Question : Configuring TLS between two mail domains

Hi

I was hoping someone could help me get my head around TLS :)

I've read various Internet articles on it, but can't seem to get my head around how it can actually be set up.

Let's say I am mydomain.com, and my MX record is mx1.mydomain.com.  This is a non-Exchange SMTP relay (let's say the MTA is SendMail for the sake of argument) and I also use it for outgoing SMTP mail to the Internet.

There is another domain, bank.com, that I want email to be encrypted with. Their incoming/outgoing mail gateway, SendMail too, is mx1.bank.com.

There is on VPN connection between the two domains, everything has to go via the Internet. Plus, other SMTP mail should be able to send email to me normally.

Does anyone know the rough steps involved for me to set up TLS communication between mydomain.com and bank.com's SMTP servers?

Answer : Configuring TLS between two mail domains

You cannot do this on your own. The other side has to make changes as well because Exchange 2003 doesn't do opportunist TLS.
You would purchase an SSL certificate for your preferred host name (tls.example.com) and place it on a second SMTP virtual server, which is either using its own port, or ideally its own IP address. Yo would then tell anyone who wants to send email to you to use that alternative host address, rather than your MX address.

For sending email, you will need to know the same sort of information - dedicated host name or the same host. An SMTP connector would be created. For domains with a dedicated host, a separate SMTP connector for each one will be required. For servers that use the same MX record host name for TLS, the same SMTP connector can be used. In both cases the use TLS/SLL option would be enabled.

Simon.