Can Exchange Online Protection check for TLS before forcing encryption

Tom Gould · ‎Nov 07 2018

I know this is possible in Iron Port but not sure if EOP can handle this scenario, so asking for others opinions.

In Iron Port, you can setup rules to say "If this email contains DLP data, check for TLS delivery. If email is being sent with TLS -> do not force message encryption. If email is not being sent with TLS -> Force message encryption."

Can EOP execute similar functionality. Essentially what I am looking for is whether not EOP is smart enough to only use OME when TLS is not available.

Tom Gould · ‎Nov 07 2018

Afaik no. You can certainly put an action to force TLS (the "require TLS" action or by routing through a connector), but there is no such "fallback" option. In any case, TLS and OME are quite different, if you need the message to be viewable by specific recipients only you should always force OME.

Tom Gould · ‎Nov 07 2018

Afaik no. You can certainly put an action to force TLS (the "require TLS" action or by routing through a connector), but there is no such "fallback" option. In any case, TLS and OME are quite different, if you need the message to be viewable by specific recipients only you should always force OME.

View solution in original post

Can Exchange Online Protection check for TLS before forcing encryption

Can Exchange Online Protection check for TLS before forcing encryption

Re: Can Exchange Online Protection check for TLS before forcing encryption

Re: Can Exchange Online Protection check for TLS before forcing encryption

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Can Exchange Online Protection check for TLS before forcing encryption

Can Exchange Online Protection check for TLS before forcing encryption

Re: Can Exchange Online Protection check for TLS before forcing encryption

Re: Can Exchange Online Protection check for TLS before forcing encryption