Transport layer security for outbound mail, Setting up outbound tls – Google Message Security for Google Apps Administration Guide User Manual

304

Message Security for Google Apps Administration Guide

4.

Click Save.

Transport Layer Security for Outbound Mail

This section provides a technical overview of how TLS works on your inbound
mail delivery, with details of data flow and the features of TLS.

For information on how to set up TLS with outbound mail, see “Setting Up
Outbound TLS” on page 304.

Outbound Service supports Transport Layer Security (TLS), which is a protocol
that encrypts and delivers mail securely. If you have the TLS option enabled, you
can configure TLS connections for both inbound and outbound mail traffic.

You can send TLS-encrypted messages to a receiving mail server that is TLS-
enabled. You must have TLS enabled on Google Apps Mail. If the receiving mail
server does not support TLS, the message is delivered via SMTP (no messages
are lost or bounced) assuming you have selected the “SMTP or TLS” option
described in this section.

For outbound mail traffic, the message security service acts as a proxy between
the Google Apps Mail and the receiving server. The first connection is from
Google Apps Mail to the message security service. You can choose whether this
connection uses TLS.

The second connection is from the message security service to the receiving mail
server. If you chose TLS encryption for the first connection, the message security
service can connect via TLS to the receiving mail server.

For further details on TLS, please see “Transport Layer Security for Inbound Mail”
on page 296.

Setting Up Outbound TLS

WARNING:

Enable TLS in the Administration Console before you enable TLS in

Google Apps.

To enable TLS delivery:

1.

In the Administration Console, click Outbound Servers > TLS.