SM 16 and TLS 1.2 PCI compliante delivery issues
Problem reported by J Lee - April 21 at 10:41 AM
Submitted
Hi You All
 
We have a SM 16 server that is fully TLS 1.2, so no TLS 1.1 or 1.0 or SSL anything. I'm seeing in the logs that delivery to mail servers that do not have TSL 1.2 enabled is defaulting to no encryption, it is delivered but appears to be in clear text.
 
I'm writing because I don't see any solution for this. IISCrypto will turn TLS 1.0 and 1.1 over server wide. I do not know of any component to Windows or 3rd party that would allow specific, TLS protocols per server port.
 
Example allow Port 25 to deliver TLS 1.1 if 1.2 is not available.

J. Sebastian Lee Service2Client LLC 6333 E Mockingbird Ste 147 Dallas, TX 75214 - 877.251.3273

3 Replies

Reply to Thread
0
echoDreamz Replied
I dont believe this is possible. It is all or nothing as far as I know. Though if you have TLS 1.1 / 1.2 enabled, it should automatically connect with whatever version is best capable of the client or receiving server.

Christopher

0
Merle Wait Replied
J, just curious if this is still an issue, or you have this resolved?
0
J Lee Replied
Not every email server is going to have TLS 1.2 enabled, and if you turn off TLS 1.1 and 1.0, Smartermail can not connect on TLS 1.2 so then it sends the email unencrypted. This is kind of a problem for services like mine that will need to be turn off in June. So no solution

J. Sebastian Lee Service2Client LLC 6333 E Mockingbird Ste 147 Dallas, TX 75214 - 877.251.3273

Reply to Thread