I read that as requiring TLS for OUTBOUND delivery. I want it FROM the domain.
The Help isn't helpful:
Optional delivery encryption
Check to use TLS encryption for delivery on this domain. After you check this option, the three options below become available.
On the Scanner, STMP, Inbound, I can assign a certificate, but that only allows inbound TLS, not require it. (admin guide page 89).
On page 102, it talks about requiring TLS on ALL message delivered:This there is Attempt TLS encryption for all messages: Instructs the MTA to attempt TLS encryption for all messages delivered. Since this is on the Delivery Tab, I assume this mail leaving the MTA, not arriving.
Page 115-116, discusses non-local domain
You can also add non-local domains. You specify non-local domains primarily to
route outbound email over established connections to external servers for non-local
delivery. You can also define delivery options for non-local domains.
Define different delivery options for each domain.
... snip...
MX Lookup and TLS encryptions options are available for delivery of email
that is addressed to non-local domains.
So this doesn't address addressed FROM non-local domains.