Solved: Retention Period for Encrypted Emails IEA 370/ESA C160

Paul Johnston · ‎10-23-2013

Hi, trying to find out the default period and configuration parameter encrypted emails are kept once a user has recieved the email (You have received a secure message)

David Miller · ‎10-23-2013

There is no configurable retention period. CRES service level is to keep the message decryption keys for (at least) 10 years. You can expire emails, that is you can set an expiry date by setting an x-header on the email prior to encryption, or the sender can log in to CRES and set the expiry date, but that just prevents the recipient from retrieving the decryption key after the expiration date or elapsed time. The key is still retained on CRES and the sender can "un-expire" the message at any time. There are default time periods for the time allowed for a new recipient to register and to activate, but these are fixed in CRES,

View solution in original post

David Miller · ‎10-23-2013

There is no configurable retention period. CRES service level is to keep the message decryption keys for (at least) 10 years. You can expire emails, that is you can set an expiry date by setting an x-header on the email prior to encryption, or the sender can log in to CRES and set the expiry date, but that just prevents the recipient from retrieving the decryption key after the expiration date or elapsed time. The key is still retained on CRES and the sender can "un-expire" the message at any time. There are default time periods for the time allowed for a new recipient to register and to activate, but these are fixed in CRES,

Paul Johnston · ‎11-07-2013

Thanks David, apologies for the delay, thankyou for a great answer!