We just recently deployed two IronPort IEA boxes. With our current configuration external recipients can login to our IEA boxes to send encrypted e-mail. When they use the "Automatically Blind Carbon Copy Me" option the system will send an e-mail to their real mail account so that they have a record of the e-mail.
The problem that I am just now learning about is some of the recipients e-mail systems block these e-mails because we are spoofing their e-mail domain.
Is there a "best practice" to apply here? I am currently advising the recipients to have their IT staff whitelist our IP addressess for spoofing but wanted to see what everyone else thinks.
Jason- Some mail gateways are configured to check SPF records and others block inbound mail with domain spoofing. Its a tough task to get the bcc messages through. I'm sure some other folks in the forum might have a work around (temp).
Since you host your own keys (IEA) with push method (envelopes), why not use the manage messages section on the left pane for external users to retrieve their sent mail?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...