Unsecure when "Open" using web-mail

ghemphill_ironport · ‎04-22-2008

I'm using Ironport C350 with Ironport Mail Encryption server...

When a user receives a secure email using something like Yahoo! Mail on-line (mail.yahoo.com), then selects the option to "Open" the html attachment, it opens unsecure and is temp'd at the mail host, not the users PC and it's not using SSL.

Not sure where I've gone wrong.

kluu_ironport · ‎04-22-2008

The content of the message should be encrypted throughout the whole process until the user supplies their password and clicks on open. When they click on Open, the information is sent via https (port 443) to the secure https://res.cisco.com. Below is the url that it's using. The decrypting process occurs over the secure https port and then once it's decrypted, it gets displayed in the users browser.

https://res.cisco.com/websafe/custom.action?cmd=authFrame

I'm using Ironport C350 with Ironport Mail Encryption server...

When a user receives a secure email using something like Yahoo! Mail on-line (mail.yahoo.com), then selects the option to "Open" the html attachment, it opens unsecure and is temp'd at the mail host, not the users PC and it's not using SSL.

Not sure where I've gone wrong.

ghemphill_ironport · ‎04-22-2008

I'm not using res.cisco.com - I have the Ironport Encryption server instead. I haven't tested this using CRES, but I'm going to today, but I'm hoping it's just something I have configured wrong.