Start in the TrendMicro Email Security Dashboard.

I. Enter domains

In section Domains under Outbound Servers, enter the IP addresses for seppmail.cloud.

 

II. Create rules for outbound mail traffic

Under Outbound Protection, open the Content Policy.

 

Three rules are necessary. Every outgoing mail is treated as follows:

1. Has the mail already been encrypted/signed by SEPPmail? If yes, then direct delivery and no further processing.
2. Set an X header for outgoing (X header X-SM-maildirection outgoing).
3. First delivery of the outgoing mail for signing/encryption.

(additionally set an X-Header "X-SMTM-Originator" with domain name and delivery to domain.mail.seppmail.cloud)

The rules must be processed in this order.

Screenshot of settings for rule 1: SEPPmail already encrypted/signed

Screenshot of settings for rule 2: set X-Header outgoing  

Screenshot of settings for rule 3: SEPPmail delivery without SigEnc

Activating the rules can take up to 15 minutes.

III. Create rules for inbound mail traffic

Under Inbound Protection, open the Content Policy.

 

A total of 4 rules must be created. Each incoming mail is treated as follows:

1. Has the mail already been decrypted by SEPPmail? If yes, delivery to the mail server.
2. Set the X header "X-SM-maildirection" to the value incoming.
3. Set the X header "X-SMTM-originator" to the respective domain name.
4. Encrypted mail to SEPPmail and set an X header (here in the example "X-JM") to recognise whether mail has already been decrypted.

The rules must be processed in this order. There is space between the first and last rule for all other checks.

Screenshot of settings for rule 1: already decrypted by SEPPmail

 

Screenshot of settings for rule 2:  SEPPmail X-Header X-SM-maildirection

 

Screenshot of settings for rule 3:  SEPPmail X-Header X-SMTM-Originator

 

Screenshot of settings for rule 4: SEPPmail encrypted mail to SEPPmail