Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 3060 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

End user manage encryption per email?

ErikFranzén

Is it possible for an end user to manage email encryption S/MIME or PGP?

Like adding a keyword in the email title like:

  • {encrypt} - force encryption. Email will not be delivered by UTM if email cannot be encrypted (lack of public key)
  • {clear} -do not encrypt, even if Sophos UTM has a public key to the recipient.


This thread was automatically locked due to age.
Parents
  • 0

    What you want to do is fully supported in UTM:

    • If UTM has OpenPGP or SMIME keys for encrypting to the recipient, outgoing messages are encrypted automatically.

    • For everyone else, you have two choices, which will trigger SPX encryption:

      • Deploy the Outlook plug-in, which allows the user to trigger SPX encryption by clicking a button during message creation.

      • Create a custom Data Protection rule to trigger SPX encryption when a specific expression is detected, then teach your users to use this expression.   This technique has the advantage of working with webmail and phone-based mail clients.   NOTE:  The Data Protection rules are applied to the raw content of a message, so you need to use a phrase or a delimited keyword to avoid false positives.   Your example should work well, as it is unlikely to appear in a message for other reasons.

    There is no version of your CLEAR keyword, as it is generally not necessary.   Some client-based OpenPGP implementations provide an Outlook plug-in which allows the user to disable encryption for a particular message.  In UTM, the only way to disable OpenPGP or SMIME encryption is to delete the recipient's public key.

Reply
  • 0

    What you want to do is fully supported in UTM:

    • If UTM has OpenPGP or SMIME keys for encrypting to the recipient, outgoing messages are encrypted automatically.

    • For everyone else, you have two choices, which will trigger SPX encryption:

      • Deploy the Outlook plug-in, which allows the user to trigger SPX encryption by clicking a button during message creation.

      • Create a custom Data Protection rule to trigger SPX encryption when a specific expression is detected, then teach your users to use this expression.   This technique has the advantage of working with webmail and phone-based mail clients.   NOTE:  The Data Protection rules are applied to the raw content of a message, so you need to use a phrase or a delimited keyword to avoid false positives.   Your example should work well, as it is unlikely to appear in a message for other reasons.

    There is no version of your CLEAR keyword, as it is generally not necessary.   Some client-based OpenPGP implementations provide an Outlook plug-in which allows the user to disable encryption for a particular message.  In UTM, the only way to disable OpenPGP or SMIME encryption is to delete the recipient's public key.

Children
No Data
Unfiltered HTML