Exchange Security Knowledge Base list.

A. Below is a list of useful Knowledge Base articles.

1) How to install Exchange 5.5 with support for V1 and V3 Certificates for SMIME and Public/ Private Key encryption (Signing and Sealing Mail Messages). This uses the CA version 1.0 (Certificate Authority) in IIS 4.0 that comes in the NT 4.0 Option Pack. This requires the Updated CA Server. See these KB's.

Q192044 Setting Up X509v3 Certs on Exch 5.5 SP1 KMS with Local CertSrv
Q184695 Readme Notes for Certificate Server Update

2) How to setup SSL/TLS between between Exchange Server 5.0 /5.5 and Internet Email Clients, POP3, IMAP4, NNTP, HTTP, SMTP.

Q175439 XFOR: Enabling SSL For Exchange Server

3) How to setup SSL/TLS between Exchange Server and other SMTP (non-exchange) host. This requires enabling SSL for the SMTP protocol first. See Q175439 for instructions, but select SMTP as the Protocol to be used in Key Manger.

Q174755 XFOR: Connecting IMS to IMS with SASL

4) When you use Microsoft Outlook Express to connect to Microsoft Exchange Server, version 5.0 with Service Pack 1 installed, the Information Store may stop responding (crash). Fixed in the Latest Service Pack.

Q166627 XCLN: Outlook Express Crashes Store When SSL Is Used

5) When trying to access a mailbox in Internet Explorer version 3.02 when the WWW Service for the Internet Information Server (IIS) computer is configured to use Windows (NTLM) authentication only, you may receive the following error message: The Login Request was Denied. Fix is to upgrade to IE 4.0 or use Registry Entry.

Q173307 XWEB: "The Login Request was Denied" Error Message

6) If you configure the Internet Mail Service on two Microsoft Exchange Server computers to use Secure Sockets Layer (SSL) without authentication, you may receive a non-delivery report (NDR) when you attempt to send mail from one server to another through the Internet Mail Service. The text of the NDR includes a 505 error and indicates that authentication is required for the message to be delivered. Fixed in the Latest Service Pack for 5.5.

Q181481 XFOR: Non-Delivery Report When Using SSL Without Authentication

7) On July 17, 1998 Microsoft released an updated version of Schannel.dll. This latest version provides the following benefits: Updates the SChannel.dll used by IIS and Exchange Server for Encryption. See article for Details.

Q148427 Generic SSL (PCT/TLS) Updates for IIS and MS Internet Products
Q181937 Latest SGC-Enabled Schannel.dll Breaks IIS 3.0 Key Manager [iis]

8) Microsoft Proxy Server is designed to work well with other servers like Microsoft Exchange Server. Most Windows Sockets server applications are able to use the server proxy feature while installed on or behind the Proxy Server. Certain additional advanced settings may be required, based on your particular internal server configuration.

Q181420 How to Configure Exchange or Other SMTP with Proxy Server
Q187652 Accessing Data Published Behind MS Proxy Server 2.0
Q178532 Configuring Exchange Internet Protocols with Proxy Server
Q177153 Additional Proxy Server 2.0 Configurations [proxysvr]

9) This article discusses the known TCP/IP ports (TCP and/or UDP) that are used by services within Microsoft Windows NT version 4.0 and Microsoft Exchange Server version 5.0 and 5.5.

Q150543 WinNT, Terminal Server, & Exchange Services Use TCP/IP Ports [crossnet]

10) Microsoft Exchange Server versions 5.0 and 5.5 support a variety of Internet-focused protocols, including POP3, HTTP, LDAP, and NNTP. This article explains the different authentication forms for each protocol.

Q175440 Protocol Authentication on Exchange Server [exchange]