1. Go to Inbound Protection > Transport Layer Security (TLS) Peers.
  2. Select a Managed Domain.
  3. Select the Direction of Incoming or Outgoing.
  4. Specify the TLS Peer to add.
  5. Set the Security level to one of the following:

    • Opportunistic:

      • Communicates using encryption if the peer supports and elects to use TLS

      • Communicates without encryption if the peer does not support TLS

      • Communicates without encryption if the peer supports TLS but elects not to use TLS

    • Mandatory:

      • Communicates using encryption if the peer supports and elects to use TLS

      • Does not communicate if the peer does not support TLS

      • Does not communicate if the peer supports TLS but elects not to use TLS

        Important:

        To ensure messages can be received from the Hosted Email Security MTA, configure your firewall to accept email messages from the following Hosted Email Security IP address / CIDR blocks:

        Europe, the Middle East, Africa

        • 52.48.127.192/26

        • 52.58.62.192/26

        • 52.58.63.0/25

        All other regions

        • 54.219.191.0/25

        • 54.219.188.0/26

        • 54.86.63.64/26

  6. Select Enabled to have Hosted Email Security apply your specified TLS security level to the new peer.
  7. Click Add.
Parent topic: About Transport Layer Security (TLS) Peers