TLS implementation question
Posted on 2014-12-31
I have a client who wants to setup TLS to allow email between 2 companies. My client has an Exchange 2010 hybrid environment with office 365, and he wants to secure email communication with a lawyer firm
Please see request below
It is CompanyB's policy to "enforce" TLS. We will deliver email to domain(s) you specify only when we are able to establish a TLS connection to your server(s) which ensures that our email communications to any of your domains are sent securely. We strongly recommend that you enforce your TLS connection(s) to all the Company's B domains for similar secure TLS email transmission of your data to any and all Aon recipients.
Client has a Exchange hybrid 2010 environment with office 365, Symantec BrightMail spam gateway. internal email flow goes to Symantec Spam Gateway --> to Internet [Internet send connector[, they also have a Office 365 send connector and another internal Send connector for applications.
Company B; unknown , but I guess they have either Exchange 2010 or 2013
Can someone please summarize high level steps to setup TLS across companies? Please, consider the fact that we have Symantec Bright Mail servers spam gateways and office 365 hybrid environment
Can someone please attach a link, blog, technet, article with tons of screenshots step-by-step to deploy TLS across organizations?
Should we restart Exchange servers or spam gateways after deploying TLS?
Do we need some sort of certificates to allow emails tthrough TLS? IF SO, where this certificates should be deployed? at server level, at spam gateways? should we exchange certificates across companies?
if so , which certificate should be exchanged?
Your feedback is highly appreciated