Any disadvantages with enforcing TLS on the Inbound of Email Systems ?

Senior Member

Context:

As we all know, SMTP TLS can be enforced on both Outbound + Inbound in Microsoft 365.

We have been always enforcing TLS on the Outbound and we would request our partner to do the same (just enforce on their Outbound) to enable secure communications of email.

However, recently, we came across a partner who is not willing to enforce TLS on their Outbound side.

 

Problem ?

So, we are left with the option of enforcing TLS for their domain on our Inbound direction as well.

I am wondering - if there are any disadvantages with this approach ?

One problem that strikes my mind immediately is that - In the event of TLS handshake failures, Queues would get piled up on the partner side although the configuration is deployed on my side. So, they should consider having some monitoring on queues ?

Is there any alert we could try on my side too ?

Any other disadvantages you guys could think of ? 

0 Replies