If your protected domain, example.com, contains email addresses in the format of user1@example.com, user2@example.com, and so on, and you want to allow those email addresses to send email to any external domain as long as they authenticate their identities and use TLS, you might configure the following access control rule: