About Transport Layer Security

Transport Layer Security (TLS) provides a secure communication channel between hosts over the Internet, ensuring the privacy and integrity of the data during transmission.

Two hosts (the Deep Discovery Email Inspector appliance and the email relay) establish a TLS session as follows:

  1. The sending host requests a secure connection with the receiving host by sending a cipher list.

  2. The two hosts establish a connection.

  3. The receiving host selects one cipher and replies with its digital certificate signed by a Certificate Authority (CA).

  4. The sending host verifies the identity with the trusted CA certificate and generates the session keys by encrypting a message using a public key.

  5. The receiving host decrypts the message using the corresponding private key.

  6. The sending host's identity verifies when the receiving host can decrypt the message with the private key.

  7. The TLS session establishes and email messages passed between the hosts are encrypted.


By default, Deep Discovery Email Inspector does not apply TLS or email encryption, nor does it verify email relay host identities. Enable TLS for Deep Discovery Email Inspector to encrypt incoming email messages.