Am 25.03.2016 um 14:42 schrieb Martijn Brinkers:
This is a
common (mis)behavior of e-mail clients, they refuse to sent
encrypted e-mail if they are not able to store the e-mail encrypted in
the "sent" folder. This is only possible if the *sender* also has a
certificate and a private key, but this not mandated by S/MIME standard.
I guess the other party simply adapted this behavior without rethinking
if it is useful for a gateway at all.
Oh I now see I completely misunderstood the original question :) As
Andreas already explained, email clients want to store the message
encrypted in the sent items folder and therefore requires that the
sender has a key. With a gateway this is not required.
Thats what I wrote in my initial mail, MUA's only enforce this to be
able to store the mail in their sent folder and be able to make it
readable to the user.
Lets sum this up:
For sending an encrypted mail only the recipients public key is
required. In case of s/Mime, if the recipient has sent a signed mail, a
encrypted mail could be sent to him. This makes no statement about what
the recipient can do.
While typing one other thing comes to my mind. The other vendor can also
do mail archiving. When they want to archive the mail which is finally
sent, the encrypted mail, the certificate for the sender is required to
make it readable later.
I will discuss this with them and report back about the results.
MHC SoftWare GmbH
HR Coburg: B2242
Geschäftsführer: Matthias Henze