About using the TLS protocol in the operation of Kaspersky Secure Mail Gateway

TLS (Transport Layer Security) protocol is a protocol for encrypting the connection between two servers, which ensures secure transmission of data between network hosts on the Internet.

TLS session is a sequence of the following events:

1. The server from which email messages are sent (Client) establishes a connection to the server to which email messages are sent (Server).
2. Servers start interacting via the SMTP protocol.
3. The Client uses the STARTTLS command to offer the Server to use TLS during SMTP interaction.
4. If the Server is able to use TLS, it responds with the Ready to start TLS command and sends the Server certificate to the Client.
5. The Client receives the certificate and, if the necessary parameter values are specified within it, verifies the authenticity of the Server certificate.
6. The Client and the Server enable the data encryption mode.
7. The servers exchange data.
8. The session ends.

You can configure TLS security mode for situations when Kaspersky Secure Mail Gateway receives messages from another server (acts in the Server role) and sends messages to another server (acts in the Client role), as well as configure TLS settings for individual domains and domain groups that use the same IP address.