TLS1.2 is what you need.
It is all about the Windows version. I guessed an old version of SmarterMail because the newer releases of SM require the newer versions of Windows Server. Here is my recollection:
- On Windows7 (and therefore perhaps in Server 2008 as well), TLS1.2 was present but disabled by default in early releases. It could be turned on manually, and then a Windows Update kit eventually turned it on by default.
- For Server 2003 and 2003 R2, there were Windows Update kits to add support for TLS1.2 and AES256
I don't recall any special measures required to enable current encryption components in Server 2008 R2 or later.
TLS (and its predecessor SSL) is the protocol - how do I say "Hello" and "Goodbye". TLS1.1, TLS1.0, and SSL3 have been deprecated as vulnerable to specialized attacks.
After connection, an asymmetric encryption algorithm is used to discuss what comes next. I think some the options are RSA and DH and ECDH, and ECDHE. These are high-overhead algorithms, so the peers use this connection to select a symmetric encryption algorithm and choose a key.
AES and 3DES are examples of symmetric encryption algorithms. A bunch of older algorithms have also been deprecated as vulnerable. A bunch of newer ones have also been rolled out but I forget their names.
A MAC (checksum) algorithm is used to ensure that a packet is received in the same form as it was transmitted. The preferred one is SHA2. SHA and MD5 have been deprecated as unsafe.
PFS (perfect forwarding secrecy) is a reset mechanism which helps to ensure that cracking one packet does not allow the attacker to crack all packets. Sessions without PFS are generally deprecated also.
The number following some of the protocols is bit strength. For example, AES-256 and SHA2-256 mean that 256 bits are used for the algorithm. Higher bit strength is harder to crack using brute force techniques.
I did not understand all this layering until I started studying for the CISSP exam. The chapter on encryption explained this all in language that I found easy to follow and understand. Above is my attempt summarize a complex topic.
As I said originally, you should be able to talk to anybody as long as your server can do TLS1.2, AES-256, and SHA2. Best wishes.