Exchange Server Forums

Best practices for setting up inbound/outbound TLS for specific domains

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [Microsoft Exchange 2003] >> Server Security >> Best practices for setting up inbound/outbound TLS for specific domains

Page: [1]

Message

<< Older Topic Newer Topic >>

Best practices for setting up inbound/outbound TLS for ... - 14.Mar.2011 8:16:50 PM

cjprice

Posts: 1
Joined: 14.Mar.2011
Status: offline

We are looking to implement TLS on our Exchange 2003 Server. Currently there are only a couple of companies we deal with that have support for TLS...so we're hoping to do a trial run with a few specific domains.

I found a good article on this website that describes how to do what we are trying to accomplish, but I just was hoping to get some feedback about how other people are doing things? I've read in a couple of articles that you should create a separate Virtual SMTP server in addition the the SMTP connectors...is this really necessary?

Also, how about recommendations on the cert? We currently have an SSL cert through OptimumSSL mapped to mail.ourdomain.com for use with our OWA client. Can we use this same cert for enabling TLS? Also, from the article I read, it made things sound as if we could enable inbound TLS on our default SMTP server and it would allow companies that supported TLS to send via TLS, while those that did not would just send in plaintext...am I understanding this correctly? This sounds more like opportunistic TLS, which it is my understanding that Exchange 2003 doesn't support.

SO, my other question is...should we use a separate cert for TLS...ie secure.mydomain.com?

Is there anything I'm missing?
Thanks!