Enabling SMTP TLS End to End

Question

Hello - &nbsp;
I have a requirement to enable SMTP TLS communication all the way thru the backend SMTP gateways. My question is we are terminating the client side SMTP TLS on the F5 VIP, what irule can I use to extend the TLS communication to the backend nodes so it not in clear text? We still want the F5 VIP to host the public wildcard certificate but the backend nodes will be using self-signed certs. Do you have to enable the server side profile on the VIP? If so, how do you also write the irule to where if doesn't detect STARTTLS then do not encrypt to the backend?  &nbsp;

jg_249184 · Accepted Answer

Anyone out there with any ideas on how to write the irule to enable server side SSL on SMTP STARTTLS? &nbsp;

Forum Discussion

Enabling SMTP TLS End to End

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

SMTP Smugglers Blues

SMTP Start TLS

Fingerprinting TLS Clients with JA4 on F5 BIG-IP

Enable TLS 1.3 and Disable DH group

Advanced iRules: SMTP Start TLS