On 16-03-16 13:11, Matthias Henze wrote:
Am 16.03.2016 um 12:53 schrieb Martijn Brinkers:
I've found out, that "Locality" is the most important setting,
every thing works.
Yes this is one of the most important settings because it determines
whether a message will go through the encryption, signing pipeline or
through the decryption pipeline. The admin guide mentions that this is
an important preference but since the guide is long, it's easy to
In deed ... I was pretty irritated when I noticed, that all incoming
mail was encrypted with my cert. Now I've set global "Locality" to
"external" and domain "Locality" to "internal" and every
thing works as
Any other important things I should have a look at?
Two often overseen options:
If you want to sign outgoing email without encryption, look at the "only
sign when encrypt" option.
If you want to support PGP/Inline for incoming email, see the option
"Enable PGP/INLINE to internal"
I've one more question: Is it possible to strip
signatures from the incoming mails, so they do not appear to be signed?
I've seen this on other encryption gateways. This helps to avoid
confusion of internal Outlook users. They no logger get displayed a red
bar on signed messages when the certificate can not be verified.
See S/MIME advanced feature "Remove signature" (page 31):
Thanks, works! I promise to read the complete documentation this week :-)
CipherMail email encryption
Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.