Cisco Cisco Email Security Appliance C170 Guia Do Utilizador

Based on the destination controls specified for a domain, your Cisco IronPort 
appliance can securely relay a message over a TLS connection instead of 
encrypting it, if a TLS connection is available. The appliance decides whether to 
encrypt the message or send it over a TLS connection based on the TLS setting in 
the destination controls (Required, Preferred, or None) and the action defined in 
the encryption content filter.

When creating the content filter, you can specify whether to always encrypt a 
message or to attempt to send it over a TLS connection first, and if a TLS 
connection is unavailable, to encrypt the message. 

 shows you how an 

Email Security appliance will send a message based on the TLS settings for a 
domain’s destination controls, if the encryption control filter attempts to send the 
message over a TLS connection first.

For more information on enabling TLS on destination controls, see the 
“Customizing Listeners” chapter in the Cisco IronPort AsyncOS for Email 
Advanced Configuration Guide.

To create a content filter to encrypt a message and deliver it immediately, skipping 
any further processing:

Go to Mail Policies > Outgoing Content Filters.

In the Filters section, click Add Filter.

Encrypt envelope and 
send

Encrypt envelope and 
send

Send over TLS

Encrypt envelope and 
send

Send over TLS

Retry/bounce message