cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Cisco Secure Email Support Community

Product Support Talos Support Cisco Support Reference + Current Release
Gateway Reputation Lookup Open a support case Secure Email Guided Setup
Gateway: 14.0.0-698
Cloud Gateway Email Status Portal Support & Downloads docs.ces.cisco.com
Email and Web Manager: 14.0.0-404
Email and Web Manager Web & Email Reputation Worldwide Contacts Product Naming Quick Reference
Reporting Plug-in: 1.1.0.136
Encryption Bug Search
Encryption Plug-in: 1.2.1.167
Cloud Mailbox Notification Service
Outlook Add-in(s): More info

714
Views
0
Helpful
2
Replies
keithsauer507
Contributor

E-Mail encryption issues

We've just implemented IronPort mainly for E-Mail encryption, but we are taking advantage of the great AntiSpam and A/V capabilities of the device also.

In testing our E-Mail encryption, I have these feedback points and I'm hoping someone can help me address some of these concerns.

1) It seems that some people behind a corporate firewall had no issues at all receiving the email, signing up for an account, and responding to the secure message.

2) Others, however, received error messages, the links may not have worked if saved to their desktop, or had other possible network issues.

3) Some replied within the secure message, which I received. Others replied to the original email, which I also received. However, if I then replied to the original email that was encrypted as well, even though their response to me was not and my reply to them was not.

4) Within the secure message, the only clear options to a user are “Reply” or “Reply to all”. There are no clear instructions that if you want to cancel, you need to close the browser.

2 REPLIES 2
kyerramr
Beginner

Saurek,

2) Could you be specific of what kind of errors you noticed? When you say links saved to desktop are you referring to securedoc.html? If there is an issue accessing links for activation or registration these might be related to proxy or network related issues. Please have these user's try accessing these links outside the network and see if the issue persists.

3) Are you referring to secure replies being received as encrypted envelopes? This is part of how secure replies work, if you want secure replies coming into your domain as plain text instead of PXE envelopes use the TLS feature.

Best,
Kishore

keithsauer507
Contributor

Ok for number 3:

I had in the subject line, if subject contains [send secure]. I changed it to if subject begins with [send secure]. This way the RE: [send secure] won't always be encrypted.

If you want it encrypted we allow them to reply from the decrypted securedoc.html. I was referring to replying to the initial "You have received a secure message" notification.

For number 2:
I have info from an individual who saved securedoc.html to their desktop and opened it in IE. She entered the password and it just sat there for a really long time until she lost patience and closed out. Just sat there...

I'm wondering if those compatibility issues could be minimized with the checkbox that says "Use Decryption Applet" under the Encryption Envelope Profile in Ironport. The description for this checkbox (which is currently checked) states "Disabling this setting will cause message attachments to be
decrypted at the key server. The message will take
longer to open (but is guaranteed to work in all user environments). "

What's your opinion? For broader compatibility, it appears as if I should uncheck that box.

Other feedback seems to pertain to confused users saying "Why do we have to register for Cisco?" So that would be more branding and clearer communication that our Marketing team can come up with for our text resource that kicks off the "You have received a secure message" notification.

Content for Community-Ad