DicomSupport
asked on
TLS in Exchange 2010 SP3
Hi
I want to secure my outgoing e-mails that I send out with a single send connector from HUB to a smarthost.
I am using basic authentication over TLS on to this connector, but what does this give me in security, authenticating my server when sending?
Do I need to use S/mime to be able to encrypt the messages between my server to the smarthost.
The smarthost has open ports for SMTP with 'Start TLS': 25
SSL-port: 465.
Connector config
AddressSpaces : {SMTP:*;1}
AuthenticationCredential : System.Management.Automati on.PSCrede ntial
Comment :
ConnectedDomains : {}
ConnectionInactivityTimeOu t : 00:10:00
DNSRoutingEnabled : False
DomainSecureEnabled : False
Enabled : True
ErrorPolicies : Default
ForceHELO : False
Fqdn : mail.domain.com
HomeMTA : Microsoft MTA
HomeMtaServerId : SRV04
Identity : Internet TLS relay
IgnoreSTARTTLS : False
IsScopedConnector : False
IsSmtpConnector : True
LinkedReceiveConnector :
MaxMessageSize : 29.53 MB (30,965,760 bytes)
Name : Internet TLS relay Stay
Port : 25
ProtocolLoggingLevel : None
RequireOorg : False
RequireTLS : False
SmartHostAuthMechanism : BasicAuthRequireTLS
SmartHosts : {smarthost}
SmartHostsString : smarthost
SmtpMaxMessagesPerConnecti on : 20
SourceIPAddress : 0.0.0.0
SourceRoutingGroup : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers : {SRV04}
TlsAuthLevel :
TlsDomain :
UseExternalDNSServersEnabl ed : False
Regards
Magnus
I want to secure my outgoing e-mails that I send out with a single send connector from HUB to a smarthost.
I am using basic authentication over TLS on to this connector, but what does this give me in security, authenticating my server when sending?
Do I need to use S/mime to be able to encrypt the messages between my server to the smarthost.
The smarthost has open ports for SMTP with 'Start TLS': 25
SSL-port: 465.
Connector config
AddressSpaces : {SMTP:*;1}
AuthenticationCredential : System.Management.Automati
Comment :
ConnectedDomains : {}
ConnectionInactivityTimeOu
DNSRoutingEnabled : False
DomainSecureEnabled : False
Enabled : True
ErrorPolicies : Default
ForceHELO : False
Fqdn : mail.domain.com
HomeMTA : Microsoft MTA
HomeMtaServerId : SRV04
Identity : Internet TLS relay
IgnoreSTARTTLS : False
IsScopedConnector : False
IsSmtpConnector : True
LinkedReceiveConnector :
MaxMessageSize : 29.53 MB (30,965,760 bytes)
Name : Internet TLS relay Stay
Port : 25
ProtocolLoggingLevel : None
RequireOorg : False
RequireTLS : False
SmartHostAuthMechanism : BasicAuthRequireTLS
SmartHosts : {smarthost}
SmartHostsString : smarthost
SmtpMaxMessagesPerConnecti
SourceIPAddress : 0.0.0.0
SourceRoutingGroup : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers : {SRV04}
TlsAuthLevel :
TlsDomain :
UseExternalDNSServersEnabl
Regards
Magnus
Since your Exchange and mailhost are windows machines, you can encrypt all data between them, this is a fast and secure way cipher all data: http://www.derekseaman.com/2010/06/enable-tls-12-aes-256-and-sha-256-in.html
ASKER
Hi
sorry if I confused you, the smarthost is not a Windows machine and I can't change settings on it.
Can you explain what my current Exchange config gives me?
regards
Magnus
sorry if I confused you, the smarthost is not a Windows machine and I can't change settings on it.
Can you explain what my current Exchange config gives me?
regards
Magnus
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
As long as I get SSL from my server to the smarthost that is fine.