1) Noted
2) Noted too.... for outbound sender final gateway would be from SMG...architecture would be something like below:
Incoming Email
Internet --> IronPort --> Inbound SMG --> Exchange --> User
*Basically if we configure TLS here... it would be only at IronPort right and i would be transparent to SMG?
Outbound Email
User --> Exchange --> Outbound SMG --> Internet
*For Outbound... may need to configure attempt TLS at the SMG ?
Thanks again!