Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1488
Views
5
Helpful
2
Replies

TLS alerts for incoming mails

Go to solution
csco12569304
Level 1
Level 1

‎10-10-2019 02:52 AM

Hello Support,

Our customer has 2 Cisco ESAs C390. Recently we get a request to enable TLS required for incoming mails instead of TLS preffered. Our question is that is there any way to receive TLS alerts for incoming. For example if a sender is not delivering an email via TLS and the email failed to delivery, is this possible to receive an alert that the messa from these sender failed to deliver bacause of TLS failed?

Thanks Mike,

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
marc.luescherFRE
Spotlight
Spotlight

‎10-15-2019 06:00 AM

I would use a slightly different approach.

 

We have a customer mail server for one of our departments to check if an email came in via TLS or not. Email without TLS are not trusted and additional verification needs to happen. The output of this check is added a footer below every message but you could also modify it and sent an email to admins instead.

 

An example :

 

GUI_Add_TLS_Status_ML: if (rcpt-to == "marc.luescher@xxxxxxx) AND (header("Received") == "ESMTP") { add-footer("Debug_Footer_TLS"); edit-header-text("FROM", "(.*)", "\\1 .via.ESMTP"); }

 

O365 changed their TLS signature 9/30/2019 so will need to check how it looks now but this might need a second search string.

 

 

 

 

 

 

View solution in original post

2 Replies 2

Go to solution
Mathew Huynh
Cisco Employee
Cisco Employee

‎10-10-2019 05:58 PM

Hey Mike,

 

TLS incoming; if set to required to enforce TLS - we do not generate alerts or notification to notify.

The sender would eventually get a hard bounce email that they may send forward to your side to inform you they're unable to send emails. But this would be down to the sender themselves to notify if there are issues on sending to your end.

 

Regards,

Mathew

0 Helpful

Go to solution
marc.luescherFRE
Spotlight
Spotlight

‎10-15-2019 06:00 AM

I would use a slightly different approach.

 

We have a customer mail server for one of our departments to check if an email came in via TLS or not. Email without TLS are not trusted and additional verification needs to happen. The output of this check is added a footer below every message but you could also modify it and sent an email to admins instead.

 

An example :

 

GUI_Add_TLS_Status_ML: if (rcpt-to == "marc.luescher@xxxxxxx) AND (header("Received") == "ESMTP") { add-footer("Debug_Footer_TLS"); edit-header-text("FROM", "(.*)", "\\1 .via.ESMTP"); }

 

O365 changed their TLS signature 9/30/2019 so will need to check how it looks now but this might need a second search string.

 

 

 

 

 

 

Customers Also Viewed These Support Documents