[Djigzo users] Encryption and Gmail

Martijn Brinkers martijn at djigzo.com
Wed Jun 24 15:39:30 CEST 2009


Dimitri Yioulos wrote:
> 
> The Encrypt Mode default for each new user 
> is "Allow".  So, I should change that to "No 
> Encryption" each time I set up a new user?

The settings are hierarchical. You have the system settings, global 
settings, wild-card domain settings (*.example.com) domain settings and 
user settings. Lower levels inherit from higher levels if a setting is 
not explicitly set. You can override the inherited value by unchecking 
the "inherit" checkbox for the specific setting.

In your case you should set "Encrypt mode" to allow for the global 
settings (which is the default) and explicitly set it to "No encryption" 
ONLY for the CA sender (the email address of the CA). Doing so assures 
you that the email with the pfx is not S/MIME encrypted.


> 
> On another front, I sent an encrypted message from 
> me at gamil.com to me at work.com.  I get the message, 
> but Kmail said it was encrypted.  When I clicked 
> on "decrypt Message", I got the following:
> 
> Encrypted message (decryption not possible)
> Reason: No secret key
> 
> Isn't Djigzo supposed to automatically decrypt 
> messages for internal users?

Are you sure that the domain work.com (or the user me at work.com) is an 
internal user. Only for users that are internal users is email 
decrypted. Email to internal users is decrypted and email to external 
users is encrypted.

Martijn

-- 
Djigzo open source email encryption



More information about the Users mailing list