Connectors with enhanced email security
Applies to: Exchange Online, Exchange Online Protection
Configuring an email server with enhanced security can require a lot of work, especially if it involves setting up mail flow between Office 365 and a service provider or partner organization's email server. One of the tasks you'll need to accomplish in order to set this up is creating a connector that enforces transport layer security (TLS) or incorporates transport rules that you might have already set up elsewhere in Exchange Online. If your mail flow scenario includes these requirements, then you'll need to make sure the email server that receives your email can accommodate your security requirements.
What is TLS?
Transport layer security (TLS) is a set of industry-accepted standards, known as a protocol, that helps you deliver email in a way that helps prevent tampering or unauthorized access to a message while it is in transit to a destination. Office 365 supports mandatory or forced TLS and also opportunistic TLS along with other types of protections in order to help you protect email.
When you create a connector, you can choose the restrictions for TLS that you want to apply to each email that uses that connector. Keep in mind that some mail flow scenarios don't involve connectors, and furthermore, you can create a connector that applies to only specific emails. For these two reasons, you should not assume that TLS is applied to every email sent or received by your organization.
To learn more about how TLS works in Office 365, see How Exchange Online uses TLS to secure email connections in Office 365.