Editing partner domains
- Go to Identities > Partners > Partners.
- Double-click the domain you want to edit and stay on the Domain entry tab.
- Select the settings for Content filters for inbound and outbound emails.
- Configure the basic behaviour of the URL Safeguard for trusted and untrusted emails. Also determine whether the URL tracking should be switched on or off. You can find our recommended settings at Recommended partner settings for the URL Safeguard.
- Make the following settings under End-to-End security:
- End-to-end encryption Specify the end-to-end encryption.
NOTE: Here you can also set the S/MIME algorithms used to specific values. This function is used, for example, if the partner's email server suggests an algorithm that the partner cannot process properly itself. If both S/MIME certificates and PGP keys are available for the partner, S/MIME certificates are preferred when sending and receiving emails. See End-to-end encryption.
- (Optional) Domain password Set a domain password. The domain password is used to protect PDF attachments and PDF Mails.
- Certificates Configure your certificates.
- PGP keys Configure your PGP keys
- End-to-end encryption Specify the end-to-end encryption.
- Choose the transport security for this domain. The transport security determines whether the communication to the servers of the partner domain must be encrypted and which certificates are trusted, if necessary. See Transport security.
NOTE: You can also store additional certificates here that can be used for transport encryption to the target server. To deactivate transport security, untick all check boxes.
- Specify the trust in this domain. Trust in a domain is strengthened by emails sent to the domain and approaches 0 over time without further email communication. You can also set the trust to a fixed value. See Level of Trust.
- Click Close dialog.
TIP: URL tracking allows you to see which users accessed URLs that turned out to be malicious after the fact. Details can then be found on the URL Safeguard tab of the respective message track. See URL Tracking.
NOTE: In individual cases it can happen that the encryption and signature algorithms used within a domain differ due to different collected or imported certificates. To reset them to the same state, use the link Reset S/MIME Algorithms on the Domain entry tab.
NOTE: To upgrade a certificate or PGP key to a domain key, go to the partner email address that has this key and click Promote to domain certificate/PGP Key.
Recommended partner settings for the URL Safeguard
We recommend the following partner settings for the URL Safeguard:
Trusted emails Retain original URLs
Untrusted emails Rewrite URLs
Track URL access
For maximum security we recommend the following settings:
Trusted emails Rewrite URLs and block access, Additionally rewrite URLs in text attachments, Additionally rewrite host names
Untrusted emails Rewrite URLs and block access, Additionally rewrite URLs in text attachments, Additionally rewrite host names