Description
Scope
FortiMail 4.0 MR3
Solution
1. Go to System > Encryption > IBE Encryption and enable "Allow Secure replying" and "Allow secure forwarding".
2. Select Apply to save the changes.
3. Create a Delivery Access control rule which will match and encrypt forwarded or replied IBE emails:
- Go to Policy >Access Control > Delivery > Create New
- Select enable
- Specify the 'sender' and 'recipient' patterns
Note: If the sender pattern is set as wildcard [*], all outbound emails including all emails from the protected domain will be encrypted.
Sender pattern can be: *@hotmail.com, *@gmail.com, etc., depending on the domain the encrypted email will be forwarded from.
- Leave 'Destination IP/netmask' as 0.0.0.0/0
- Set 'TLS profile' to 'None' unless otherwise needed
- Set 'Encryption Profile' as 'IBE Pull'
4. Test by forwarding an email from the IBE Portal to a different email account. The new recipient should receive a message with a link to read the encrypted email.
Note: The trigger 'word' should be specified in the subject line when forwarding the email.
This article specifies how to forward IBE messages to other recipients with encryption.
Note: This article assumes that IBE encryption is already configured and working for outbound emails from the protected domains.
Scope
FortiMail 4.0 MR3
Solution
1. Go to System > Encryption > IBE Encryption and enable "Allow Secure replying" and "Allow secure forwarding".
2. Select Apply to save the changes.
3. Create a Delivery Access control rule which will match and encrypt forwarded or replied IBE emails:
- Go to Policy >Access Control > Delivery > Create New
- Select enable
- Specify the 'sender' and 'recipient' patterns
Note: If the sender pattern is set as wildcard [*], all outbound emails including all emails from the protected domain will be encrypted.
Sender pattern can be: *@hotmail.com, *@gmail.com, etc., depending on the domain the encrypted email will be forwarded from.
- Leave 'Destination IP/netmask' as 0.0.0.0/0
- Set 'TLS profile' to 'None' unless otherwise needed
- Set 'Encryption Profile' as 'IBE Pull'
4. Test by forwarding an email from the IBE Portal to a different email account. The new recipient should receive a message with a link to read the encrypted email.
Note: The trigger 'word' should be specified in the subject line when forwarding the email.
