This solution describes how EMSP-SP handles mails sent over TLS.
EMSP-SP MTA servers are configured in Opportunistic TLS mode. This means that the MTA servers will first check if the sending or receiving MTA can do the SMTP transaction in TLS mode. If it can, then DATA session will be done in TLS mode.
Below are the behaviors of different EMSP-SP MTA servers with regard to TLS:
- EMSP-SP inbound servers (receive inbound emails from the Internet)
These servers will receive mails in TLS mode if the sending MTA server sends a "STARTTLS" command.
- EMSP-SP outbound servers (deliver outbound emails to the Internet and to the customers)
These servers will send an EHLO command to the receiving MTA server. If the receiving MTA returns "STARTTLS" as one of its supported commands, the EMPS-SP Outbound Servers will then send the "STARTTLS" command to transfer email in TLS Mode.
- EMSP-SP relay servers (receive outbound emails from customers)
These servers will receive mails in TLS mode if the customer’s MTA server sends a STARTTLS command.