I'm new to TLS Authentication but have read and followed the following document with fine detail: http://technet.microsoft.com/en-us/library/bb266978(EXCHG.80).aspx
I have configured this in a virtual test environment and all appears to be working... mail flows... I can inspect the verbose email logs and I can see the certificate being sent and received within the log.
I am just not 100% sure that this means that TLS is working!
Does anyone know specifically with 100% certainty what fields in the message headers and/or the verbose logging which indicate that TLS is enabled and operational?
When TLS is used to transmit a message to your Exchange server, the full "Received:" header (as visible when display of full headers is turned on in the receiving e-mail client) will include
Microsoft SMTP Server (TLS)before the date.If you are in a "trust but verify" mood and want to know with 100% certainty, use a packet sniffer like Wireshark on either the sending or receiving server. Send a test message in your virtual environment; look for the port 25 SMTP traffic; if you see encrypted traffic after the SMTP session's
STARTTLScommand and there is no plaintext content, then TLS is working.