When we use Enforced TLS to 3rd parties or Business partners. What version of TLS is used by MessageLabs.
We offer multiple protocols and ciphers in order of decreasing security. The sending mail server (which has the data to be transmitted) can therefore negotiate stronger protocols if it is capable of supporting them, or can choose to use plain text if it prefers that to SSL/TLS or has no support itself for TLS. A number of our customers are still unable to support TLS 1.2, and prefer to send using SSL3.0 orTLS 1.0 rather than plain text, as some encryption is better than no encryption, which would be the alternative. This is up to and including TLS1.2, but includes many ciphers that are flagged as weak or exploitable by vulnerability scans. Because we have no control over the sending server, that could be owned by anyone on the Internet, we deliberately give them as much chance as possible to negotiate some level of encryption over SMTP with our service (and those with up-to-date systems will negotiate strong TLS1.2 encryption).