Configuring an enforced TLS connection from Mailprotector's outbound relay

Overview

This article will describe how to configure an enforced TLS connection to a specific domain or group of domains using Mailprotector's SafeSend service.

SafeSend enables you to enforce policies and compliance rules for outbound emails, protecting an organization from data leakage and reputation-damaging spam, viruses, and malware from within.

  • Enforce TLS encryption
  • Works on a single recipient address or an entire domain
  • Gives you peace of mind about the safety of your email data 

With the SafeSend service enabled (see info here), we can create Message Rules for outbound email.

Configuring message rules to enforce a TLS connection to a domain

Once you have enabled the SafeSend product, you can create Message Rules to enforce TLS encryption. This is most commonly used with financial institutions to meet compliance standards.

To configure an enforced TLS connection, you will:

  1. Navigate to the Mailprotector Console at emailservice.io
  2. Go to the domain you wish to create a TLS-encrypted connection rule for
  3. Navigate to the "Filtering" tab for that domain
  4. Navigate to the "Message Rules" section under the "Filtering" tab                                mceclip0.png 

  5. Select the drop-down that says "incoming" and change it to "outgoing"mceclip2.png

  6. Input a name and click the "Create" button to begin making the rule
  7. Under the "Criteria" section, input the domain you wish to send to via TLS connection in the "To" field in the "Matches any of:" section. NOTE: You can just input the domain. You don't need to toggle the button on the right before typing under "Matches any of:"mceclip4.png

  8. At the top of the page, select the "Actions" sectionmceclip6.png

  9. Under the Actions section, toggle on the option to "Relay with TLS Encryption"                   mceclip7.png

  10. Click the back arrow in the top left-hand corner to finish creating the rulemceclip8.png

  11. The rule will appear as disabled in the "Outgoing" section of the rules. You must toggle it on for it to be an active rule. NOTE: You can leave it on if it's already toggled on. This will be distinguished by the toggle button being green instead of grey.mceclip9.png

The message will bounce if the recipient's mail server doesn't support TLS encryption. The users from the sending domain will receive a bounceback notifying them of the receiving server not being able to establish a TLS connection

Getting Help

If you need assistance, please contact the Partner Success team.

Related to

Updated

Was this article helpful?

0 out of 0 found this helpful