Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
343 Views 0 Replies Latest reply: Mar 25, 2013 10:10 AM by uschneider RSS
uschneider Newcomer 1 posts since
Jan 21, 2011
Currently Being Moderated

Mar 25, 2013 10:10 AM

MEG :: SMIME

Hello,

 

is anybody out there who has used the SMIME or even PGP functionality?

It seems the MEG 7 makes following security issues available:

 

- SMIME encryption using domain certs only; no possibility to address SMIME end-to-end using personal certificates

- SMIME decryption using a single domain cert/machine SMIME cert/key

 

The same handling with PGP.

 

By Email Policies the Encryption and Decryption Options are referenced. There you can split outbound and inbound traffic,

by assigning appropriate functions to according functionalities.

 

Signing is possibe to detect, but the MEG cannot produce signedData.

 

Here are my questions:

 

- I cannot see any Email Policy about decryption. It is unclear for me, if the Compliance -> Signed rules touch this issue.

 

- Encryption seems to include envelope addresses, the messages to remote domains comes without any MUA headers visible

for the receiving MUA. Any hint for this behaviour?

 

- I would like to setup rules as conditionals consisting of mailaddresses to decide wheter or not to use encryption. If I can only implement a

single domain certificate, I would like to control the usage of this to a selected group of env-to addresses. Where can I do this?

 

 

It would be great to get some information and experiences about this issues.

 

Best Regards, Uwe

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points