Transport Layer Security (TLS) Peers

Transport Layer Security (TLS) is a protocol that helps to secure data and ensure communication privacy between endpoints. Trend Micro Email Security allows you to configure TLS encryption policies between Trend Micro Email Security and specified TLS peers. Trend Micro Email Security supports the following TLS protocols in descending order of priority: TLS 1.2, TLS 1.1 and TLS 1.0.

The Transport Layer Security (TLS) screen uses the following important terms:

Term

Details

TLS peer

Trend Micro Email Security can apply your specified TLS configuration with this domain during network communications.

Security level

  • Opportunistic:

    • Communicates using encryption if the peer supports and elects to use TLS

    • Communicates without encryption if the peer does not support TLS

    • Communicates without encryption if the peer supports TLS but elects not to use TLS

  • Mandatory:

    • Communicates using encryption if the peer supports and elects to use TLS

    • Does not communicate if the peer does not support TLS

    • Does not communicate if the peer supports TLS but elects not to use TLS

      Important:

      To ensure messages can be received from the Trend Micro Email Security MTA, configure your firewall to accept email messages from the following Trend Micro Email Security IP address / CIDR blocks:

      • North America, Latin America and Asia Pacific:

        18.208.22.64/26

        18.208.22.128/25

        18.188.9.192/26

        18.188.239.128/26

      • Europe, the Middle East and Africa:

        18.185.115.0/25

        18.185.115.128/26

        34.253.238.128/26

        34.253.238.192/26

      • Australia and New Zealand:

        13.238.202.0/25

        13.238.202.128/26

Status

  • Enabled: Trend Micro Email Security applies your specified TLS configuration to the peer

  • Disabled: Trend Micro Email Security does not apply your specified TLS configuration to the peer

    Instead, the "Default" TLS configuration applies.

Default (TLS Peer)

This configuration applies to all domains that meet any of the following criteria:

  • Domain is not in the peer list

  • Domain is in the peer list, but is not enabled