On 04/06/2015 11:34 AM, Arie Koppelaar wrote:
Thanks for your quick reply. I was not sure about the
possibilities of CipherMail, but Martijn made an important point as
well. Why not always encrypt if its possible? I recon it's also a
mindset, and the knowledge that receivers do not use such a great
solution where mail is decrypted automatically, without any user
The good thing of always encrypting is that you cannot forget to
encrypt. Another reason to always encrypt is that if you only encrypt
certain sensitive email, any outside attacker knows which mails to
target since if the email is encrypted, it means that the email is
sensitive. By encrypting all email, you are no longer leaking this
Then again, like you said, not all recipients might like to receive
every email encrypted if they do not use some kind of automated process.
Sebastian, thanks for your suggestions, they could
work very well, but
would be a little too complicated for our support group.
Another option would be to use your existing email filter/server to add
a header when a rule matches and then force encryption if this header is
found. Whether or not this works depends on whether you are using a mail
server or mail filter with such capabilities. I think Exchange 2013 for
example supports transports rules which allow you to add headers when
some condition matches
Ironport probably also allows you to add headers when some condition
Sebastian Nielsen schreef op 06-04-2015 11:09:
You could also configure this in Postfix, by
using a policy server or
plain rules. Configure Postfix to add a header like "X-DoEncrypt:
true" when your specified advanced rule is met, and then you configure
Ciphermail to always encrypt by header trigger.
One example is to do "X-DoEncrypt: false" when a sender match your
specified "encrypt from" list, and then use a EDIT filter to edit
"X-DoEncrypt: false" to "X-DoEncrypt: true" when a recipient match
your "encrypt to" list.
This can be accomplished by simple sender and receipient filters
If the sender does not match the encryption list, X-DoEncrypt: is
never added, and thus the recipient filter wont encrypt the mail even
if the recipient match the encryption list.
-----Ursprungligt meddelande----- From: Arie Koppelaar
Sent: Monday, April 06, 2015 10:38 AM
Subject: [Djigzo users] PGP email from selected users
We primarily use CipherMail for PGP. When a PGP public key (of an
external email address) is imported, all email is automatically
encrypted to this email address. We want only specific internal email
addresses to send encrypted email to this external address.
Is it possible to achieve this without the usage of subject triggers,
because this manual action could be forgotten, and could lead into
Is there a way to configure this with CipherMail?
Users mailing list
CipherMail email encryption
Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.