Forum Discussion

Calum_L1's avatar
Calum_L1
Brass Contributor
Jan 10, 2020

How to report domains sending email with No TLS?

The Connector report is showing up to 10% of incoming internet email not using TLS.

 

How can I get more detail of the sending domain(s) which are not using TLS to encrypt email being send to Exchange Online?

  • The built-in reports wont give you this information, you will have to harvest the message trace logs.

  • The built-in reports wont give you this information, you will have to harvest the message trace logs.

    • Calum_L1's avatar
      Calum_L1
      Brass Contributor

      VasilMichev Thanks, I'm no PowerShell guru but this located the sending domains not using TLS1.2

       

      $dateStart = ([system.DateTime]::Now.AddDays(-1))

      $dateEnd = ([system.DateTime]::Now)

      Get-MessageTrace -StartDate $dateStart -EndDate $dateEnd -PageSize 512 | Where {$_.Status -eq "Delivered"} | Get-MessageTraceDetail | where {$_.Event -eq "Receive"} | where {$_.Detail -notmatch "TLS1.2"} | fl

Resources