Link to home
Start Free TrialLog in
Avatar of chipsexperts
chipsexperts

asked on

How to setup a TLS email connection

I got requested to setup a TLS connection between my company and an outside company. They provided the domains, and said to add as necessary. I did a research online and on some places it says to do it like this:

Set-TransportConfig -TLSSendDomainSecureList domain.com

Set-TransportConfig -TLSReceiveDomainSecureList domain.com

$TransportConfig = Get-TransportConfig
$TransportConfig.TLSSendDomainSecureList += "domain.com"
Set-TransportConfig -TLSSendDomainSecureList $TransportConfig.TLSSendDomainSecureList

$TransportConfig = Get-TransportConfig
$TransportConfig.TLSReceiveDomainSecureList += "domain.com"
Set-TransportConfig -TLSReceiveDomainSecureList $TransportConfig.TLSReceiveDomainSecureList

On other it says to go to the send connection in the exchange management console, but not sure how to do it there, or which way it the best way to achieve this. Any help will be appreciated.
Avatar of Carol Chisholm
Carol Chisholm
Flag of Switzerland image

You should not need to do anything if the other company supports TLS. Exchange always tries TLS first (opportunistic TLS and then changes to an unencrypted protocol if TLS is not accepted by the other exchange server.
Avatar of chipsexperts
chipsexperts

ASKER

Forgot to mention that they are asking for mutual TLS setup. Inbound Outbound
Should not make any difference. Exchange will always try for TLS is it is available.
So, Carol then what's the point of this link:

http://exchange.sembee.info/2010/hub/mutualtls.asp

I know you are an expert, can you provide me feedback?
ASKER CERTIFIED SOLUTION
Avatar of Carol Chisholm
Carol Chisholm
Flag of Switzerland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Thanks for your assistance. Carol
if you have been asked to setup Mutual TLS this generally means that they don't want email sent if its not encrypted by TLS. With opportunistic TLS if it doesn't work then it will send the mail anyway

those powershell cmdlets look correct to send both outbound and inbound