Jan 10 2020 01:48 PM
The Connector report is showing up to 10% of incoming internet email not using TLS.
How can I get more detail of the sending domain(s) which are not using TLS to encrypt email being send to Exchange Online?
Jan 12 2020 05:13 AM
SolutionThe built-in reports wont give you this information, you will have to harvest the message trace logs.
Jan 12 2020 06:54 AM
@VasilMichev Thanks, I'm no PowerShell guru but this located the sending domains not using TLS1.2
$dateStart = ([system.DateTime]::Now.AddDays(-1))
$dateEnd = ([system.DateTime]::Now)
Get-MessageTrace -StartDate $dateStart -EndDate $dateEnd -PageSize 512 | Where {$_.Status -eq "Delivered"} | Get-MessageTraceDetail | where {$_.Event -eq "Receive"} | where {$_.Detail -notmatch "TLS1.2"} | fl
Jan 12 2020 05:13 AM
SolutionThe built-in reports wont give you this information, you will have to harvest the message trace logs.