Configuring TLS Settings for Incoming Messages

Deep Discovery Email Inspector applies TLS to messages that enter and exit the server where Deep Discovery Email Inspector is installed. Message traffic exits Deep Discovery Email Inspector to downstream MTA that deliver the email messages to recipients.

  1. Go to Administration > Mail Settings > Connections.
  2. Go to the bottom of the page to the section titled Transport Layer Security.
  3. Select Enable Incoming TLS.

    This option allows the Deep Discovery Email Inspector SMTP Server to provide Transport Layer Security (TLS) support to SMTP email relays, but does not require that email relays use TLS encryption to establish the connection.

  4. Select Only accept SMTP connections through TLS for Deep Discovery Email Inspector to only accept secure incoming connections.

    This option enables the Deep Discovery Email Inspector SMTP server to accept messages only through a TLS connection.

  5. Click a Browse button next to one of the following:

    Option

    Description

    CA certificate

    The CA certificate verifies an SMTP email relay. However, Deep Discovery Email Inspector does not verify the email relay and only uses the CA certificate for enabling the TLS connection.

    Private key

    The SMTP email relay creates the session key by encrypting a random number using the Deep Discovery Email Inspector SMTP server's public key.

    The Deep Discovery Email Inspector SMTP server then uses the private key to decrypt the random number in order to establish the secure connection.

    This key must be uploaded to enable a TLS connection.

    SMTP server certification

    SMTP email relays can generate session keys with the Deep Discovery Email Inspector SMTP server public key.

    Upload the key to enable a TLS connection.

  6. Click Save.