Dec 19 2018 12:29 AM
Hi Guys,
I see a report in my Office 365 suite that this week we received 4 messages without any TLS encryption. Now I would like to understand who sent them to us.
Are you aware of a possibility to do this in Office 365?
Thanks!
Adrian
Dec 19 2018 10:43 AM
SolutionI don't think there is a way to get this information from the dashboard/widget. The only way I can think of is querying the message trace details, for each individual message, and checking the TLS value there.
Dec 20 2018 12:20 AM - edited Dec 20 2018 12:42 AM
Hello
If you go to Security & Compliance center -> click reports section, there is a dashboard mentioning TLS 1.0 1.1 1.2 mail flows. Both for incoming and outgoing emails. These are interactive, so you can drill-down on the sections by clicking on them.
If you want to see list of individual mails, you can trace them from the section "Mail Flow" and the information should be included in an extended trace report. It's not available in the default summary report.
If you have four mails only without TLS, it's usually something like scan to mailbox solution on a multifunctional printer.
Cheers
Dec 29 2018 02:30 AM
Hi
When you perform a message trace with extended details you have a property called "Custom_Data". That column reflects the type of connection that was used and which version of the protocol was used. You have to wait for the report to build for a few minutes, but in there you'll have the information. :)
Check the screenshot for an example of the output.
Hope this helps you out ... and if so mark the reply.
Cheers
David
Dec 29 2018 08:34 AM
You don't need the extended reports, the detailed message trace also gives you the version and cipher used.
Dec 19 2018 10:43 AM
SolutionI don't think there is a way to get this information from the dashboard/widget. The only way I can think of is querying the message trace details, for each individual message, and checking the TLS value there.