This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to encrypt whole domain to another?

Hi,

I want to encrypt the whole communication between my domain (mailserver internal, utm connected with real name and IP to the world) and another domain.
So I found some discussions but no working flow ...
In my opinion it has to be like this:
I create a certificate PGP and/or S/MIME for *@mydomain.tld
The other side does the same for *@remotedomain.tld
If I import the public key/certificate of *@remotedomain.tld and give my public to them, so it has to work? Or is there somethink to do too?
I want anything, sending by someone from my mailsystem to the remote to be encrypted (cannot use mail TLS/SSL only because there are some provider server at the other side). And the way back too, of course.

Waiting for comments or suggestions.

Thanks a lot.

Dirk

This thread was automatically locked due to age.

0 BAlfson over 11 years ago

Hi, Dirk,

In fact, as you seem to know, the messages between modern mail servers are encrypted using TLS, so it's unlikely that you'll find any that communicate in clear text.

Because of that, there's no way to get the UTM to do domain-to-domain encryption in the way you suggest - you would have to configure each of your mydomain.tld users, individually, as 'Internal Users' of encryption.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel