Messaging Gateway

Hi all.

I have a situation here.

I need to make sure that mail sent from certain addresses to certain recipients will be encrypted by a third-party encryption solution.

So I do this:

- create a dictionary of Senders
- create a dictionary of Recipients
- create a content policy rule that says IF text in the Envelope Recipient part of the message header contains Email address from the dicitonary "Senders" AND IF test in the Envelope Recipeint part of the message headers contains Email address from the dictionary "Recipients", THEN Route the message to the IP address of the ecnryption device.

Works like a charm.

But then things get complicated.

Someone who is listed in the Senders dictionary decides to send a message TO a certain address who is not in the Recipient dicitonary (and they DO NOT want the message to go encrypted to that address).  But they also BCC another address in the same message which happens to be in the Recipients dictionary.
This forces the whole message to be redirected to the encryption device and then it gets sent to both TO and BCC recipients encrypted.

Is there any way to split the message so that TO and BCC would be independent copies?

Well it should be split already. if you look in the Message Audit log, you should see them as seperate entries.

If the recipients are in the same domain, it might not be split for delivery. And in any case we need to split the message prior to when the content policy is evaluated to solve Andrey's issue.

single message ---- recipient 1 -- policy eval --> send to encryptor
                              ----- recipient 2 -- policy eval --> send to MX MTA.

^^^
that's what I would like to see, but it is not currently happening,   even if the recipients are in different domains.

I think this is because "send to encryptor" is equivalent to sending to smart host.

I think it's because content policies work on messages, not recipients.  Even if you had a different action, it would work the same.  one message, one verdict.