10.11. Setting Up TLS Security for SMTP
Problem
You want to enable the use of Transport Layer Security (TLS) encryption for your SMTP traffic.
Solution
Using a graphical user interface
To enable TLS for an SMTP virtual server, do the following:
Launch the Exchange System Manager (Exchange System Manager.msc).
In the left pane, expand the appropriate Administrative Groups container, and then expand the Servers container.
Expand the target server's Protocols node and expand its SMTP node.
Right-click the SMTP virtual server on which you want to use TLS and select Properties.
Click the Access tab. If the Communications button is enabled, click it. If it's not enabled, you must first install a certificate. To do so, perform the following steps:
Click the Certificate button. The Web Server Certificate Wizard will appear; click Next.
On the Server Certificate page, indicate whether you want to request a new certificate or use an existing one. If you already have an SSL certificate installed for use with OWA, you can reuse it by selecting the Assign an existing certificate button. (If you need to request a new certificate, refer to the instructions provided by your certificate authority; we won't cover the process here.) Click Next.
In the Available Certificates page, select the certificate you're using for SSL and click Next.
Click Next on the summary page, then click Finish to dismiss the certificate wizard.
Click the Communications button.
Click the Require secure channel checkbox. For added security, ...