Forum Discussion
Tim Hunter
Jan 23, 2019Steel Contributor
Mail without TLS
I am getting some messages in my Office 365 about Mail without TLS. Is there any concerns here? Do I need to make any changes?
John Twohig
Jan 31, 2019Iron Contributor
Tim
I have been wondering the same thing but none of the answers here make sense to me.
In our case, and it looks like yours as well, the connector exists to allow printers, scanners, software, and other devices to send email using an unauthenticated smtp connection to Office 365. What appears to me to be happening is that some of those devices are sending email without using TLS 1.2. I assume that is either because the devices are unable to (Too old or need updates) or they are able too but TLS 1.2 is not enabled on those devices.
I thought that the solution was to find those devices and update them and enable TLS 1.2 if possible. However, I haven't been able to find a way to identify where the emails are coming from. In your case if you could drill down on the 104 NO TLS messages to see where they come from you could quickly determine whether they could be updated to send TLS 1.2 and get rid of the warnings. If someone knows how to do that please tell.
Or maybe I have completely misunderstood what is going on ...
Tim Hunter
Jan 31, 2019Steel Contributor
John Twohig VasilMichev ChrisWebbTech
Hi John,
I believe the devices that send may be too old. Does anyone know how to "drill down" on the 104 NO TLS messages to see where they are coming from so I can determine if it is possible to turn on TLS 1.2.
Thanks!
- John TwohigJul 22, 2019Iron Contributor
I know this is old but there is a report that shows the devices. I ran it this morning and it showed how many emails each printer/MFD sent last week.
In the comments near the bottom there is one from Shawn Housler that shows how to get the report.
- Tim HunterJul 22, 2019Steel Contributor
So I found the 1 email address in my account that is still apparently using TLS 1.0. It is an email we use for automated billing. How can I find out what device it is sending through using TLS 1.0, so I can upgrade that device to TLS 1.2? Thanks!
- John TwohigJul 22, 2019Iron Contributor
Is it perhaps an application and not a device? I have a couple of applications that send automated emails. You may have to contact whoever wrote the software to see when they will upgrade it.
I heard from one software vendor who got back to me with a link to an update. I did the update so I will check the TLS reports next week and hopefully that application will be gone.