Adding Domain TLS Peers

  1. Go to Inbound Protection > Connection Filtering > Transport Layer Security (TLS) Peers or Outbound Protection > Transport Layer Security (TLS) Peers.
  2. Click Add.
  3. On the Add Domain TLS Peers screen, configure TLS peers for a managed domain.
    1. In the Basic Information section, select a managed domain.
    2. In the Domain TLS Peers section, click Add to add a TLS peer for the selected domain.
    3. For inbound protection, specify a sender domain, IP address, or CIDR block as TLS Peer. For outbound protection, specify a recipient domain as TLS Peer.
    4. Set the Security level.

      Note that the security levels Opportunistic DANE TLS and Mandatory DANE TLS are available only for outbound delivery.

      Important:

      To ensure messages can be received from the Trend Micro Email Security MTA, configure your firewall to accept email messages from the following Trend Micro Email Security IP address / CIDR blocks:

      • North America, Latin America and Asia Pacific:

        18.208.22.64/26

        18.208.22.128/25

        18.188.9.192/26

        18.188.239.128/26

      • Europe, the Middle East and Africa:

        18.185.115.0/25

        18.185.115.128/26

        34.253.238.128/26

        34.253.238.192/26

      • Australia and New Zealand:

        13.238.202.0/25

        13.238.202.128/26

      • Japan:

        18.176.203.128/26

        18.176.203.192/26

        18.177.156.0/26

        18.177.156.64/26

    5. Select Enabled to have Trend Micro Email Security apply your specified TLS security level to the new peer.
    6. (Optional) For inbound protection, type an email address local part for TLS test. For outbound protection, type a domain name for DANE test if you set Security level to Opportunistic DANE TLS or Mandatory DANE TLS in substep d.
  4. Click Save.
  5. Click Submit.