Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 0 subscribers
  • Views 15202 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Encrypted Email to Multiple Recipients and Encrypting All Outbound Email

taekwanleap

I have 2 questions.

1.  What happens if a user sends an email to multiple email recipients they encrypt?  Will each email recipient be allowed to create their own account to open/view the encrypted email?  Or does encrypted email need to be sent on a one-to-one basis?

2.  Can you set the ES100 to encrypt all outbound email whether it needs it or not?

Answers and advice appreciated especially on question 2.  Not saying I would do this but was curious.


Thanks!

:36131


This thread was automatically locked due to age.
Parents
  • 0

    Hi there,

    So about #2, there are a couple of things to consider. I'm not speaking directly to the ES100, but to mail servers in general:

    A. You can encrypt the transport of SMTP with TLS. So communications between Company X and Company Z are not (usually) susceptible to a third party.

    B. Each sender decides on their own to encrypt any given message. Usually this requires the sender and recpient to agree on a means of encryption they both have access to. For example PGP / Entrust / MS Exchange certificates.

    The issue with A. is that not everyone runs their SMTP system this way. Mine personally will Try TLS, and fall back to plain SMTP if no one is talking TLS. Also, once a site receives a message, it's likely no longer protected since TLS is only about the transport.

    The issue with B is that for most clients, it's cumbersome and if you manage to get an enitre site to agree on one program, chances are very good that communications to external clients won't be viable because the have chosen an incompatible encrption program.

    Now, about the appliance, it sounds like Sophos has solved option B? It sounds like when someone receives an encrypted e-mail from this appliance, they are given a way to read it, even if they do not have the same appliance / mail system?

    Erric

    :36133
Reply
  • 0

    Hi there,

    So about #2, there are a couple of things to consider. I'm not speaking directly to the ES100, but to mail servers in general:

    A. You can encrypt the transport of SMTP with TLS. So communications between Company X and Company Z are not (usually) susceptible to a third party.

    B. Each sender decides on their own to encrypt any given message. Usually this requires the sender and recpient to agree on a means of encryption they both have access to. For example PGP / Entrust / MS Exchange certificates.

    The issue with A. is that not everyone runs their SMTP system this way. Mine personally will Try TLS, and fall back to plain SMTP if no one is talking TLS. Also, once a site receives a message, it's likely no longer protected since TLS is only about the transport.

    The issue with B is that for most clients, it's cumbersome and if you manage to get an enitre site to agree on one program, chances are very good that communications to external clients won't be viable because the have chosen an incompatible encrption program.

    Now, about the appliance, it sounds like Sophos has solved option B? It sounds like when someone receives an encrypted e-mail from this appliance, they are given a way to read it, even if they do not have the same appliance / mail system?

    Erric

    :36133
Children
No Data
Unfiltered HTML