Hi Jair,
I don't pretend to know anything about Microsoft Active Directory, and
don't know if this is even an available feature for MS Exchange. So,
hopefully somebody else on the list will be able to help you in more detail.
In my experience, this type of functionality requires an SSL certificate
on your Internet-facing mail server (MX), and of course you need to
configure the mail server to talk both plain SMTP and encrypted SMTP.
This gives you transport-level security, encrypting communication
between mail servers using a common certificate. Easier to deploy but
possibly less secure, as anyone gaining access to 1 common certificate
can potentially decrypt all encrypted mail flowing through that mail server.
A quick 'google' will yield you with positive results:
http://www.networkworld.com/news/2007/011807-tls4.html
Alternatively, you could deploy a tool like PGP or the like, allowing
each user the option to encrypt selected email messages using their own
individual certificates. Harder and more expensive to deploy, but
possibly more secure as each individual user has their own certificate,
and only intended recipients will be provided with the means to decrypt
and read the message based on a web of trust.
Cheers,
Paul daSilva
Jair wrote:
> Hi There,
>
> I have a CA in my windows 2000 active directory domain and my users
> are able
> to send encrypted emails just to internal users in the organization(
> users
> in the same active directory domain).
> Are you aware of any way to send encrypted messages to users in a
> different
> organization ( another email domain) ?
>
> Thanks a lot in advance for your answer.
Received on Apr 04 2007
Intro
