Video Screencast Help

Choosing S/MIME over PGP/MIME

Created: 12 Sep 2012 | 2 comments

Hello,

I currently run PGP Universal server 3.0 and until recently it was configured to use 'automatic' as the signing format for outbound emails which would subsequently default to PGP/MIME even though users had X.509 certs available. What I'm trying to do is configure Universal server to send signed and encrypted emails using S/MIME, and where it cannot find a suitable X.509 recipient key, fall back to using PGP/MIME. 

I can change the encoding format for signed emails under the send (encrpyt/signed) action to S/MIME, but am looking for a way to ensure the message is also encrypted with the X.509 key when available, else try PGP/MIME, else go clear.

Hope this makes sense.

Grateful for any assistance.

Regards,

Adaminski

Comments 2 CommentsJump to latest comment

Alex_CST's picture

This will all be part of the outbound mail policy chain

Take a look at http://www.symantec.com/docs/TECH173291

So selecting preferred encoding format to S/MIME will search the users key for an x.509 cert, and if not itll look at the recipients key for the preferred encoding format, and encode that way.

So it's entirely possible to do it the way you requested, you will just need to plan out the mail policy chain carefully to get it right.

I assume you have added an Organsation Key?

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

Adaminski's picture

Thanks for the post weevil, it encouraging to know it can actually be done. Getting the Org key sorted will be part of the rebuild/new config.

 

Thanks again.