Forum Discussion
Adrian2020
Dec 19, 2018Copper Contributor
Identify Messages received without TLS
Hi Guys,
I see a report in my Office 365 suite that this week we received 4 messages without any TLS encryption. Now I would like to understand who sent them to us.
Are you aware of a possibility to do this in Office 365?
Thanks!
Adrian
I don't think there is a way to get this information from the dashboard/widget. The only way I can think of is querying the message trace details, for each individual message, and checking the TLS value there.
- daviddevosstarsIron Contributor
Hi
When you perform a message trace with extended details you have a property called "Custom_Data". That column reflects the type of connection that was used and which version of the protocol was used. You have to wait for the report to build for a few minutes, but in there you'll have the information. :-)
Check the screenshot for an example of the output.
Hope this helps you out ... and if so mark the reply.
Cheers
David
You don't need the extended reports, the detailed message trace also gives you the version and cipher used.
- daviddevosstarsIron Contributor
Hello
If you go to Security & Compliance center -> click reports section, there is a dashboard mentioning TLS 1.0 1.1 1.2 mail flows. Both for incoming and outgoing emails. These are interactive, so you can drill-down on the sections by clicking on them.
If you want to see list of individual mails, you can trace them from the section "Mail Flow" and the information should be included in an extended trace report. It's not available in the default summary report.
If you have four mails only without TLS, it's usually something like scan to mailbox solution on a multifunctional printer.
Cheers
I don't think there is a way to get this information from the dashboard/widget. The only way I can think of is querying the message trace details, for each individual message, and checking the TLS value there.