How to apply enforced encryption between you and Symantec

book

Article ID: 179106

calendar_today

Updated On:

Products

Email Security.cloud

Issue/Introduction

 

Resolution

Problem

You need to enable TLS enforcement inbound and outbound between your domains and the Symantec Email Securiy.Cloud service.

Solution

To achieve TLS enforcement for outbound mails between your domain/s and Symantec do the following:

  • Log into https://clients.messagelabs.net
  • Navigate to Services > Email Services > Encryption
  • On the TLS Enforcements tab select the domain you wish to have TLS enforced.
  • Underneath the 'TLS Enforcements between you and the Email Security Servces' section check the 'Always enforce TLS outbound from my domain to the Email Security Services infrastructure'.

  • Click OK on the popup box.
  • Scroll to the bottom of the page and click 'Save'. After a short period of propagation all outbound mails on the selected domain will then have a TLS enforcement placed on them.

All outbound mails from the selected domain will now only be accepted if they sare sent using TLS encryption. Anything sent from the domain outbound that is not using TLS encryption will be rejected.

Once accepted by the Email Security.Cloud infrastructure we will attemtp to deliver the mail opportunisticly to the intended third party recipient. If the recieving infrastructure does not support TLS then we will deliver the mail via SMTP

 

To achieve TLS enforcement for inbound mails between your domain/s and Symantec do the following:

  • Log into https://clients.messagelabs.net
  • Navigate to Services > Email Services > Encryption
  • On the TLS Enforcements tab select the domain you wish to have TLS enforced.
  • Under the 'TLS inbound mail server test' section Click on Test. 

  • This will run a test to ensure that your domain can recieve mail via TLS connection from the Email Security service.Note: If the test fails choosing to enforce TLS for inbound mails to your domain WILL result in mail failure.
  • You will be prompted with the results of the test which will show either TLS connections passed, fail or connectivity test warning. Click OK.
  • If you are happy to proceed underneath the 'TLS Enforcements between you and the Email Security Servces' section check the 'Always enforce TLS inbound from the Email Security Services infrastructure to my domain'.

  • Click OK on the popup box.
  • Scroll to the bottom of the page and click 'Save'. After a short period of propagation all inbound mails on the selected domain will then have a TLS enforcement placed on them.