Hi @eg1995 ,
how can i check TLS from server side and how can we make it use TLS 1.2 and disable the old one.
To validate whether TLS 1.2 is in use, agree with Andy that you can check the Message header or SMTP Logging. To analyze the message header, it's suggested to use the Message Header Analyzer at https://testconnectivity.microsoft.com. As regards to the protocol logging, you can enable the protocol logging on specific connectors and check if the following string exists:
When the server is the SMTP receiving system:
- TLS protocol SP_PROT_TLS1_2_SERVER
When the server is the SMTP sending system:
- TLS protocol SP_PROT-TLS1_2_CLIENT
Regarding disabling the old one, please make sure you have completed the steps outlined in the two blogs shared above by Andy( Part 1: Getting Ready for TLS 1.2 and Part 2: Enabling TLS 1.2 and Identifying Clients Not Using It), then you can proceed to turn off TLS 1.0/1.1 by referring to Exchange Server TLS guidance Part 3: Turning Off TLS 1.0/1.1.
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.