Google Message Security for Google Apps Administration Guide User Manual

Transport Layer Security

319

Outbound Mail (Remote)

When Policy Enforced TLS blocks an outbound message because the email
protection service could not establish a TLS session with the recipient, your
administrator will see the following alert:

This message is an automated alert from your email security

service.

Your email security service was unable to send messages to the

following domain, because the domain's mail server would not accept

a TLS connection.

Your Outbound TLS by Domain encryption policy requires this domain

to receive your messages using TLS. Your email security service

defers the messages if the service cannot establish a TLS

connection with the domain's mail server.

Recommended action: Contact the email administrator for the domain

.

If the problem cannot be resolved, you can use the email security

service's Administration Console to delete the encryption policy.

This will allow email from this domain to be delivered, but without

encryption.

If you see this message, the email protection server tried to establish a TLS
session with the recipient, but the recipient could not accept a TLS session.
Contact the sender to troubleshoot TLS problems, or disable Police Enforced TLS
if you do not wish to continue requiring TLS connections with the recipient.

Outbound Mail (Local)

When Policy Enforced TLS blocks an outbound message because the email
protection service could not establish a TLS session with the recipient, your
administrator will see the following alert: