08-24-2016 03:21 PM
Excuse my immaturity with the Email Security via Ironport C170. My task is to have all outgoing mail to seek TLS verification with destination... if found then great, message sent. IF NOT verified then Ironport sends as encrypted.
My logic is this - please assist:
Current TLS setting is Preferred - I would need to Edit Destination Controls and change TLS Support from “Preferred” to “Preferred – Verified”
After changing the Destination Controls, I would need add a filter to the Outgoing Content Filer that specifies “use message encryption if TLS verification fails", Is that correct?
Is so, can you share an example of the content filer language I would need?
- lastly, would I need to change anything elsewhere?
Thank you!
08-25-2016 05:35 AM
Hi Philip,
TLS can be configured for outbound emails from Mail Policies -> Destination Controls
Below is an article for your reference:
http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118844-technote-esa-00.html
Section: Activate Outbound TLS
For the second part, you would need to add a content filter using the Action: Encrypt on Delivery/ Encrypt and Deliver Now (Final Action) -> Encryption Rule: Only use message encryption if TLS fails.
Encrypt message on delivery means that the message continues to the next stage of processing, and when all processing is complete, the message is encrypted and delivered.
We would recommend adding suitable conditions for this filter if you would like to implement this only for certain users.
Regards
Libin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide