This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bypass Data Control Encryption for a specific domain

I'm trying to configure my ES1100 to bypass Data Control encryption only for one specific domain. My company has a partner using TLS encryption and we want to avoid having our users unnecessarily using the data control encryption process for PII between our organizations.

I got it done easily enough by configuring an outbound rule to check the header for the desired domain, say "@partner.com" and that works, but if there's a CC in the message, such as "@stranger.com" they also get the message unencrypted.

How can I configure the device to send the message unencrypted to the trusted domain and an encrypted copy to the untrusted domain OR if an untrusted domain is present send it encrypted to everyone, ie allow it to bypass encryption only if @partner.com is the only destination.

That's a mouthful, I hope I explained myself clearly.

Thanks!

:50668


This thread was automatically locked due to age.
Parents
  • Thanks for the reply.

    create TLS rules for that domain under the encryption tab.

    That's what I did for the partner organization, which is why I'm trying to disable the DC encryption but only for them. I'll try the exclude recipient method.

    :50710
Reply
  • Thanks for the reply.

    create TLS rules for that domain under the encryption tab.

    That's what I did for the partner organization, which is why I'm trying to disable the DC encryption but only for them. I'll try the exclude recipient method.

    :50710
Children
No Data