This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Forced TLS on all incoming mail

 Hi,

 

Running UTM 9.6 for starters...

What I need is to explicit define the UTM, to require TLS 1.2 on all incoming mail, and deny anything else.

I have tried with "*" "*@*.*" but i cannot positively confirm, that it's not falling back to opportunistic TLS :-/

Anyone have setup so all outgoind is TLS required, and so all incoming is TLS requoired too, on the UTM?

happy holidays!



This thread was automatically locked due to age.
  • Hi Martin,

    Use the "Any" network object instead of trying to use email addresses.

    To check to see which of your correspondents used TLSv1.1 this year:

     zgrep 'TLSv1.1' /var/log/smtp/2018/*/* |grep -oP '<= .*? H=' |sort -n|uniq -c|sort -n

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    Thanks for this ;)

    Will this be in both directions? - So mail coming from inside, will be forced to be send with TLS and all received mails will be forced TLS?

    -----

    Best regards
    Martin

    Sophos XGS 2100 @ Home | Sophos v20 Technician

  • That's my understanding, Martin.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA