You would like to configure the Enforce Server to use SMTP over TLS to send out notifications and alerts.

Data Loss Prevention currently supports only non-TLS SMTP for reports and alerts being sent out from the Enforce Server uptil version 16.1.

Support for SMTP over TLS for Enforce Notifications is available starting version 16.1.
Ref-- https://techdocs.broadcom.com/us/en/symantec-security-software/information-security/data-loss-prevention/16-1/what-s-new-in-data-loss-prevention-16-1/platform-features-in-data-loss-prevention-16-1.html#_49e6b8d2-026a-4ce5-89fa-54437a2875dc_section_2

Workaround version lower than 16.1-- The DLP administrator can configure the Enforce server to use a non-TLS SMTP server in DLP (under System -> Settings -> General) and configure this SMTP server to relay to a TLS enabled SMTP server for further delivery.

Configuring and troubleshooting SMTP relay issues (if any) will be outside of support scope.