TLS delivery for all email being delivered is needed in the Symantec Messaging Gateway.

Configuration:

1. Go to Administration > Hosts > Configuration in the SMG GUI.
2. Select the host you want to enable, and click Edit.
3. Go to the SMTP tab.
4. Click the Advanced Settings button at the bottom of the page.
5. Select the Delivery tab.
6. Check Attempt TLS encryption for delivery of all messages.
7. If you have a specific certificate you wish to use, check the Offer TLS client certificate, and select the certificate in the dropdown.
8. Click Continue.
9. Click Save to commit the changes.
10. Repeat for each SMG scanner.

Addendum:

• These steps will make all emails sent by the SMG to offer TLS.
• If you are accepting email for multiple domains, then also follow the instructions listed in How to enforce TLS inbound from and outbound to a specific domain to ensure that each domain is offering or not.