Solved

Exchange 2010 Secure Email

Posted on 2013-12-23
6
363 Views
Last Modified: 2014-02-22
Business partner requiring secure email communication. Not a problem, or so I thought. Company has Exchange 2010 with a Barracuda Spam/Virus Firewall filtering inbound mail only. Outbound mail is sent directly from Exchange. fqdn for mail is pointing to Barracuda.

Mail flow is working fine. No problems AFAIK.

I have purchased cert for securing the email. It is using the fqdn of mail. In talking with the tech support at Barracuda, the Barracuda sends the email up to their service for encryption. End user would receive email that encrypted email is available by clicking on link. An additional step or two required by the end user. Not really the way that I wanted it to work.

Not sure if the barracuda will pass encrypted email. I could have the email for the biz partner domain to bypass filtering.

I was planning on configuring encrypted email on the exchange server. Then I remembered that the Barracuda was in the path of the mail flow (inbound only).

Possible work around.

Adding another MX record to bypass the Barracuda, though it would open up email traffic from all servers.

Use a different public IP address for exchange encrypted mail. Filter at the firewall to allow only smtp traffic from biz partner email servers. Setup receive connector with fqdn of mail to allow inbound email.

Use the barracuda to perform the secure communication.

Any ideas that will help, are appreciated.

Thanks!
0
Comment
Question by:rojiru
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 7

Expert Comment

by:dsnegi_25dec
ID: 39737200
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 39737371
I believe encrypted mail is unscannable to the Barracuda and can be set to just forward it on.
0
 
LVL 1

Expert Comment

by:x278384
ID: 39737386
I am not familiar with Barracuda, but as I know if you like to encrypt the mail communications, use email gateway is the easist approach.

What you discribe there is Https link that will be sent to recipiants, that just like trans the mail to https content.

By I know there are another way to encrypt the mail, like policy rules for certain domain users.

My friends, they use Cellopoint to approch this, maybe you could check this out.

and see if Barracuda has the same thing.
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:rojiru
ID: 39738177
Originally my thought was to use Exchange to do the encryption/decryption. Since the barracuda is in the path of the mail flow, I will probably use it to start. This may be the easiest path. Hopefully I can get some time to work it out in a lab. Of course I may never get the chance due to work load.

I am waiting on the other party to contact me, so we can test operation.

Thanks for the help.
0
 

Accepted Solution

by:
rojiru earned 0 total points
ID: 39866112
Thanks everyone for the ideas. I ended up using the barracuda to handle the email encryption. Some of their techs were misleading in the information given to me. So basically email is encrypted between the client and Exchange, and then between Exchange and the barracuda. Then the barracuda handles the encryption with outside email servers. I finally found the correct info thru one of their techs. Also, the ssl certs were not recognized by the barracuda. Once this was corrected, it worked fine. Except for the issue with the cisco firewall and its fixup protocol for esmtp. I had to disable it altogether.
0
 

Author Closing Comment

by:rojiru
ID: 39878986
I needed to keep the original configuration due to spam and virus filtering by barracuda. Since barracuda's support was not initially helpful, I turned to Experts Exchange. Thanks!
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question