Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2342
Views
5
Helpful
3
Replies

SMA - send and receive mail with TLS

Go to solution
tamaszoltan
Level 1
Level 1

‎12-04-2017 05:50 AM - edited ‎03-08-2019 07:29 PM

Hello,

 

Is it possible enable the SMTP TLS between the SMA and ESA appliances through quarantine communication ports (6025, 7025)?

  

Thanks!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee

‎12-04-2017 07:07 PM

Hi,

 

As far as I know, this is related to the nature of the corresponding messages – emails tagged for Centralized CPQ are usually sensitive and their transmission should be protected and encrypted, whereas spam messages do usually not have confidential content.

 

Additionally, based on the amount of spam messages being quarantined, this could have a performance increase as each TLS conversation is at least 5-10 times more expensive than a normal SMTP conversation.

 

Traffic over port 7025 for centralized PVO is over TLS by default while centralized ISQ does not have a direct method to use TLS.

 

Regards,

Libin Varghese

View solution in original post

3 Replies 3

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee

‎12-04-2017 07:07 PM

Hi,

 

As far as I know, this is related to the nature of the corresponding messages – emails tagged for Centralized CPQ are usually sensitive and their transmission should be protected and encrypted, whereas spam messages do usually not have confidential content.

 

Additionally, based on the amount of spam messages being quarantined, this could have a performance increase as each TLS conversation is at least 5-10 times more expensive than a normal SMTP conversation.

 

Traffic over port 7025 for centralized PVO is over TLS by default while centralized ISQ does not have a direct method to use TLS.

 

Regards,

Libin Varghese

Go to solution
tamaszoltan
Level 1
Level 1
In response to Libin Varghese

‎12-04-2017 11:17 PM

Thanks for your fast response!

0 Helpful

Go to solution
nmogense
Level 1
Level 1
In response to Libin Varghese

‎11-04-2019 02:48 AM

".. whereas spam messages do usually not have confidential content"

 

possible spam - we don't know if the message is spam or not until the enduser makes that decision. 

We just might be violating the GDPR ruleset if we are not able to encrypt this communication.

I do understand that it will have a performance impact. But it would be nice to have a checkbox ...

0 Helpful
Customers Also Viewed These Support Documents