![]() ![]() When sending an email from Exchange 2010 to Office 365 (in another tenant) we can see it’s routed from the Edge Transport server () to Exchange Online Protection (EOP) using TLS 1.0 as can be seen in the following screenshot (click to enlarge): When TLS 1.2 is used, look for a string like TLS protocol SP_PROT_TLS1_2_SERVER and TLS protocol SP_PROT-TLS1_2_CLIENT. Analyzing the protocol logfiles can best be done in Excel (import as CSV files). When analyzing, look for a string like TLS protocol SP_PROT_TLS1_0_SERVER (when receiving) or TLS protocol SP_PROT-TLS1_0_CLIENT (when sending). In my environment this means the Default Receive Connector on the Exchange 2010 Edge Transport server (for O365 traffic from other tenants), the Default-First-Site-Name to Internet Send Connector, and both connectors between the Exchange 2010 server and Office 365 for hybrid. So, you must enable protocol logging for the appropriate Receive Connectors and Send Connectors. Message headers in Exchange 2010 do not contain enough information for showing this TLS information. So, how do you test which TLS version is used by your Exchange 2010 server? In Exchange 2010 this should be done using the protocol logfiles. MX records is pointing to my Exchange 2010 Edge Transport Server (running on Windows 2008 R2), webmail and Autodiscover are routed via an F5 LTM load balancer to an Exchange 2010 CAS/HUB/Mailbox server (also running on Windows 2008 R2), and hybrid is configured directly on Exchange 2010 (for hybrid mail flow I’m using a separate FQDN, ) without any Exchange 2013 or Exchange 2016 server. ![]() ![]() Existing Exchange 2010 environmentĪs you may have seen on this side, I still am a big fan of Exchange 2010 and also have an pure Exchange 2010 hybrid environment up-and-running and it looks like this: This means that when you have communication issues with Office 365 because of an older and weaker protocol, you won’t get any support. At the same time this reminded me that Microsoft will remove support for TLS 1.0 and TLS 1.1 in Office 365 on Octoas communicated in. In a previous blogpost I discussed an issue I had with Outlook 2010 and TLS 1.2. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |