You have an exchange Server 2016 organization that uses an SMTP domain named contoso.com.
You need to encrypt all
of the SMTP traffic from the organization to a partner organization. The partner organization uses an SMTP domain named litwareinc.com.
Which three commands should you run on your server? Each correct answer presents part of the solution.
A.
New-Receive
Connector -Name -Connector1- -Usage Internet -Bindings 0.0.0.0:587 -DomainSecureEnabled: $true
B.
Set-TransportConfig -TLSSendDomainSecureList litwareinc.com
C. New
-SendConnector -Usage Partner -Name -Connector1- -AddressSpaces -lintwareinc.com-
-IgnoreSTA
RTTLS $false -DNSRoutingEnabled $true -DomainSecureEnabled $true
D.
Set-TransportConfig -TLSReceiveDomainSecureList contoso.com
E.
Set-TransportConfig -TLSReceiveDomainSecureList litwareinc.com
F.
New-SendConnector -Usage Partner -Name -Connector1-
-Addres
sSpaces -contoso.com-
-IgnoreSTARTTLS $false -DNSRoutingEnabled $ture -DomainSecureEnabled $true
G.
Set-TransportConfig -TLSSendDomainSecureList contoso.com
References:
https://technet.microsoft.com/en-us/library/bb124151(v=exchg.160).aspx
https://technet.microsoft.com/en-us/library/aa998936(v=exchg.160).aspx
Agree with CGE
This helped me understand:
-DomainSecureEnabled
The DomainSecureEnabled parameter is part of the process to enable mutual Transport Layer Security (TLS) authentication for the domains serviced by this Send connector. Mutual TLS authentication functions correctly only when the following conditions are met:
The value of the DomainSecureEnabled parameter must be $true.
The value of the DNSRoutingEnabled parameter must be $true.
The value of the IgnoreStartTLS parameter must be $false.
0
0