Identify Messages received without TLS

Occasional Contributor

Hi Guys,

I see a report in my Office 365 suite that this week we received 4 messages without any TLS encryption. Now I would like to understand who sent them to us. 


Are you aware of a possibility to do this in Office 365?




4 Replies
best response confirmed by Deleted

I don't think there is a way to get this information from the dashboard/widget. The only way I can think of is querying the message trace details, for each individual message, and checking the TLS value there.



If you go to Security & Compliance center ->  click reports section, there is a dashboard mentioning  TLS 1.0 1.1 1.2  mail flows.    Both for incoming and outgoing emails.   These are interactive, so you can drill-down on the sections by clicking on them.


If you want to see list of individual mails, you can trace them from the section "Mail Flow" and the information should be included in an extended trace report.  It's not available in the default summary report.


If you have four mails only without TLS, it's usually something like scan to mailbox solution on a multifunctional printer.





When you perform a message trace with extended details you have a property called "Custom_Data".   That column reflects the type of connection that was used and which version of the protocol was used.   You have to  wait for the report to build for a few minutes, but in there you'll have the information.   :)


Check the screenshot for an example of the output.


Hope this helps you out ...   and if so mark the reply.  






You don't need the extended reports, the detailed message trace also gives you the version and cipher used.