Deployment scenarios for outgoing email

The following examples demonstrate how encryption and signing can be deployed on email messages sent to partners.

ClosedSign email using Secure Email Gateway

User sends plain text message, Gateway delivers signed message.

For more information, see Define an automatic mail signing endpoint.

ClosedSend PGP or S/MIMEClosed Secure Multipurpose Internet Mail Extensions (S/MIME) is a specification for secure email messages that uses the X.509 format for digital certificates and uses various encryption algorithms such as 3DES.-encrypted email to a partner

User sends plain text message, Gateway encrypts message using corporate or recipient's key.

For more information, see the following topics:

ClosedSend encrypted email to a recipient with no PGP or S/MIME capability

User sends plain text message, Gateway encrypts message using password.

For more information, see Define a password encryption endpoint.

ClosedDeliver content-checked email in the original encrypted message

User sends encrypted message, Gateway decrypts, checks content, and then delivers original encrypted message.

  1. Configure the policy route to decrypt and check content.

    See Enable encryption or decryption on a policy route for more information.

  2. Configure the encryption/decryption default settings to deliver the original encrypted message instead of re-encrypting it when applying any relevant encryption endpoints.
    1. Point to the System tab.
    2. Under Encryption, click Encryption/Decryption Defaults.
    3. In the Original Encrypted Messages area, click Click here to change these settings.
    4. Select the check box.
    5. Click Save.
    6. Apply the configuration.

For more information, see Original Encrypted Messages default settings.

ClosedDeliver content-checked email in a re-encrypted message

User sends encrypted message, Gateway decrypts, checks content, and then delivers re-encrypted message.

  1. Configure the policy route to decrypt and check content.

    See Enable encryption or decryption on a policy route for more information.

  2. Configure the encryption/decryption default settings to re-encrypt the message when applying any relevant encryption endpoints.
    1. Point to the System tab.
    2. Under Encryption, click Encryption/Decryption Defaults.
    3. In the Original Encrypted Messages area, click Click here to change these settings.
    4. Clear the check box.
    5. Click Save.
    6. Apply the configuration.

ClosedDeliver unmodified encrypted message

User sends encrypted message, Gateway delivers original encrypted message.

Configure the policy route settings not to decrypt and apply content rules to PGP and S/MIME messages.
  1. Point to the Policy tab.
  2. Under Manage Policy Definition, click Mail Policy Routes.
  3. Select the policy route.
  4. On the Manage Policy Routes toolbar, click Edit.
  5. In the Decrypt PGP and S/MIME messages area, click Click here to change these settings.
  6. Clear the Decrypt and apply content rules to PGP and S/MIME messages check box.
  7. Click Save.

  8. Apply the configuration.