RE: Exchange 2010 TLS setup question
I'm not aware of one. It is pretty straight forward. Create a send-connector that has the relevant destination domain. Edit the send-connector to specify the FQDN that should be used for originating. Make sure the certificate for that FQDN is loaded on the exchange servers with the mapped hub transports. From: Todd Lemmiksoo [mailto:tlemmik...@gmail.com] Sent: Monday, May 6, 2013 11:39 AM To: MS-Exchange Admin Issues Subject: Re: Exchange 2010 TLS setup question Is there a document that walks one through the process. All articles I have read talk about importing certificates on the Edge server and running powershell commands there. On Mon, May 6, 2013 at 10:29 AM, Michael B. Smith mich...@smithcons.commailto:mich...@smithcons.com wrote: It does not require an edge server. From: Todd Lemmiksoo [mailto:tlemmik...@gmail.commailto:tlemmik...@gmail.com] Sent: Monday, May 6, 2013 11:13 AM To: MS-Exchange Admin Issues Subject: Exchange 2010 TLS setup question Subject: Exchange 2010 TLS setup question We currently have Exchange 2010 SP1 no rollups. Two HUB/CAS servers an a DAG wit two mailbox servers. When asked to set up TLS secured mail with one of our vendors. Can this be done without an Edge server? We use two Barracuda email filter boxes as our smart hosts. -- T. Todd Lemmiksoo --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist -- T. Todd Lemmiksoo --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist
RE: Exchange 2010 TLS setup question
Thank you. I found out that it is even easier with our Barracuda email filter devices. No config changes on the Exchange CAS/HUB servers is needed. It is all done on the Barracuda devices. Enable TLS for the domains add in the receiving fqdn . Done Todd Lemmiksoo sent from my Samsung Android On May 7, 2013 4:52 PM, Michael B. Smith mich...@smithcons.com wrote: I’m not aware of one. It is pretty straight forward. ** ** Create a send-connector that has the relevant destination domain. ** ** Edit the send-connector to specify the FQDN that should be used for originating. ** ** Make sure the certificate for that FQDN is loaded on the exchange servers with the mapped hub transports. ** ** *From:* Todd Lemmiksoo [mailto:tlemmik...@gmail.com] *Sent:* Monday, May 6, 2013 11:39 AM *To:* MS-Exchange Admin Issues *Subject:* Re: Exchange 2010 TLS setup question ** ** Is there a document that walks one through the process. All articles I have read talk about importing certificates on the Edge server and running powershell commands there. ** ** On Mon, May 6, 2013 at 10:29 AM, Michael B. Smith mich...@smithcons.com wrote: It does not require an edge server. *From:* Todd Lemmiksoo [mailto:tlemmik...@gmail.com] *Sent:* Monday, May 6, 2013 11:13 AM *To:* MS-Exchange Admin Issues *Subject:* Exchange 2010 TLS setup question Subject: Exchange 2010 TLS setup question We currently have Exchange 2010 SP1 no rollups. Two HUB/CAS servers an a DAG wit two mailbox servers. When asked to set up TLS secured mail with one of our vendors. Can this be done without an Edge server? We use two Barracuda email filter boxes as our smart hosts. -- T. Todd Lemmiksoo --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist -- T. Todd Lemmiksoo --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist
Re: Exchange 2010 TLS setup question
Keep in mind you may need a valid certificate from a trusted certificate authority. If it just worked, it may be using a self-signed cert. This may adequate for some but a lot of entities enforce certificate verification for TLS. - Sean On Tue, May 7, 2013 at 3:42 PM, Todd Lemmiksoo tlemmik...@gmail.com wrote: Thank you. I found out that it is even easier with our Barracuda email filter devices. No config changes on the Exchange CAS/HUB servers is needed. It is all done on the Barracuda devices. Enable TLS for the domains add in the receiving fqdn . Done Todd Lemmiksoo sent from my Samsung Android On May 7, 2013 4:52 PM, Michael B. Smith mich...@smithcons.com wrote: I’m not aware of one. It is pretty straight forward. ** ** Create a send-connector that has the relevant destination domain. ** ** Edit the send-connector to specify the FQDN that should be used for originating. ** ** Make sure the certificate for that FQDN is loaded on the exchange servers with the mapped hub transports. ** ** *From:* Todd Lemmiksoo [mailto:tlemmik...@gmail.com] *Sent:* Monday, May 6, 2013 11:39 AM *To:* MS-Exchange Admin Issues *Subject:* Re: Exchange 2010 TLS setup question ** ** Is there a document that walks one through the process. All articles I have read talk about importing certificates on the Edge server and running powershell commands there. ** ** On Mon, May 6, 2013 at 10:29 AM, Michael B. Smith mich...@smithcons.com wrote: It does not require an edge server. *From:* Todd Lemmiksoo [mailto:tlemmik...@gmail.com] *Sent:* Monday, May 6, 2013 11:13 AM *To:* MS-Exchange Admin Issues *Subject:* Exchange 2010 TLS setup question Subject: Exchange 2010 TLS setup question We currently have Exchange 2010 SP1 no rollups. Two HUB/CAS servers an a DAG wit two mailbox servers. When asked to set up TLS secured mail with one of our vendors. Can this be done without an Edge server? We use two Barracuda email filter boxes as our smart hosts. -- T. Todd Lemmiksoo --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist -- T. Todd Lemmiksoo --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist
Re: Exchange 2010 TLS setup question
Ok i will check the Barracuda certificate that is installled on them. That is how our mail is smart hosted. Todd Lemmiksoo sent from my Samsung Android On May 7, 2013 7:34 PM, Sean Martin seanmarti...@gmail.com wrote: Keep in mind you may need a valid certificate from a trusted certificate authority. If it just worked, it may be using a self-signed cert. This may adequate for some but a lot of entities enforce certificate verification for TLS. - Sean On Tue, May 7, 2013 at 3:42 PM, Todd Lemmiksoo tlemmik...@gmail.comwrote: Thank you. I found out that it is even easier with our Barracuda email filter devices. No config changes on the Exchange CAS/HUB servers is needed. It is all done on the Barracuda devices. Enable TLS for the domains add in the receiving fqdn . Done Todd Lemmiksoo sent from my Samsung Android On May 7, 2013 4:52 PM, Michael B. Smith mich...@smithcons.com wrote: I’m not aware of one. It is pretty straight forward. ** ** Create a send-connector that has the relevant destination domain. ** ** Edit the send-connector to specify the FQDN that should be used for originating. ** ** Make sure the certificate for that FQDN is loaded on the exchange servers with the mapped hub transports. ** ** *From:* Todd Lemmiksoo [mailto:tlemmik...@gmail.com] *Sent:* Monday, May 6, 2013 11:39 AM *To:* MS-Exchange Admin Issues *Subject:* Re: Exchange 2010 TLS setup question ** ** Is there a document that walks one through the process. All articles I have read talk about importing certificates on the Edge server and running powershell commands there. ** ** On Mon, May 6, 2013 at 10:29 AM, Michael B. Smith mich...@smithcons.com wrote: It does not require an edge server. *From:* Todd Lemmiksoo [mailto:tlemmik...@gmail.com] *Sent:* Monday, May 6, 2013 11:13 AM *To:* MS-Exchange Admin Issues *Subject:* Exchange 2010 TLS setup question Subject: Exchange 2010 TLS setup question We currently have Exchange 2010 SP1 no rollups. Two HUB/CAS servers an a DAG wit two mailbox servers. When asked to set up TLS secured mail with one of our vendors. Can this be done without an Edge server? We use two Barracuda email filter boxes as our smart hosts. -- T. Todd Lemmiksoo --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist -- T. Todd Lemmiksoo --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist
Exchange 2010 TLS setup question
Subject: Exchange 2010 TLS setup question We currently have Exchange 2010 SP1 no rollups. Two HUB/CAS servers an a DAG wit two mailbox servers. When asked to set up TLS secured mail with one of our vendors. Can this be done without an Edge server? We use two Barracuda email filter boxes as our smart hosts. -- T. Todd Lemmiksoo --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist
RE: Exchange 2010 TLS setup question
It does not require an edge server. From: Todd Lemmiksoo [mailto:tlemmik...@gmail.com] Sent: Monday, May 6, 2013 11:13 AM To: MS-Exchange Admin Issues Subject: Exchange 2010 TLS setup question Subject: Exchange 2010 TLS setup question We currently have Exchange 2010 SP1 no rollups. Two HUB/CAS servers an a DAG wit two mailbox servers. When asked to set up TLS secured mail with one of our vendors. Can this be done without an Edge server? We use two Barracuda email filter boxes as our smart hosts. -- T. Todd Lemmiksoo --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist
Re: Exchange 2010 TLS setup question
Is there a document that walks one through the process. All articles I have read talk about importing certificates on the Edge server and running powershell commands there. On Mon, May 6, 2013 at 10:29 AM, Michael B. Smith mich...@smithcons.comwrote: It does not require an edge server. ** ** *From:* Todd Lemmiksoo [mailto:tlemmik...@gmail.com] *Sent:* Monday, May 6, 2013 11:13 AM *To:* MS-Exchange Admin Issues *Subject:* Exchange 2010 TLS setup question ** ** Subject: Exchange 2010 TLS setup question We currently have Exchange 2010 SP1 no rollups. Two HUB/CAS servers an a DAG wit two mailbox servers. When asked to set up TLS secured mail with one of our vendors. Can this be done without an Edge server? We use two Barracuda email filter boxes as our smart hosts. -- T. Todd Lemmiksoo --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist -- T. Todd Lemmiksoo --- To manage subscriptions click here: or send an email to with the body: unsubscribe exchangelist