When does Email Security.Cloud use TLS instead of the SMTP protocol for sending emails?
By default, the sending mail connections in Email Security.Cloud use the same protocol that the message was received with. For example, if the email was delivered to Symantec cloud for scanning and the protocol used was unencrypted (SMTP), then after scanning we would also use SMTP when delivering the email. If the email was delivered to Symantec using TLS, then we would use TLS for final delivery after scanning.
The only exceptions to this are if the account has Encryption enforcement set or if Policy Based Encryption is being used. In those cases, we would only use TLS to send the email.