We have a requirement to receive TLS encrypted mail from one customer.
From what ive read installing a certificate on the exchange server will allow us to accept both TLS and Non TLS mail, is this correct? some other articles suggest setting up and second SMTP virtual server on a separate IP address. (we have no requirement to send TLS mail, only receive)
When requesting the certificate do I use our MX record address for the common name on the cert. i.e. “mail.domain.com”,
how will this work if a secondary MX record is used when the primary is unavailable i.e. “backupmail.domain.com”