Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
832
Views
5
Helpful
1
Replies

Security Risks- 'Allow tls' in ESMTP

iteam
Level 1
Level 1

‎11-13-2018 09:07 PM - edited ‎11-13-2018 10:07 PM

HI,

 

I would like to have a session between azure O365 cloud and an on premise server behind Cisco ASA 5545. However the session cannot start due to STARTTLS failing. THe firewall cannot read TLS encrypted packets for port 25 hence the packets are dropped. A workaround for this is to 'allow tls' under ESMTP  in the configuration. However, since this change will be global, I would like to know the security risks associated with such a change. In case there is another solution kindly advise.

 

Thanks

 

Labels:
0 Helpful
1 Reply 1

Ken Stieers
VIP
VIP

‎11-14-2018 03:52 AM

Is theasy ESA the only box allowed to send/receive SMTP throught the firewall?

If so, no risk...
Customers Also Viewed These Support Documents