My customer mandates encryption between their clients within to the company mail system. Currently they use the built in Lotus Notes/Domino encryption. What are my options when we add Exchange into the mix since S/MIME and Lotus Notes/Domino encryption do not work over the current connector ?
You will need to use SMTP for mail flow. You can use either MIIS or Exchange Connector 2003 for Lotus Notes for the directory synchronization process (details). They can use the Microsoft PKI internally (details). If you do this you probably want to ensure
your root CA is chained with a 3rd Party Trusted CA.
The second, better long term PKI solution is to outsource and use an external vendor such as Verisign or Entrust.