Unsecure when "Open" using web-mail

Unanswered Question
Apr 22nd, 2008
User Badges:

I'm using Ironport C350 with Ironport Mail Encryption server...

When a user receives a secure email using something like Yahoo! Mail on-line (mail.yahoo.com), then selects the option to "Open" the html attachment, it opens unsecure and is temp'd at the mail host, not the users PC and it's not using SSL.

Not sure where I've gone wrong.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
kluu_ironport Tue, 04/22/2008 - 04:56
User Badges:

The content of the message should be encrypted throughout the whole process until the user supplies their password and clicks on open. When they click on Open, the information is sent via https (port 443) to the secure https://res.cisco.com. Below is the url that it's using. The decrypting process occurs over the secure https port and then once it's decrypted, it gets displayed in the users browser.


https://res.cisco.com/websafe/custom.action?cmd=authFrame


I'm using Ironport C350 with Ironport Mail Encryption server...

When a user receives a secure email using something like Yahoo! Mail on-line (mail.yahoo.com), then selects the option to "Open" the html attachment, it opens unsecure and is temp'd at the mail host, not the users PC and it's not using SSL.

Not sure where I've gone wrong.
ghemphill_ironport Tue, 04/22/2008 - 13:29
User Badges:

I'm not using res.cisco.com - I have the Ironport Encryption server instead. I haven't tested this using CRES, but I'm going to today, but I'm hoping it's just something I have configured wrong.

Actions

This Discussion