When Salesforce delivers or receives email through its Mail Transfer Agent (MTA), the connection uses Transport Layer Security (TLS) to encrypt the transmission. Specifically, Salesforce uses TLS version 1.2 for mail delivery.
This article lists the TLS cipher suites supported by Salesforce's MTA when establishing a TLS-encrypted email connection. A TLS cipher suite is a combination of cryptographic algorithms used to secure a network connection — it defines the key exchange, authentication, encryption, and message authentication code (MAC) methods used during the TLS handshake.
Administrators and email security teams can reference this list when configuring inbound or outbound mail filtering rules, firewall policies, or third-party email gateways that connect to Salesforce's mail infrastructure.
The following TLS 1.2 cipher suites are supported by the Salesforce Mail Transfer Agent (MTA) for email delivery and receipt:
Cipher Suites Using ECDHE Key Exchange
Cipher Suites Using AES Without ECDHE
Cipher Suites Using DHE Key Exchange
Key Terms:
Use Email Logs to Monitor Emails Sent from Salesforce
Interpret TLS information in Email Log Files
TLS connections for Outbound Email and Email Services
Salesforce Services and Marketing Cloud Supported TLS Cipher Suites
Supported Cipher and TLS versions for Government Cloud Plus
Test Supported Client SSL/TLS ciphers
The 360 Blog - Salesforce to Replace RSA Key Exchanges with TLS 1.3
000383092

We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.