Initial situation:
The marking of decrypted emails via Sensitivity header (in MS Outlook Confidential flag) has been disabled on the SEPPmail Secure E-Mail Gateway (see Set confidential flag after decryption). Nevertheless, this header is set for some incoming emails and has the value "company-confidential". When using IBM Notes, for example, this means that the email can neither be forwarded nor printed.
Question:
Why is the Header Sensitivity set despite a different setting?
Answer:
If the header has already been set to the confidentiality level/sensitivity "company-confidential" by the sender before encryption, it will also be retained after decryption by the SEPPmail Secure E-Mail Gateway.
This means that the header is NOT removed by the SEPPmail appliance after decryption.
If desired, headers – in this case sensitivity – can generally be removed via Custom commands. For this particular case, the option Custom commands for incoming e-mails AFTER decryption should therefore be activated and the following command should be entered in the input field below:
Line |
Code |
|---|---|
01 |
# Begin: Custom commands for incoming emails AFTER decryption |
02 |
log(1,'Begin: Custom commands for incoming emails AFTER decryption'); |
|
|
03 |
# Begin: Remove sensitivity header from incoming e-mails |
04 |
log(1, 'Begin: Remove sensitivity header from incoming e-mails'); |
05 |
if (compare('sensitivity', 'match', '.*')) { |
06 |
rmheader('sensitivity'); |
07 |
log(1,'sensitivity header found and removed'); |
08 |
} |
09 |
log(1, 'End: Remove sensitivity header from incoming e-mails'); |
10 |
# End: Remove sensitivity header from incoming e-mails |
|
|
11 |
log(1,'End: Custom commands for incoming emails AFTER decryption'); |
12 |
# End: Custom commands for incoming emails AFTER decryption |
This action is to be completed by clicking on Save and Create ruleset.
|
It is essential to remove the header after decryption (Custom commands for incoming e-mails AFTER decryption). This ensures that incoming emails encrypted by means of the Managed Domain Service are also handled accordingly. |
