Showing results for 
Search instead for 
Did you mean: 

TLS alerts for incoming mails

Hello Support,

Our customer has 2 Cisco ESAs C390. Recently we get a request to enable TLS required for incoming mails instead of TLS preffered. Our question is that is there any way to receive TLS alerts for incoming. For example if a sender is not delivering an email via TLS and the email failed to delivery, is this possible to receive an alert that the messa from these sender failed to deliver bacause of TLS failed?

Thanks Mike,

Cisco Employee

Re: TLS alerts for incoming mails

Hey Mike,


TLS incoming; if set to required to enforce TLS - we do not generate alerts or notification to notify.

The sender would eventually get a hard bounce email that they may send forward to your side to inform you they're unable to send emails. But this would be down to the sender themselves to notify if there are issues on sending to your end.




Re: TLS alerts for incoming mails

I would use a slightly different approach.


We have a customer mail server for one of our departments to check if an email came in via TLS or not. Email without TLS are not trusted and additional verification needs to happen. The output of this check is added a footer below every message but you could also modify it and sent an email to admins instead.


An example :


GUI_Add_TLS_Status_ML: if (rcpt-to == "marc.luescher@xxxxxxx) AND (header("Received") == "ESMTP") { add-footer("Debug_Footer_TLS"); edit-header-text("FROM", "(.*)", "\\1 .via.ESMTP"); }


O365 changed their TLS signature 9/30/2019 so will need to check how it looks now but this might need a second search string.