You can configure domain-specific policies for email encryption. The "Incoming" and
"Outgoing" options described below refer to mail that is received and sent by the
Email Appliance, not mail that is received and sent by the network.
To configure a policy for a domain:
-
In the Domain name text box, enter the domain name to
which you wish to send and\or receive encrypted email.
Note Email encryption must be turned on, and a valid domain name
must be entered. If encryption if turned on, but nothing is configured in
the Advanced Encryption Policy section, the appliance
with attempt encryption for all incoming and outgoing domains.
-
Select Yes to apply the policy to any sub-domains, or
No to apply the policy to only one specific
domain.
-
Select the level of encryption:
- Attempt Encryption: The Email Appliance will attempt, but not require,
encryption for incoming or outgoing mail.
- Prevent Encryption: The Email Appliance will not encrypt incoming or
outgoing email, even if the receiving server is TLS-capable.
- Require Encryption: The Email Appliance will not receive or send email
unless the connecting server is TLS-capable. The Email Appliance will not require the connecting
server to have a valid certificate.
- Require Encryption and Validate Certificate: The
Email Appliance will not send or receive
email unless the connecting server is TLS-capable, and has a valid
certificate.
Note Prevent Encryption is not an option for
Incoming domains.
-
Click Add.
The policy is added to the list of outbound encryption policies.