We help IT Professionals succeed at work.

Exchange 2010 forced TLS 1.2 to business partner

James asked
Have a client running Exchange 2010 on 2008R2 and one of their vendors is requiring all SMTP after 1/1/20 be TLS 1.2
I have read through the documentation/KBs & blogs.    

Setup looks straightforward.  They are good on OS/KBS and Exchange version (2010 sp3 CU23).
Add the registry keys & reboot.

Question..  how do I set all SMTP traffic to that domain be forced TLS?
Setup a Partner send connector their domain?   Does that force TLS?

Having some trouble tracking that piece down.  Any help would be appreciated.

Watch Question

IT Architect
Distinguished Expert 2017
Use force TLS:
Read this KB: https://o365info.com/configuring-the-option-of-force-tls-in-exchange-on-premises-environment-part-4-12-tls/

For TLS 1.2:
Check this KB:

Now, remember one thing, if you have application in your environment using old TLS version, that will break once you enable higher TLS. So, keep that in mind. Kindly read these KB's:

If you still have doubt, open case with Microsoft also. I did same for my client.