Re: TLS
- From: "Matt Kuzior [MSFT]" <mattku@xxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 8 Sep 2006 09:18:08 -0700
On the receive side, (SMTP VSI) once you install the certificate, it is
optional. A client connecting to your server may use it but is not required.
At most, you can enforce that basic (base64 encoded but effectively clear
text) authentication would require TLS.
On the sending side, (send connector) once you enable the "use TLS" setting,
on the Advanced->Outbound Security page, TLS becomes mandatory. Your server
acting as a client will refuse to send mail unless it can successfully
negotiate a TLS encrypted session.
--
Please do not send email directly to this alias. This alias is for newsgroup
purposes only.
This posting is provided "AS IS" with no warranties, and confers no rights.
"DavidP" <bill@xxxxxxxxxxxx> wrote in message
news:OYgNu3l0GHA.3464@xxxxxxxxxxxxxxxxxxxxxxx
Thanks for your swift response.
Is it possible to enable TLS but not enforce it ?
"Matt Kuzior [MSFT]" <mattku@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:uSrVx5e0GHA.1252@xxxxxxxxxxxxxxxxxxxxxxx
This KB article should help you on your way.
http://support.microsoft.com/kb/829721/en-us
The procedure involves "installing" a certificate on the receiving side.
As
soon as you install the certificate, your server will begin to advertise
"STARTTLS" in response to the EHLO command and can receive TLS encrypted
mail. On the remote side you can require TLS on the send connector.
Repeat the procedure in the reverse direction for two-way TLS.
--
Please do not send email directly to this alias. This alias is for
newsgroup
purposes only.
This posting is provided "AS IS" with no warranties, and confers no
rights.
"DavidP" <bill@xxxxxxxxxxxx> wrote in message
news:elnyxNd0GHA.3440@xxxxxxxxxxxxxxxxxxxxxxx
Ive been asked to setup encypted emails for one of our sister companies
domains.
we have to be able to send and recieve TLS encrypted emails to and from
our
sister company.
We have an ISA2004 server with an exchange 2000 server behind. Ive jsut
bought a certificate for use and am now ready to set it up.
problem is the info out there is pretty vague.
From what i gather, i create a new SMTP connector in exchange and in the
address space add in the sister companies domain name. set for TLS
Then setup a new SMTP virtual server and again tell it to use tls
what do i have to do with the certificate ? i guess install it within
exchange IIS. Does the sister company also have to install this
certificate
?
and then do we have to do it all again at their end ?
thanks in anticipation.
.
- Prev by Date: Lotus Notes Connector Question - Internet E-Mail Routing
- Next by Date: How to disable CHUNKING/BDAT on a standalone window 2000 SMTP server?
- Previous by thread: Re: TLS
- Next by thread: Installed Exchange server and root domain DC connectivity needs
- Index(es):
Relevant Pages
|
