Jump to content


Photo

Encryption for internal e-mail messages


This topic has been archived. This means that you cannot reply to this topic.
4 replies to this topic

#1 Eric Giles

Eric Giles
  • Members
  • 2 posts

Posted 05 August 2013 - 10:46 AM

Just recently installed the V300 spam and virus firewall and it is working well. One of the main reasons for purchase was for the encryption feature, which works great for messages being sent outside of our domain. However, we have discovered that it cannot encrypt messages that are sent internally in our organization. Support's answer is to use a third party solution, but this is what we were trying to get away from.

Any hope of adding this feature in a future release?

#2 John Dritsas

John Dritsas
  • Members
  • 10 posts

Posted 08 September 2013 - 09:24 AM

Yes, we are also interested to know encryption for internal emails as well.

#3 Dan Biehler

Dan Biehler
  • Members
  • 2 posts

Posted 18 October 2013 - 01:44 PM

Yes, we would be interested too.

#4 Alan Stukenholtz

Alan Stukenholtz
  • Members
  • 3 posts

Posted 06 December 2019 - 03:28 PM

Yes I agree, another nice feature with encryption is that it is unavailable for view by admins in the message log. If it would also encrypt local messages there would be no way for an admin to read the message.



#5 opjose

opjose
  • Members
  • 261 posts

Posted 17 January 2020 - 07:00 PM

I'm not sure as to why this would be seen as a "Feature" for a gateway product, when internal email security is an internal server issue.

 

To begin with, you must differentiate between end to end encryption, the securing of information until it gets to the endpoint, versus preventing other people from seeing an internal message contents.

 

The former is already done by most e-mail servers including Exchange. The other requires something that security protects individual messages specified by the user. These are two different things and functions.

 

The "Encryption" feature of the Antispam server effectively prevents message delivery until the user logs into the antispam server with credentials to pick up the secured message. It does this by looking for something in the message traversing the antispam system that kicks it's retention and alert delivery mechanism into play.

Since internal messages don't normally leave the server, the antispam system cannot do anything about internal messages that users wish to prevent prying eyes from seeing...

 

That is of course unless you can get those messages to leave the server...

In Exchange ECP you can set up a "Connector" that looks for a cue in the body or subject line of an internal message and routes it outside the server or organization even if the destination is internal.

 

You could add another cue in the subject line (e.g. [ENCRYPT] [INTERNAL]" and have Exchange look for the cue in combination to send the message to the Barracuda Spam filter for handling.  The Antispam system can look for the first [ENCRYPT] as it's cue to spring into action.

 

 

Then your internal recipient will see the alert for the message much like any other Barracuda Secure message.