TERM

DETAILS

TLS peer

HES can apply your specified TLS configuration with this domain during network communications.

Security level

Opportunistic:
- Communicates using encryption if the peer supports and elects to use TLS.
- Communicates without encryption if the peer does not support TLS
- Communicates without encryption if the peer supports TLS but elects not to use TLS
Mandatory:
- Communicates using encryption if the peer supports and elects to use TLS
- Does not communicate if the peer does not support TLS
- Does not communicate if the peer supports TLS but elects not to use TLS

To ensure messages can be received from the HES MTA, configure your firewall to accept email messages from the following HES IP address / CIDR blocks:

Europe, the Middle East, Africa:

• 52.48.127.192/26
• 52.58.62.192/26
• 52.58.63.0/25

All other regions:

• 54.86.63.64/26
• 54.219.188.0/26
• 54.219.191.0/25

Status

Enabled: HES applies your specified TLS configuration to the peer
Disabled: HES does not apply your specified TLS configuration to the peer

Otherwise, the default TLS configuration applies.

Default (TLS Peer)

This configuration applies to all domains that meet any of the following criteria:

Domain is not on the peer list
Domain is on the peer list, but is not enabled

Transport Layer Security (TLS) in Hosted Email Security (HES)

Product / Version includes:

Last updated: 2024/03/18

Solution ID: KA-0001342

Category: Configure

Summary

Learn how Hosted Email Security (HES) uses TLS to send emails.

Transport Layer Security (TLS) is a protocol that helps to secure data and ensure communication privacy between endpoints. HES allows you to configure TLS encryption policies between HES and specified TLS peers. HES supports the following TLS protocols in descending order of priority: TLS 1.2, TLS 1.1 and TLS 1.0.

To configure TLS, go to HES console > Inbound Protection or Outbound Protection > Transport Layer Security (TLS) Peers. For detailed procedure, refer to this document: Adding TLS Peers.

The Transport Layer Security (TLS) screen uses the following important terms:

TERM	DETAILS
TLS peer	HES can apply your specified TLS configuration with this domain during network communications.
Security level	Opportunistic: Communicates using encryption if the peer supports and elects to use TLS. Communicates without encryption if the peer does not support TLS Communicates without encryption if the peer supports TLS but elects not to use TLS Mandatory: Communicates using encryption if the peer supports and elects to use TLS Does not communicate if the peer does not support TLS Does not communicate if the peer supports TLS but elects not to use TLS To ensure messages can be received from the HES MTA, configure your firewall to accept email messages from the following HES IP address / CIDR blocks: Europe, the Middle East, Africa: • 52.48.127.192/26 • 52.58.62.192/26 • 52.58.63.0/25 All other regions: • 54.86.63.64/26 • 54.219.188.0/26 • 54.219.191.0/25
Status	Enabled: HES applies your specified TLS configuration to the peer Disabled: HES does not apply your specified TLS configuration to the peer Otherwise, the default TLS configuration applies.
Default (TLS Peer)	This configuration applies to all domains that meet any of the following criteria: Domain is not on the peer list Domain is on the peer list, but is not enabled

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Transport Layer Security (TLS) in Hosted Email Security (HES)

Transport Layer Security (TLS) in Hosted Email Security (HES)

Product / Version includes:

Summary