Google Message Encryption Administration Guide User Manual

Policy Enforced TLS

17

3.

Scroll to the Inbound TLS by Sender Domain section, at the bottom of the
page. If you do not see this section, you do not have Policy Enforced TLS
enabled. Contact your account representative for information.

4.

Enter the domain name you wish to set as TLS-only. Type the exact domain
name; wildcards and subdomains are not supported.

5.

Click Add. The change takes effect immediately.

6.

Recommended: Enable TLS Alerts so you will be notified if a problem occurs.
See “TLS Alerts” on page 22 for more information.

To remove one or more domains, check the domains you wish to delete and click
Delete Selected. The changes take effect immediately.

Set up Outbound TLS by Recipient Domain

Before you can use Outbound TLS by Recipient Domain, set your mail server to
route outbound mail through the email protection service, and enable TLS on your
mail server. See “About Policy Enforced TLS” on page 13 for more information
about requirements.

1.

In the Administration Console, click the Outbound Servers tab. Select your
email config organization, and click the TLS link.

2.

If TLS is set to “Accept only SMTP” or “Send only SMTP”, change your
settings to allow TLS. The recommended setting is “SMTP or TLS.” See
Transport Layer Security for Outbound Mail in the Email Security Service
Administration Guide for more information on TLS settings.

3.

Scroll to the Outbound TLS by Sender Domain section, at the bottom of the
page. If you do not see this section, you do not have Policy Enforced TLS
enabled. Contact your account representative for information.