No announcement yet.

TLS and Exchange 2000

  • Filter
  • Time
  • Show
Clear All
new posts

  • TLS and Exchange 2000


    I have Exchange 2000 and needs to setup TLS. We want to setup TLS with only 1 domain and with the rest of the domains communicate properly. Does anyone know how to setup TLS for only 1 domain?



  • #2
    Re: TLS and Exchange 2000

    First for TLS you need to have a cert.
    Once you have the cert and it is installed into the IIS, you need to determine what domains you are going to encrypt to.
    In Ex Server Manager, create a connector for your default outbound mail.
    Then create a connector for the main bound for your domain that requires encryption.
    In the address space, add the name needing encryption. Then in the advanced area, under out bound security, check TLS encryption.
    This forces the mail destined for the secure domain to encrypted.
    All other mail will be delivered via the unsecured connector.

    The cert installed on the TLS connector should respond with the STARTTLS verb on inbound notifying the foreign main server that they can encrypt mail if they would like to.

    This is pretty rough, let me know where you are in your current attempt and I will see if I can lead you on.
    Once critical thing was making sure your mail server AV is not interfering with your SMTP verbs, as it will prevent any successful TLS negotiation.


    • #3
      Re: TLS and Exchange 2000

      Thanks Ikeloser for replying. I forgot to add that Exchange server will also use TLS when accepting emails from the same domain.