I have a requirement from a business unit to enforce TLS delivery for all outbound SMTP messages by a sending email address. Any message that cannot be delivered, they are wanting a custom delivery failure to occur. I know you can do it based off IP/domain via the sender group but the sending system has other SMTP traffic that originates from that IP address. Any assistance would be appreciated.
Sender group is for inbound mail... Outbound mail config is per domain, and is done on Mail Policies/Destination Controls. You set the domain, and what limits you want, enforce TLS and what to happen when you it fails.
Is there a way to make it required TLS based off the sending email address (example: secure@domain.com) while others from that same domain use preferred TLS (example: joeblow@domain.com) ?
No... the destination control gets applied to the whole domain. By default we try to encrypt everything ("Default" set to 'Preferred'). We get ~95% We've got 15 or so "Required" domains, I've gotten 2 bounces from that failing in 10 years.
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
