Mimecast can connect or synchronize with your infrastructure utilizing secure SSL based encryption methods. Using encryption increases the security of your traffic, and requires a valid SSL certificate to be installed. Encryption can be applied to email delivery (TLS), Directory Sync (LDAPS) and Journaling (POP3S).
Mimecast supports connections using TLS 1.0, 1,1 and 1.2 for AES-256, RC4, MD5 and AnonDHE.
To implement certificates in your environment, you will need to install and configure the certificate on the relevant server, i.e. directory server for LDAPS and your mail server for TLS and POP3S. A valid SSL certificate (public, or in certain instances a self-signed certificate) is required.
Obtaining and installing certificates for exchange
The first step in obtaining an SSL certificate is to generate a certificate signing request (CSR). The method used is determined by the Exchange Server version. For a public certificate, the request should then be submitted to one of the supported Certificate Authorities. Once the certificate has been issued by the Certificate Authority, import the certificate into the relevant server. After installing the certificate, you will need to enable it for use with the relevant service.
- Obtain and install SSL certificates - Exchange 2003
- Obtain and install SSL certificates - Exchange 2007
- Obtain and install SSL certificates - Exchange 2010
- Obtain and install SSL certificates - Exchange 2013
TLS (Transport Layer Security)
TLS provides an encrypted end to end tunnel for the secure transmission of emails. TLS can be configured on Mimecast using policies, and can be enabled based on the sender, recipient and content of the email.