TLS is the new version of SSL and is the de facto standard in email security. I followed these steps to get it implemented on my network. Note that we have an internal mail server and a Barracuda Spam Filter device.
We got a certificate from Digicert (CA – Certificate Authority) for “*.example.net” which allows TLS to be implemented.
We installed the certificates on the Barracuda by going to Advanced – Secure Administration tab – Set it up like:
a. First two radio buttons = No
b. Web interface HTTPS/SSL port = 443.
c. Certficate type dropdown = Trusted (Signed by Trusted CA)
d. Cert. details = “CN=*.example.net/ Status = OK”. This was manually uploaded. We did this over the phone with Barracuda.
We opened the ports on the router to allow inbound/ outbound TLS.
Next we requested a duplicate cert and installed it on the mail server.
Once the server is configured (Barracuda device), we need to configure the clients, Outlook.
a. Open Outlook, go to File – Account Settings. Change the outbound server to “Barracuda.example.net”.
b. Go to More Settings (button on bottom right) – Advanced – Make sure the Incoming port is “995” for POP and “993” for IMAP and outgoing is 465 requires TLS.
c. Test the account settings, should be all green. Note: If there is a message box that warns about a certificate after enabling TLS, it is probably due to a DNS issue, make sure the incoming and outgoing servers are by host name and not IP.