Solved: Identify incoming IronPort secure envelopes

RSteveKadish · ‎01-19-2012

Hi all,

We are interested in configuring our IronPort ESAs to recognize incoming IronPort secure envelopes. For instance, if someone sends one of our staff a message using the CRES, we'd like to tack some instructions onto the message that our staffer receives.

The problem is in identifying the incoming email. The attachment is not actually encrypted; it's just an HTML document called "securedoc_xxxxxx.html." We could filter off that, but it's not very exact.

Is there any other header, or some sort of uique tag within the attachment, that someone knows of that would allow us to accurately spot incoming messages with CRES-created content?

I'm open to ideas...

Thanks,

- Steve

Andreas Mueller · ‎01-23-2012

Hello Steve,

you could check for a header named X-PostX-Message-ID, that's what usually comes with messages where CRES is used. Should apply also to most customers using our encryption appliances.

Hope that helps,

Andreas

View solution in original post

Andreas Mueller · ‎01-23-2012

Hello Steve,

you could check for a header named X-PostX-Message-ID, that's what usually comes with messages where CRES is used. Should apply also to most customers using our encryption appliances.

Hope that helps,

Andreas

RSteveKadish · ‎01-23-2012

Hi Andreas,

Thanks very much! That's extremely helpful.

- Steve