Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 2773 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Forced TLS on all incoming mail

twister5800

 Hi,

 

Running UTM 9.6 for starters...

What I need is to explicit define the UTM, to require TLS 1.2 on all incoming mail, and deny anything else.

I have tried with "*" "*@*.*" but i cannot positively confirm, that it's not falling back to opportunistic TLS :-/

Anyone have setup so all outgoind is TLS required, and so all incoming is TLS requoired too, on the UTM?

happy holidays!



This thread was automatically locked due to age.
  • 0

    Hi Martin,

    Use the "Any" network object instead of trying to use email addresses.

    To check to see which of your correspondents used TLSv1.1 this year:

     zgrep 'TLSv1.1' /var/log/smtp/2018/*/* |grep -oP '<= .*? H=' |sort -n|uniq -c|sort -n

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob,

    Thanks for this ;)

    Will this be in both directions? - So mail coming from inside, will be forced to be send with TLS and all received mails will be forced TLS?

    -----

    Best regards
    Martin

    Sophos XGS 2100 @ Home | Sophos v20 Architect

  • 0 in reply to twister5800

    That's my understanding, Martin.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML