Hello,

Setup : Internet > Xeams > Exchange (Firewall mode)

I was just wondering, is the communication between senders mail server and Xeams encrypted with TLS or is the encryption only occurring between Xeams and the internal exchange server?

Whilst using starttls.com it seams Xeams is encrypting with proxied STARTLS commands but if Xeams in monitoring and checking contents of emails as they flow  (according to your site: http://xeams.com/3Modes.htm  ["In this mode Xeams acts like a firewall that sits in front of your corporate email server. Every in-bound email is checked by Xeams before it is forwarding the message to the actual email server."]

Does this not defeat the whole purpose of man-in-the-middle attack which is prevented by TLS?  I'm not too sure who is doing the TLS here? Xeams or Exchange?
If it is xeams, which logs shows this?  If Exchange is doing the TLS then how is the Xeams proxy working to check emails and their contents (for spam and filters) without decrypting the emails?

Can a little more insight be shed onto how the mechanism actually works?

Thanks guys, excellent product.