How to test for TLS failure and fall back to OME?

Calum Steen
Occasional Contributor

I've been set the challenge of configuring transport rules such that emails with a sensitive information type are always send securely, either with TLS or with a fall-back Office Message Encryption. This should be automatically handled without a NDR message going to the sender or the sender having to choose OME when sending. 


I've stumped on how to detect TLS wasn't negotiated and taking alternative action


The logic I need is like -


IF (Email contains sensitive information type="Personal") THEN

  // must be sent secured

   TRY send on Connector with Mandatory TLS

   CATCH // TLS failed

       encrypt message with Office Message Encryption

       send on connector with Speculative TLS


       // general content can go speculative

       send on connector with Speculative TLS




1 Reply

There's no way to achieve this via transport rules, you will need a full blown transport agent for something like this, which is not possible in ExO.

Related Conversations
How do you post something on this site
Michelle Porreca in Office 365 on
6 Replies
A problem with the Zoom level of a Tab
Tavory in Discussions on
9 Replies
Remove TLS 1.0/1.1 and 3DES Dependencies
Tim Hunter in Exchange on
11 Replies
Warning before sending an email with no/1.0/1.1 TLS
HippoKant in Office 365 on
1 Replies