none
Exchange 2013 SMTP TLS 1.1 or 1.2

    Question

  • Is there a way to check if a receive and send connector is using SMTP TLS 1.1 or 1.2
    Thursday, April 21, 2016 8:32 AM

Answers

All replies

  • Look in the SMTP protocol logs on the server for something like

    "TLS protocol SP_PROT_TLS1_2_SERVER"

    Logs located typically at:

    \\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\FrontEnd\ProtocolLog\SmtpReceive

    This lists the different TLS types:

    https://msdn.microsoft.com/en-us/library/windows/desktop/aa379810(v=vs.85).aspx


    Blog:    Twitter:   

    Thursday, April 21, 2016 1:32 PM
  • Thank you for the response. Ís there way to check (best practices) configuration for receive and send connectors?

    Thursday, April 21, 2016 7:53 PM
  • best practice is always use a server on the perimeter, Do not expose you Exchange CAS/MBX server directly on the internet on the public ip.  For email filter Exchange Edge Server or any cloud based 3rd party solution or EOP.

    For CAS OWA/Active Sync, publish them behind a Firewall.


    Where Technology Meets Talent

    Thursday, April 21, 2016 8:54 PM
  • Is there specific Receive connector configuration to allow only TLS 1.1 and/or TLS 1.2?

    Monday, April 25, 2016 11:41 AM
  • this may be helpful to you.

    What CU are running on Ex13?

    https://support.microsoft.com/en-us/kb/3045301


    Where Technology Meets Talent

    Monday, April 25, 2016 3:27 PM
  • even more helpful

    http://blogs.technet.com/b/exchange/archive/2015/07/27/exchange-tls-amp-ssl-best-practices.aspx


    Where Technology Meets Talent

    Monday, April 25, 2016 3:29 PM