Configuring TLS security for outgoing email messages
To configure TLS security mode for situations when Kaspersky Secure Mail Gateway redirects messages from another server (acts in the Client role):
In the main window of the application web interface, open the management console tree and select the Domains section.
Click any link to open the TLS settings window.
In the Client TLS security level settings group, select one of the following modes of TLS encryption of the connection between Kaspersky Secure Mail Gateway and the server that receives email messages:
No TLS Encryption, if you do not want to use TLS encryption of the connection with the server that receives email messages.
In this case, Kaspersky Secure Mail Gateway redirects all messages in unencrypted form.
Attempt TLS Encryption, if you want Kaspersky Secure Mail Gateway to attempt to establish a TLS session with the receiving mail server and, if the receiving server does not support TLS, redirect messages in unencrypted form.
Require TLS Encryption and don't verify certificate, if you want Kaspersky Secure Mail Gateway to redirect messages only if the receiving mail server supports TLS, but regardless of the authenticity of its TLS certificate.
Require TLS Encryption and verify certificate, if you want Kaspersky Secure Mail Gateway to redirect messages only if the receiving mail server supports TLS, its TLS certificate has been verified, and the certificate name matches the domain name of the server.
Kaspersky Secure Mail Gateway does not redirect messages when these conditions are not satisfied.