Is TLS needs to Enforce for a partial domains ?

bsrinu001 · ‎05-17-2017

Hi Team,

We have already have Enforced TLS for a xyz.com, is its necessary to enforce for a hk.xyz.com too ? please suggest.

Thank you

Libin Varghese · ‎05-17-2017

Hi,

The Destination Control looks for a match to the domain portion of the recipient's email address. If there is not an explicit match, then the control for the "Default Destination" is used.

Partial domain names can be used to match sub-domains of the entry matched.

Thank You!

Libin Varghese

bsrinu001 · ‎07-27-2017

I couldnot get you !! please explain in detail, is partial domains needs to be Enforced TLS ??

Libin Varghese · ‎07-27-2017

The Desitination Controls only works with domain names or partial domain names. For example:

ironport.com
.ironport.com

The ironport.com domain name will cover an address such as test@ironport.com

The .ironport.com partial domain name will cover an address such as test@cisco.ironport.com or test@Something.ironport.com

If you want to enforce or use TLS with hk.xyz.com and all other partial domains for xyz.com when sending email to us then you just need to add an additional entry for ".cisco.com" in the Destination Controls and it will use DNS to look up all the receiving servers for hkcisco.com and whichever server in the MX record lookup the TCP SMTP connection is negotiated will then be used.

- Libin V

Ken Stieers · ‎07-27-2017

Let me clean that up a bit....

"If you want to enforce or use TLS with hk.xyz.com and all other partial domains for xyz.com when sending email to us then you just need to add an additional entry for ".xyz.com" in the Destination Controls and it will use DNS to look up all the receiving servers for hkcisco.com and whichever server in the MX record lookup the TCP SMTP connection is negotiated will then be used."