Announcement

Collapse
No announcement yet.

Enabling TLS on Exchange 2003 (For receiving only)

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Enabling TLS on Exchange 2003 (For receiving only)

    Hi,

    I want to configure TLS encryption on Exchange 2003 server for only receiving purpose. We would only be receiving securing emails and not sending them.

    Could someone please guide me to required steps for configuring this? I am not sure wether I need to configure TLS certificate and SMTP connector for inbound as I am sure it is definitely required for Outbound emails.

    Appreciate any help in this reqard.

    Thanks
    T

  • #2
    Re: Enabling TLS on Exchange 2003 (For receiving only)

    AFAIK TLS requires certificates at both ends, so a secure channel can be established. You can't just say "I will use TLS" and expect encrypted emails, you need the other party involved to set up TLS too.

    So if you set up TLS on incoming emails, nothing will get through.
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Enabling TLS on Exchange 2003 (For receiving only)

      You will need to use a separate SMTP virtual server, probably running on either another IP address or the old TLS port of 465.
      You will also need an SSL certificate that matches the name that you are using for DNS for that IP address. If you already have a commercial SSL certificate for OWA then you can use that.

      You cannot use TLS on the existing SMTP virtual server because Exchange 2003 doesn't do opportunist TLS. It is either on or off. If it is on, then anyone who doesn't use TLS (ie most of the internet) will be unable to send you email.

      Simon.
      --
      Simon Butler
      Exchange MVP

      Blog: http://blog.sembee.co.uk/
      More Exchange Content: http://exchange.sembee.info/
      Exchange Resources List: http://exbpa.com/
      In the UK? Hire me: http://www.sembee.co.uk/

      Sembee is a registered trademark, used here with permission.

      Comment

      Working...
      X