TLS enforced and TLS opportunistic


  • Hi I need help on setting up TLS communication for our partners we do business with. We have Ironport in our environment and we like to use TLS enforced for some domains and TLS opportunistic for some other domains.  Is this a change we do on our Exchange server (possibly receive connectors), or this can be done on Ironport, and Exchange can be left alone?

    And the reverse applies too, where our partners only accept TLS require emails. In that situation would have to make this change on Exchange only (possibly send connectors), or just Ironport, or both?

    Thanks everyone in advance!


    Thursday, February 4, 2016 11:20 PM

All replies

  • Hi,

    Yes, you can do it on IronPort. Here's a link about how to setup TLS on it, for your reference:

    Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact

    Allen Wang
    TechNet Community Support

    Friday, February 5, 2016 6:45 AM
  • So it's enforced on the Ironport. This means I don't have to enforce TLS on Exchange along as it's enforce on the ironport, for either inbound or outbound. Does that sound correct?


    Friday, February 5, 2016 7:11 AM