Technical Tip: Forward IBE messages to other recipients with encryption
Description
This article specifies how to forward IBE messages to other recipients with encryption.
Note: This article assumes that IBE encryption is already configured and working for outbound emails from the protected domains.
Scope
FortiMail v6.4,7.0,7.2 and 7.4
Solution
- Go to System -> Encryption -> IBE Encryption and enable 'Allow Secure replying' and 'Allow secure forwarding'.
- Select Apply to save the changes.
- Create a Delivery Access control rule that will match and encrypt forwarded or replied IBE emails under Policy -> Access Control -> Delivery -> Create New, select enable, and specify the 'sender' and 'recipient' patterns.
Note:
If the sender pattern is set as wildcard [*], all outbound emails including all emails from the protected domain will be encrypted. The sender pattern can be: *@hotmail.com, *@gmail.com, etc., depending on the domain the encrypted email will be forwarded from.
- Leave 'Destination IP/netmask' as 0.0.0.0/0.
- Set 'TLS profile' to 'None' unless otherwise needed.
- Set 'Encryption Profile' as 'IBE Pull'
- Test by forwarding an email from the IBE Portal to a different email account. The new recipient should receive a message with a link to read the encrypted email.
Note:
The trigger 'word' should be specified in the subject line when forwarding the email.