This solution applies to all Email Security Gateways, all firmware versions.
SMTP over TLS/SSL defines a new SMTP command, STARTTLS. This command advertises and negotiates an encrypted channel with the peer for this SMTP connection. The certificate information, including hostname and certificate type, is taken from the information entered on the Advanced > Secure Administration page.
For ALL versions of Firmware:
This feature is enabled on the Advanced->Email Protocol page. Set "Enable SMTP over TLS/SSL" to Yes. When set to Yes, SMTP over TLS will be enabled for incoming connections and attempted for outgoing connections. In all cases both servers need to support TLS for it to work correctly.
In firmware version 4.x and later, we have a new feature that will require TLS to/from the other mail server.
Navigate to the Domains page and click on "Manage Domain" for your selected domain. Go to the Advanced->Email Protocol page to find the force TLS options. Please read the HELP pages for additional information on this new feature.
If you are using Cisco devices and are having trouble receiving email over TLS after configuring your Email Security Gateway, please see Solution #00003659.
Link to This Page: