What are the requirements for SMTP Prevent in order to establish TLS encrypted communication with the MTA?
SMTP Prevent acts as an RFC-2821 compliant SMTP proxy which in general extends RFC 821. This means the generated email has to be compliant to RFC 2821 and subsequently RFC 821.
See as reference the documentation Symantec_DLP_10.0_Email_Prevent_MTA_Integration_Guide.pdf on chapter 3 (page 17) and TECH219955.
It is fully compliant to RFC 2246 ( TLSv1 ) if TLS communication is to be established with the MTA.
Please note: It may fail to establish a connection with MTAs that may not allow SSLv2 handshakes since SSLv2 is required to negotiate TLSv1. Once the handshake has been performed the communication will occur via TLSv1.
For example: Within Sendmail environments ( Sentrion ) , the following settings have to be disabled in the Sendmail.cf file.