Re: Confusion RE: Transport Security Layer

"Robert R Kircher, Jr." <rkircher@xxxxxxxxxxxxxxxx> wrote:

>Can someone please help me understand TSL? As I understand it, it an
>encryption method for securing data across the internet.

TLS is another name for SSL.

>My question is how
>does this apply to Exchange 2K3.

The same way it applies to Exchange 2000. If you install the SSL
certificate the virtual server advertises the necessary ESMTP keywords
that tell the "other" server that it's possible to use TLS.

>I see the option in the Virtual SMTP
>server but I'm not sure what happens if I turn it on.

Ummm . . . what option?

>For example, do I
>need to open up a different set of ports in my firewall?

Nope.

>How do I set up
>the client?

That depends on the SMTP client.

>Do I need to setup some sort of certificate to use TSL?

Yes. You'll need a x.509v3 cert.

>Lastly
>what does something like Iron Mail (http://www.ironmail.com/) provide that
>Exchange doesn't in regards to TSL?

TLS is TLS everywhere. If it were different it wouldn't be
interoperable.

However, Ironmail does offer you the ability to specify the level of
security you want. E.g. is it okay that the other machine's cert isn't
trusted, but the server name is correct? Or do you require that the
cert is trusted. There are other things that Ironmail does, but it's
an e-mail security appliance and its design is much different to that
of Exchange.

--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm
.

Relevant Pages