💼 [SES.3] SES configuration sets should have TLS enabled for sending emails

ID: /frameworks/aws-fsbp-v1.0.0/ses/03

Description

By default, Amazon SES uses opportunistic TLS, which means emails can be sent unencrypted if a TLS connection cannot be established with the receiving mail server. Enforcing TLS for email sending ensures that messages are only delivered when a secure encrypted connection can be established. This helps protect the confidentiality and integrity of email content during transmission between Amazon SES and the recipient's mail server. If a secure TLS connection cannot be established, the message will not be delivered, preventing potential exposure of sensitive information.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/ses-controls.html#ses-3

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Description​

Similar​

Sub Sections​

Description

Similar

Sub Sections