• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 418
  • Last Modified:

TLS setup on Exchange 2010

Hi. I have a standalone Exchange server on our domain, I have received a request to setup TLS to a 3rd party company domain.

For secure email we use Symantec PGP for sending out emails, I am not too sure of the benefit if any on our part to create the TLS connection.

Could someone please provide details of what I would need to configure if this was done, is there any gotcha's or problems that might be incurred?

There is lots online, but I am looking for specific work through details on a standalone Exchange 2010.

Thanks in advance.
0
mercuriousu2
Asked:
mercuriousu2
1 Solution
 
BurundiLappCommented:
Sorry I have no step by step instructions but it is good practice to have TLS setup on your external facing SMTP services with at least opportunistic encryption, many organisations require encrypted transmission links with suppliers and/or clients as part of their security policy, encrypting the envelope itself shouldn't be considered as enough.
0
 
mercuriousu2Author Commented:
This is already setup by default, what I was requested was a TLS setup with a specific domain to secure all email traffic end to end.  

I already use PGP as a company policy wide solution, I am not too sure if a specific TLS connection  would work in tandem if indeed I attempted to set it up.
0
 
Simon Butler (Sembee)ConsultantCommented:
You are referring to mutual TLS.
TLs works at the transport level, PGP works at the content level.

These are the instructions from Microsoft:
http://technet.microsoft.com/en-us/library/bb123543(v=exchg.141).aspx

You only need Step 3 and Step 4, which will tell Exchange which domains need to use TLS only. Quick note - the list of domains is replaced each time, so if you have a list of domains such as example.com, example.net and you want to add example.co.uk, then you will have to include all three domains in the list.

Simon.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now