TLS and Encryption

[snootalope]

I'm looking to encrypt our company's outbound email...Hopefully I'm on the right path here. I'm about to purchase an SSL certificate from godaddy and put that on our Exchange 2003 SP2 box. From the articles I'm reading, I just enable TLS, but it also talks about setting up another SMTP virtual server, is that really necessary? Does that make the server an opportunistic TLS machine, where it'll send and receive TLS when it can and not use TLS when the other end doesn't support it?

We're also using activesync for windows mobile devices and I'm hopping this trusted godaddy cert means I no longer have to put our own private cert on each phone. Is that true?

Thanks for any advice!

 

[58sniper]

If you setup another SMTP virtual server, you can specify remote address spaces, and require TLS for those. I have clients who must do that with financial institutions.

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.

http://www.ucblogs.net/blogs/exchange/

 

[snootalope]

I see.. does that mean that even though I enable TLS that it won't use it for domains that dont have TLS enabled?