I can see that it is possible to enforce TLS on a per-policy basis and I believe this uses opportunistic TLS (SaaS servers & recipient server query each other whether TLS is possible).
However, I have a customer who is looking to replace an existing solution with McAfee SaaS Email where they have a number of partner organisations who not only require TLS, but have sent my customer an explicit certificate to use for the transaction. With their existing solution, the certificate is imported and then in the policy the following is configured.
When sending mail to government-department.gov.uk, force TLS and use "this" certficiate.
Is there an equivalent within SaaS? If so where is it configured?
There is no way to insert custom certificates. The system relies on McAfee's TLS Certificates to process the transaction.