locked
secure outbound traffic on a locally hosted windows server 2012 r2 smtp relay IIS 6.0 RRS feed

  • Question

  • User679959709 posted

     IIS 6.0 is configured on my on-premise SMTP relay. How can I secure the outbound traffic? Keep in mind it is Windows Server 2012 r2. I am aware IIS 6.0 is deprecated. the smtp virtual server properties, Access tab, "connection control" is set to allow an ip address within a given subnet. loop back ip and server ip itself. Relay restrictions is set to allow ip addresses which consists of email alerts from devices/scan to email/production reports. 

    I created a self signed certificate and this enabled me to check or uncheck "require TLS encryption" in the secure communication section. This leads me to believe that the above devices will need to send as encrypted transmission else access is denied. Am I correct or overthinking?

    The delivery tab, outbound security is set to Anonymous access and TLS encryption is selected. advanced delivery is set to 15hops, masquerade domain , fqdn, and smart host info. 

    we use office365 and have a connector configured.  i am trying to secure the outbound traffic that transmits over the internet: see screenshot link

    secure outbound internet traffic

    Friday, May 18, 2018 8:37 PM

All replies

  • User121216299 posted

    Hi dwtoonage,

    You had mentioned that,"I created a self signed certificate and this enabled me to check or uncheck "require TLS encryption" in the secure communication section.This leads me to believe that the above devices will need to send as encrypted transmission else access is denied."

    Based on my search results,

    Transport Layer Security (TLS), and SSL that came before TLS, are cryptographic protocols that secure communication over a network by using security certificates to encrypt a connection between computers. TLS supersedes Secure Sockets Layer (SSL) and is often referred to as SSL 3.1. For Exchange Online, we use TLS to encrypt the connections between our Exchange servers and the connections between our Exchange servers and other servers such as your on-premises Exchange servers or your recipients’ mail servers. Once the connection is encrypted, all data sent through that connection is sent through the encrypted channel. However, if you forward a message that was sent through a TLS-encrypted connection, that message isn't necessarily encrypted. This is because, in simple terms, TLS doesn’t encrypt the message, just the connection.

    Reference:

    https://support.office.com/en-us/article/how-exchange-online-uses-tls-to-secure-email-connections-in-office-365-4cde0cda-3430-4dc0-b489-f2c0736c929f

    Regards

    Deepak

    Tuesday, May 22, 2018 7:33 AM