SAM2009
asked on
How to set a TLS connection just for a specific domain when email is sent in Exchange 2010?
Hi,
We deal with a specific client and this client want to receive email through a secure connection and suggest us to use TLS. How can we configure TLS connection just for a specific domain.
For example:
Every time an email is sent to xxx@client_domain.com
Thanks
We deal with a specific client and this client want to receive email through a secure connection and suggest us to use TLS. How can we configure TLS connection just for a specific domain.
For example:
Every time an email is sent to xxx@client_domain.com
Thanks
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
if exchange routes all outbound emails to the spam filter and the latter sends to the internet then yes the connection to your client will be initated by the spam filter and not from exchange, you should check with your spam filter on how to do this not on exchange
ASKER
Just for my understanding why we can't do on Exchange when we have a mail filter? Is there any conflict?
it is not a question of conflict,
what you want is open a TLS with your CLIENT when your exchange is only connecting to your MAIL RELAY and your MAIL RELAY to your client
so connection is
Exchange ---> Mail Relay
Mail Relay ---> Client
so technically there is no connection between your Exchange and your Client.
Unless you want to open direct connection from exchange to your client and bypass your mail relay the setting should be done on your mail relay
If it is not clear please let me know
thanks
what you want is open a TLS with your CLIENT when your exchange is only connecting to your MAIL RELAY and your MAIL RELAY to your client
so connection is
Exchange ---> Mail Relay
Mail Relay ---> Client
so technically there is no connection between your Exchange and your Client.
Unless you want to open direct connection from exchange to your client and bypass your mail relay the setting should be done on your mail relay
If it is not clear please let me know
thanks
ASKER
If I choose to create a separate send connector in Exchange for the specific client domain which smart host I should put?
unfortunately it is not as easy as this you should first give directaccess to ecchange for the SMTP protocol to the internet
second make sure that the public IP used by exchange for sending email is in your PTR records
if you are willing to do all this then there is no need for the Smart host you can keep the connector configuration to Route by MX record
second make sure that the public IP used by exchange for sending email is in your PTR records
if you are willing to do all this then there is no need for the Smart host you can keep the connector configuration to Route by MX record
ASKER
How can I know if my Exchange already sent by TLS if others MX server accept TLS connection?
The default of exchange is to use tls (as well as all new mail servers) it is called opportunistic tls...
However you can force exchange to use tls for a specific domain I sent the how-to before
However you can force exchange to use tls for a specific domain I sent the how-to before
ASKER
Ok so by default Exchange 2010 try to send with TLS? Could you give a doc or link that explain that?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you very much for your help!
ASKER