none
Forcing all outgoing mail to have TLS?

Alle Antworten

  • Exchange uses what's known as opportunistic TLS so if the server Exchange is sending to supports TLS, it will be used.  So you probably don't really need to do anything.  If you turn up protocol logging and examine the logs, you'll find that is probably happening.

    The article you cite is in regard to Office 365, which is why *.outlook.com is referenced.

    The Set-SendConnector cmdlet is what you would use to force TLS.

    https://docs.microsoft.com/en-us/powershell/module/exchange/mail-flow/set-sendconnector?view=exchange-ps


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Mittwoch, 13. Juni 2018 18:59
    Moderator
  • Thanks they say we can't use opportunistic tls it has to always enabled.    So  is this the command?

    Set-SendConnector -Identity “send.ourdomain.com" RequireTLS   $true

    Donnerstag, 14. Juni 2018 00:25
  • That's right, but depending on the other end's configuration, you might need to also specify TLSAuthLevel, TLSCertificateName, TLSDomain, and IgnoreSTARTTLS.  I seem to recall a good number of threads in these forums where people have had trouble configuring this.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Donnerstag, 14. Juni 2018 00:45
    Moderator