that Exchange 2003 doesn’t allow Opportunistic TLS. All indications point to setting up an additional SMTP VS and another routing connector. But because of our current configuration, I’m not sure how best to proceed…
Exchange 2003 is behind Forefront TMG 2010 server that has port 25 open. On the TMG server, Trend Micro InterScan VirusWall 7 listens on port 25. It does first level spam filtering, prevents relaying, etc…
TM Interscan VirusWall forwards mail to an internal SMTP virtual server “SERVER-A” running GFI Mail Essential… Here we do additional spam checking… From here, mail is passed to the MS Exchange server for delivery….
We have one SMTP VS and one connector on MS Exchange. The connector passes all external mail back to SERVER-A for spam checking, adds our company disclaimer and then sends it to the TMG Server where the TM Interscan VirusWall handles sending it out….
Given this scenario, what would be the best way to set up TLS? Could I just install the certificate on the Forefront TMG server or does it actually have to go on SERVER-A, the mail server or both?
Thanks very much for your input…
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It took care of the issue
Do you need TLS inbound and outbound or just inbound? On inbound connections, the TLS connection would be made between the sending server and your Trend Micro InterScan VirusWall server. You will need to contact Trend Micro and find out how to configure TLS on their product. For outbound mail, your GFI server would need to be setup to do TLS with your vendor. You will ned to contact GFI to determine how to setup TLS with their product. So, there is nothing to configure in Exchange.
JJ