Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Defining Email Policies > Encryption tab > Transport Layer Security > Configuring third-party TLS connections
Configuring third-party TLS connections
 
Related topics:
You must add the connections to and from the businesses with whom you wish to communicate using TLS. To do so:
1.
Select the Encryption tab.
2.
Click Add in the Secure Transport section.
3.
In the Domain/Server field, enter the IP address or fully qualified domain name of the business with whom you are establishing connection. For outbound connections, enter the recipient's domain. For inbound connections, enter a server name or IP address. Do not specify a server that is part of your MX records.
Click Check SMTP Connectivity to confirm that you can connect to the domain name or IP address.
4.
5.
Forcepoint Email Security Cloud does not attempt to use TLS for this connection.
We recommend that you use Verify + CN, but you may opt to use Encrypt + CN if you want to use a self-signed certificate rather than paying for use of one from a CA. This may be acceptable for the connections between your MTA and Forcepoint Email Security Cloud.
6.
An encryption algorithm that supports a 128 bit key must be negotiated between Forcepoint Email Security Cloud and the MTA with which it is communicating.
An encryption algorithm that supports a 256 bit key must be negotiated between Forcepoint Email Security Cloud and the MTA with which it is communicating.
 
Note 
7.
8.
Click Save
For outbound connections, we recommend that you check the TLS status of the server before enabling it. If you route mail to domains that do not support TLS, it will result in the non-delivery of your messages. For more information, see Testing an outbound connection.
The companies with whom you want to communicate using TLS must ensure that their MTAs support one of the encryption algorithms supported by Forcepoint Email Security Cloud and the encryption strength that you configure in the policy. They must also be able to present a certificate appropriate to the policy that you configure.
 
Note 

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Defining Email Policies > Encryption tab > Transport Layer Security > Configuring third-party TLS connections
Copyright 2022 Forcepoint. All rights reserved.