Message Trace shows TLSversion as 'none' but mailheader shows TLS 1.2

Copper Contributor

I have a daily PS script checking inbound and outbound mails through our tenant to verify if they are sent with TLS.

since 2 weeks ago we started getting false positives through the Get-MessageTraceDetail
it tlsversion=NONE on the mail, but if I look in the mailheader through Outlook, the mail has indeed been sent with with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384)

anyone else seeing this or know what has changed lately?
Best regards

For the curious people I use the commands:

    $allMails = Get-MessageTrace -StartDate $DateStart -EndDate $DateEnd

    $allBadMailsDetailed = $allMails | Get-MessageTraceDetail | Select-Object MessageID, MessageTraceId, Data | where {$_.Data -like "*tlsversion=NONE*"}
0 Replies