smart Z
asked on
Enhance email standards
Hello there,
Our company is using O365 Exchange and recently I received a letter from a vendor that we work with to implement the standards below.
1. Trasport layer Security (TLS)
2. Sender Policy Framework(SPF)
3.Domain Keys Identified Email (DKIM)
4. Domain-based Message Authentication, Reporting and COnformance (DMARC)
Does anyone knows how to apply these standards in O365 Exchange and what will I need to do.
Our company is using O365 Exchange and recently I received a letter from a vendor that we work with to implement the standards below.
1. Trasport layer Security (TLS)
2. Sender Policy Framework(SPF)
3.Domain Keys Identified Email (DKIM)
4. Domain-based Message Authentication, Reporting and COnformance (DMARC)
Does anyone knows how to apply these standards in O365 Exchange and what will I need to do.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Can you assist me to just verity the current settings that I have. I have access to the portals.
I want to verity if TLS is enabled in opportunistic mode for all my email servers. The vendor says if TLS is enforced no further action is required.
Thanks,
I want to verity if TLS is enabled in opportunistic mode for all my email servers. The vendor says if TLS is enforced no further action is required.
Thanks,
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
btan,
This link you provided seems helpful, I will review the TLS portion and telnet to my SMTP and check that.
Most of the laptop clients are windows 10 , can I assume that TLS 1.2 is supported natively?
This link you provided seems helpful, I will review the TLS portion and telnet to my SMTP and check that.
Most of the laptop clients are windows 10 , can I assume that TLS 1.2 is supported natively?
Yes opportunistic TLS will take on the higher version as long as the client support TLS1.2. If you need to enforce the client, you can check out the tool for testing
https://www.nartac.com/Products/IISCrypto
There are best practice as well
https://techcommunity.microsoft.com/t5/Exchange-Team-Blog/Exchange-TLS-038-SSL-Best-Practices/ba-p/603798
https://www.nartac.com/Products/IISCrypto
There are best practice as well
https://techcommunity.microsoft.com/t5/Exchange-Team-Blog/Exchange-TLS-038-SSL-Best-Practices/ba-p/603798
https://docs.microsoft.com/en-gb/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-connectors-for-secure-mail-flow-with-a-partner
For SPF, DKIM and DMARC, catch the below which runs through examples.
https://blogs.technet.microsoft.com/fasttracktips/2016/07/16/spf-dkim-dmarc-and-exchange-online/