You need to enable TLS enforcement inbound and outbound between your domains and the Symantec Email Securiy.Cloud service.
To achieve TLS enforcement for outbound mails between your domain/s and Symantec do the following:
All outbound mails from the selected domain will now only be accepted if they sare sent using TLS encryption. Anything sent from the domain outbound that is not using TLS encryption will be rejected.
Once accepted by the Email Security.Cloud infrastructure we will attemtp to deliver the mail opportunisticly to the intended third party recipient. If the recieving infrastructure does not support TLS then we will deliver the mail via SMTP
To achieve TLS enforcement for inbound mails between your domain/s and Symantec do the following: