I would like to understand the possibility to limit access from Internet to Exchange (RPC over HTTPS in Outlook) by requiring the machine or user to present a client certificate (before the login session). Is this at all possible with Exchange 2010?
I saw a lot of docs for the Active Sync part (where this is possible) but I just recall seeing once a technical document for client certificate authentication with RPC over HTTPS (and frankly speaking, I am not that sure I saw it, since I cannot find it again despite repeated searches).
Alternatively: is it possible to request an NTLM token as the sole authentication mechanism (which would be available only from a domain controller, thus rejecting machines from outside the domain)?