03-03-2016 06:39 AM
Hello,
I want to configure a TLS communication between a Cisco ESA (Email security appliance) and another mail relay. I found only a way to configure the encryption to/from a domain. But I have to configure the TLS connection between the IP address of the ESA and the IP address of the other relay because a domain restriction is not possible. All other mails which are not addressed for this mail relay have to send unencrypted.
Solved! Go to Solution.
03-03-2016 07:32 AM
Under Mail Policies, Destination Controls, you can add a Destination to enforce TLS. Select Add Destination, type in the Domain name and on TLS Support, change it from "Default (Preferred)" to "Required". This will require that TLS is available on the remote side or the email will queue on your ESA until TLS is available on the remote side.
Doug
03-03-2016 07:32 AM
Under Mail Policies, Destination Controls, you can add a Destination to enforce TLS. Select Add Destination, type in the Domain name and on TLS Support, change it from "Default (Preferred)" to "Required". This will require that TLS is available on the remote side or the email will queue on your ESA until TLS is available on the remote side.
Doug
03-03-2016 11:36 PM
Thank you. That´s clear. But I can´t enter a domain name I have to enter the IP address or hostname of the partner mail relay.Background, all mails are received under one domain name on the ESA. There will be determine by a LDAP request if the received mail will be transported to the internal Exchange system or if the mail will transported to an external relay. And the transport to this external relay have to be encrypted via TLS.
03-09-2016 07:14 AM
Outbound TLS controls = Destination Controls
Inbound TLS = HAT > Sender Group > Mail Flow Policy
With these you can secure Required TLS outbound routing (via Domains) and Required TLS for Inbound routing (via IPs)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide