TLS Overview

TLS provides an extra layer of security for email transmissions. With this protocol, email communications can be encrypted to prevent devices such as non-trusted routers from allowing a third party to monitor or alter the communications between a server and client. Forcepoint Email Security can receive messages transferred over TLS and can also send messages via this protocol to particular domains. The email security system uses a TLS encryption level of 128 bits. There is no limit to the encryption key size that can be used.

Two levels of TLS are used in mail routing and email encryption functions. Opportunistic TLS can be enabled and used to protect email transfer communications during the message routing process and when using a third-party application for email encryption. Mandatory TLS is used for both the TLS and Forcepoint Email Encryption options. You can also specify that connections to or from a specific IP or domain group use mandatory TLS via enforced TLS connection options (Settings > Inbound/Outbound > Enforced TLS Connections). The page Enforced TLS Connections is additionally used to configure the security level and encryption strength for the connection.