Configuring TLS security for Kaspersky Secure Mail Gateway in Client role
To configure TLS security mode for situations when Kaspersky Secure Mail Gateway redirects messages from another server (acts in the Client role):
In the main window of the application web interface, open the management console tree and select the Domains section.
Click any link to open the TLS settings window.
In the Client TLS security level settings group, select one of the following modes of TLS encryption of the connection between Kaspersky Secure Mail Gateway and the server that receives email messages:
No TLS Encryption if you do not want to use TLS encryption of the connection to the server that receives email messages.
In this case, Kaspersky Secure Mail Gateway redirects all messages in unencrypted form.
Attempt TLS Encryption if you want Kaspersky Secure Mail Gateway to attempt establishing a TLS session with the receiving mail server and—if the receiving server does not support TLS—redirect messages in unencrypted form.
Require TLS Encryption and don't verify certificate if you want Kaspersky Secure Mail Gateway to redirect messages only if the receiving mail server supports TLS, but regardless of the authenticity of its TLS certificate.
Require TLS Encryption and verify certificate if you want Kaspersky Secure Mail Gateway to redirect messages only if the receiving mail server supports TLS, its TLS certificate has been verified, and the certificate name matches the domain name of the server.
Kaspersky Secure Mail Gateway does not redirect messages when these conditions are not satisfied.