This article describes how to configure the Identity Based Encryption (IBE) service for external users (Outbound email).

With the Identity Based Encryption (IBE) service, it is possible to send secured email through the FortiMail.

IBE is a type of public-key encryption.
IBE uses identities (such as email addresses) to calculate encryption keys that can be used for encrypting and decrypting electronic messages.
Compared with traditional public-key cryptography, IBE greatly simplifies the encryption process for both users and administrators.
Another advantage is that a message recipient does not need any certificate, key pre-enrollment, or specialized software to access the email.

In this example, IBE will be configured to encrypt all outgoing email messages that contains the keyword [Secure-IBE] in the email subject.

1) Enable IBE Service. Go to Encryption -> IBE -> IBE Encryption.

2) Configure a new encryption profile.Go to Profile -> Security -> Encryption.

3) Configure a new dictionary profile. Go to Profile -> Dictionary -> Dictionary.

4) Configure a new content profile and action profile. Go to Profile -> Content -> Content and select the dictionary profile.

5) Configure a new outbound recipient policy.Go to Policy -> Recipient Policy -> Outbound and select the content profile.

6) Send an email with email subject [Secure-IBE].

7) The recipient will receive a notification email from FortiMail.

8) Select the link to access the secure message.

9) First time Registration.

10) User Login.

11) Viewing the encrypted email.