Archive for category Exchange

Setting Up Secure Email with S/MIME

Posted by on Thursday, 9 April, 2015

Although often overlooked, many standard email clients (not web-based) provide the ability to send S/MIME secure email. S/MIME has been around for quite some time, but you typically only see it used by perhaps government employees or maybe security-minded folks.

What is S/MIME anyway? It stands for Secure/Multipurpose Internet Mail Extensions.

Using client certificates, similar in concept to server certificates, a user sending an email can do two major things:

1) Digitally Sign an email – this marks the email as having come from the actual sender and will show the receiver if the mail has been altered after the sender signed and sent the email. Nifty!

2) Encrypt an email – once two users both have S/MIME configured and have exchanged messages (thus exchanging public keys), they can exchange encrypted messages back and forth. Note that this is different in concept than TLS level transport encryption between SMTP servers. Transport level encryption ensures that while in transit the message is not sent in the clear. S/MIME level message encryption ensures that the only one who can read the message is the intended recipient – who of course has the private key.

What’s really nice is that a user on an email system or client that doesn’t support S/MIME will still be able to read the signed (but not encrypted) messages. They simply see a smime.p7s file attachment with the message.

Read the rest of this entry »

Understanding Exchange 2010 Personal Archive Requirements

Posted by on Sunday, 20 March, 2011

We recently had a client who was looking to implement Exchange 2010 personal archives. For those that aren’t familiar with the feature, personal archives are essentially a second mailbox associated to a user’s primary mailbox. By creating a personal archive, companies can potentially get away from PST files for archiving of old mail. The personal archive can be stored on a different mailbox database, and isn’t cached if you’re running in cached mode. Nifty.

Of course it’s pretty well known that Microsoft requires a premium Exchange CAL to use Personal Archives, and that you also must be running the Enterprise Edition of Exchange Server 2010. Fair enough, even though I think personal archives is a feature that every company small or large can really benefit from and should be something Microsoft is pushing harder. What ends up being a confusing topic is what version of Outlook is needed to access the personal archive, and this is where our client ran into snags.

Read the rest of this entry »