ccedillo
asked on
How configure TLS only between two domains in Exchange Server 2013
I need configure in Exchange Server 2013 communication TLS only between 2 domains. The communication is with our server and other server "client".
Best regards.
Best regards.
Akhater
Opportunistic tls is enabled by default on all new(ish) email servers, so chances are you don't need to do anything tls is already being used
ASKER
Hello Akhater. Thanks for your answer.
I am check in www.checktls.com and the result is:
test stage and result : TLS is not an option on this server
[000.070] Connected to server
[000.216] <-- 220 smg.macf.com.mx ESMTP mail.macf.com.mx
[000.216] We are allowed to connect
[000.216] --> EHLO checktls.com
[000.287] <-- 250-smg.macf.com.mx says EHLO to 216.68.85.112:53446
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250 SIZE 35840000
[000.288] We can use this server
[000.288] TLS is not an option on this server
[000.288] --> MAIL FROM:<test@assuretls.check
[000.360] <-- 250 2.0.0 MAIL FROM accepted
[000.360] Sender is OK
[000.360] --> RCPT TO:<ccedillo@macf.com.mx>
[000.436] <-- 250 2.0.0 RCPT TO accepted
[000.436] Recipient OK, E-mail address proofed
[000.437] --> QUIT
[000.508] <-- 221 2.3.0 smg.macf.com.mx closing connection
I am check in www.checktls.com and the result is:
test stage and result : TLS is not an option on this server
[000.070] Connected to server
[000.216] <-- 220 smg.macf.com.mx ESMTP mail.macf.com.mx
[000.216] We are allowed to connect
[000.216] --> EHLO checktls.com
[000.287] <-- 250-smg.macf.com.mx says EHLO to 216.68.85.112:53446
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250 SIZE 35840000
[000.288] We can use this server
[000.288] TLS is not an option on this server
[000.288] --> MAIL FROM:<test@assuretls.check
[000.360] <-- 250 2.0.0 MAIL FROM accepted
[000.360] Sender is OK
[000.360] --> RCPT TO:<ccedillo@macf.com.mx>
[000.436] <-- 250 2.0.0 RCPT TO accepted
[000.436] Recipient OK, E-mail address proofed
[000.437] --> QUIT
[000.508] <-- 221 2.3.0 smg.macf.com.mx closing connection
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If the other side or you require the use of TLS, then you need to configure Mutual TLS. That ensures that the traffic goes over TLS and is unable to fall back. While it is true that Exchange does opportunist TLS, that allows fall back.