So in order to turn-on TLS on Sendmail to receive in-coming mails, I need to find out whether or not MessageLabs supports TLS communication.
Yes, it does. Read here.
MessageLabs is using this bombastic term - Email Boundary Encryption Service (End-to-End TLS Email Encryption). Wow!
Oh ya, forget to mention, you need to pay extra for this service. Nothing is free in this world. :)
MessageLabs Mail infrastructure supports TLS out of the box, without the need for additional services. TLS mail delivery operates in opportunistic mode. The rule of thumb here is that if the MessageLabs Mail infrastructure receives the mail over TLS then it will opportunistically attempt to deliver the mail over TLS.
ReplyDeleteThe boundary encryption model allows the customers to establish a domain based TLS enforcement where mail between nominated domains when send via the MessageLabs infrastructure will only ever be accepted/relayed if a TLS connection is present. Boundary encryption operates with a reduced cipher-set and requires Host/Client certificate Validation. Certificates can not be self singed and need to be issued from one of the CA vendors recognized by MessageLabs.
Without the Boundary Encryption Service (Chargeable) there are no guarantees that mail will be fully secured end-to-end.