TLS in Exchange 2010 SP3


I want to secure my outgoing e-mails that I send out with a single send connector from HUB to a smarthost.
I am using basic authentication over TLS on to this connector, but what does this give me in security, authenticating my server when sending?

Do I need to use S/mime to be able to encrypt the messages between my server to the smarthost.

The smarthost has open ports for SMTP with 'Start TLS': 25
SSL-port: 465.

Connector config

AddressSpaces                : {SMTP:*;1}
AuthenticationCredential     : System.Management.Automation.PSCredential
Comment                      :
ConnectedDomains             : {}
ConnectionInactivityTimeOut  : 00:10:00
DNSRoutingEnabled            : False
DomainSecureEnabled          : False
Enabled                      : True
ErrorPolicies                : Default
ForceHELO                    : False
Fqdn                         :
HomeMTA                      : Microsoft MTA
HomeMtaServerId              : SRV04
Identity                     : Internet TLS relay
IgnoreSTARTTLS               : False
IsScopedConnector            : False
IsSmtpConnector              : True
LinkedReceiveConnector       :
MaxMessageSize               : 29.53 MB (30,965,760 bytes)
Name                         : Internet TLS relay Stay
Port                         : 25
ProtocolLoggingLevel         : None
RequireOorg                  : False
RequireTLS                   : False
SmartHostAuthMechanism       : BasicAuthRequireTLS
SmartHosts                   : {smarthost}
SmartHostsString             : smarthost
SmtpMaxMessagesPerConnection : 20
SourceIPAddress              :
SourceRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers       : {SRV04}
TlsAuthLevel                 :
TlsDomain                    :
UseExternalDNSServersEnabled : False


Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Miguel Angel Perez MuñozCommented:
Since your Exchange and mailhost are windows machines, you can encrypt all data between them, this is a fast and secure way cipher all data:
DicomSupportAuthor Commented:

sorry if I confused you, the smarthost is not a Windows machine and I can't change settings on it.

Can you explain what my current Exchange config gives me?

Simon Butler (Sembee)ConsultantCommented:
All that TLS does is put the SMTP traffic inside SSL. It doesn't do anything with the actual message. As you are using a smart host it will just protect the traffic to the smart host, no further.

Authentication is something different, independant from TLS.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DicomSupportAuthor Commented:
As long as I get SSL from my server to the smarthost that is fine.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.