Microsoft Office Tutorials and References
In Depth Information
Email handling and transport
While this is true for traditional email traffic, FOPE attempts to make email transmission
more secure through the implementation of opportunistic Transport Layer Security (TLS).
As shown in Figure 10-3, Exchange Online, through the integrated Forefront Protection for
Exchange, will first attempt to make a TLS connection with the destination email system. As
depicted in Step 2 of Figure 10-3, the destination email system will either accept or reject
the TLS connection request. Finally, in Step 3, if the destination email system accepted the
TLS connection request, Exchange Online will transmit the email securely through the TLS
connection. If the destination email system rejects the TLS connection request, Exchange
Online will transmit the email through traditional SMTP, thereby ensuring the email reaches
the destination. Opportunistic TLS is the default setting for Exchange Online Protection.
Figure 10-3 Opportunistic Transport Layer Security (TLS)
You can affect the email transport method. This is known as handling. Applied to the
opportunistic TLS scenario, let us assume that you would like to change this setting for
emails based on certain properties, such as destination or content. You can change the
setting from opportunistic TLS to enforced TLS. By doing so, you have created a special
Communication between Exchange Online customers
Communication channels between Office 365 data centers are all encrypted. Therefore, if a
user in an organization that uses Exchange Online sends an email to another user in a
different organization that also uses Exchange Online, the email will be delivered through an
end-to-end encrypted connection, even if the Exchange Online service for both
organizations reside in different data centers.
This also applies to customers who subscribe to Office 365 from different geographic
locations. For example, a user in Singapore working for a Singapore-based company that uses
Exchange Online sends an email to a user located in Washington working for a U.S.-based
company that also uses Exchange Online. In this scenario, even though the users are
working for two different companies that are geographically disparate, that email will be
delivered through a secure transmission because they are both Exchange Online customers.