Mail Protection: SMTP, POP3, Antispam and Antivirus Forced TLS on all incoming mail

UTM Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 3 replies
Subscribers 1 subscriber
Views 2652 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Forced TLS on all incoming mail

twister5800 over 6 years ago

Hi,

Running UTM 9.6 for starters...

What I need is to explicit define the UTM, to require TLS 1.2 on all incoming mail, and deny anything else.

I have tried with "*" "*@*.*" but i cannot positively confirm, that it's not falling back to opportunistic TLS :-/

Anyone have setup so all outgoind is TLS required, and so all incoming is TLS requoired too, on the UTM?

happy holidays!

This thread was automatically locked due to age.

0 BAlfson over 6 years ago

Hi Martin,

Use the "Any" network object instead of trying to use email addresses.

To check to see which of your correspondents used TLSv1.1 this year:

zgrep 'TLSv1.1' /var/log/smtp/2018/*/* |grep -oP '<= .*? H=' |sort -n|uniq -c|sort -n

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel
0 twister5800 over 6 years ago in reply to BAlfson

Hi Bob,

Thanks for this ;)

Will this be in both directions? - So mail coming from inside, will be forced to be send with TLS and all received mails will be forced TLS?
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 6 years ago in reply to twister5800

That's my understanding, Martin.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel