TLS 1.2 and Exchange 2010 Hybrid

%3CLINGO-SUB%20id%3D%22lingo-sub-1147639%22%20slang%3D%22en-US%22%3ETLS%201.2%20and%20Exchange%202010%20Hybrid%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1147639%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20all%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHope%20everyone%20is%20well.%20Had%20a%20question%20about%20the%20whole%20deprecation%20of%20TLS%201.0%20and%201.1.%20I%20have%20an%20Exchange%202010%20hybrid%20organization.%20I%20see%20my%20on-premise%20Exchange%20server%20sends%20out%20email%20to%20Office%20365%20using%20TLS%201.2%20but%20does%20not%20receive%20email%20via%20TLS%201.2%20from%20Exchange%20Online.%20It%20just%20says%20TLS%20next%20to%20it%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CTABLE%3E%3CTBODY%3E%3CTR%3E%3CTD%3EZAF01-CT2-obe.outbound.protection.outlook.com%20(104.47.19.175)%3C%2FTD%3E%3CTD%3Email.mycompany.co.za%20(X.X.X.X)%3C%2FTD%3E%3CTD%3E2%2F3%2F2020%201%3A32%3A37%20PM%3C%2FTD%3E%3CTD%3E%3CDIV%20class%3D%22hotBarContainer%22%3E%3CDIV%20class%3D%22hotBarLabel%22%3E1%20second%3C%2FDIV%3E%3CDIV%20class%3D%22hotBarBar%22%3E%26nbsp%3B%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FTD%3E%3CTD%3EMicrosoft%20SMTP%20Server%20(TLS)%3C%2FTD%3E%3C%2FTR%3E%3C%2FTBODY%3E%3C%2FTABLE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20know%20the%20steps%20required%20to%20enable%20the%20server%20portion%20for%20TLS%201.2%20on%20the%20on-premise%20Exchange%20server.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20just%20wanted%20to%20confirm%20a%20few%20things%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E1.%20The%20requirement%20to%20enable%20TLS%201.2%20on%20the%20on-premises%20Exchange%20is%20just%20for%20talking%20to%20and%20from%20Exchange%20Online%20right%3F%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E2.%20Enabling%20TLS%201.2%20on%20the%20on-premise%20Exchange%20server%20won't%20disable%20TLS%201.0%20and%201.1.%20When%20Exchange%20Online%20needs%20to%20route%20email%20to%20my%20on-premise%20email%20server%20it%20try%20and%20negotiate%20on%20TLS%201.2%20right%3F%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E3.%20I%20have%20various%203rd%20party%20solutions%20on-premise%20that%20relay%20email%20of%20the%20on-premise%20Exchange%20server.%20These%20solutions%20do%20not%20use%20TLS.%20I%20am%20planning%20on%20migrating%20to%20Exchange%202016%20soon.%20Will%20I%20still%20be%20able%20use%20TLS%201.0%20and%201.1%20internally%20for%20those%20systems%3F%20And%20only%20when%20the%20Exchange%202016%20server%20talks%20to%20Exchange%20online%20it%20will%20use%20TLS%201.2%20%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1147639%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3E2010%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3E2016%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EExchange%20Online%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EExchange%20Server%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EHybrid%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Highlighted
Regular Contributor

Hi all

 

Hope everyone is well. Had a question about the whole deprecation of TLS 1.0 and 1.1. I have an Exchange 2010 hybrid organization. I see my on-premise Exchange server sends out email to Office 365 using TLS 1.2 but does not receive email via TLS 1.2 from Exchange Online. It just says TLS next to it:

 

ZAF01-CT2-obe.outbound.protection.outlook.com (104.47.19.175)mail.mycompany.co.za (X.X.X.X)2/3/2020 1:32:37 PM
1 second
 
Microsoft SMTP Server (TLS)

 

I know the steps required to enable the server portion for TLS 1.2 on the on-premise Exchange server.

 

I just wanted to confirm a few things:

 

1. The requirement to enable TLS 1.2 on the on-premises Exchange is just for talking to and from Exchange Online right??

 

2. Enabling TLS 1.2 on the on-premise Exchange server won't disable TLS 1.0 and 1.1. When Exchange Online needs to route email to my on-premise email server it try and negotiate on TLS 1.2 right??

 

3. I have various 3rd party solutions on-premise that relay email of the on-premise Exchange server. These solutions do not use TLS. I am planning on migrating to Exchange 2016 soon. Will I still be able use TLS 1.0 and 1.1 internally for those systems? And only when the Exchange 2016 server talks to Exchange online it will use TLS 1.2 ?

0 Replies