Help Center

Enabling Opportunistic TLS in Transparent mode

MailChannels Transparent Filtering when deployed in transparent mode does not scan TLS encrypted traffic. It is just passed through to the destination without scanning. 

However, this is not an ideal situation because spammers can encrypt the outbound mail traffic easily and this results in IP blocklisting. 

MailChannels now supports opportunistic TLS in transparent mode. This means that you can still scan all the traffic and encrypt all the connections to receivers who support TLS. All the traffic from MailChannels to the receivers are encrypted. 

Sender --(unencrypted) --> MailChannels (in transparent mode) --(encrypted)-->receivers

How do I enable this?

Step 1)
​Edit the line 
And add STARTTLS to it
Step 2) 
Change the line 
proxy_transparent spoof_client_ip;
proxy_transparent spoof_client_ip starttls=opportunistic;
Step 3)
Restart traffic-control





Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


  • Avatar
    Ernesto Dionisio Jr

    How do I enable this?
    where is that instruction from?
    is that from Exim Configuration Manage?
    in which section should I apply the code?

    Edited by Ernesto Dionisio Jr
    Comment actions Permalink

Article is closed for comments.