How to test for TLS failure and fall back to OME?

Occasional Contributor

I've been set the challenge of configuring transport rules such that emails with a sensitive information type are always send securely, either with TLS or with a fall-back Office Message Encryption. This should be automatically handled without a NDR message going to the sender or the sender having to choose OME when sending. 


I've stumped on how to detect TLS wasn't negotiated and taking alternative action


The logic I need is like -


IF (Email contains sensitive information type="Personal") THEN

  // must be sent secured

   TRY send on Connector with Mandatory TLS

   CATCH // TLS failed

       encrypt message with Office Message Encryption

       send on connector with Speculative TLS


       // general content can go speculative

       send on connector with Speculative TLS




1 Reply

There's no way to achieve this via transport rules, you will need a full blown transport agent for something like this, which is not possible in ExO.