Signed and Encrypted E-Mail

The E-Mail Security optional feature allows e-mail to be signed and/or encrypted.  In conjunction with special records in your domain's DNS records, it can also provide DKIM verification.

Signed E-Mail

Signed e-mail normally uses the sender's private key to sign the message, and the recipient then uses the sender's public key to verify the source of the message.  This requires a configuration command:

$email_security        * SMIMEsign

and then a typical FS file would contain:

$fax_user              "@FFUSER\EMAIL.USR

$email_options         smimesign

$email_sign_keyfile    "@FFBASE\steve.pfx;xyzzy"  ; private key
$email_esender         steve@copia.com

$email_from            steve@copia.com

$email_address         changeme@changeme.com

$email_subject         "Test of signed mail"

$email_attach          "`PR_FAXPATH" "application/pdf; name=""`PR_FAXPDF"""

Encrypted E-Mail

Encrypted e-mail normally uses the recipient's public key to encrypt the message, and recipients then use their own private key to decrypt the message.  This requires a configuration command:

$email_security        * SMIMEencrypt

and then a typical FS file would contain:

$fax_user              "@FFUSER\EMAIL.USR

$email_options         smimeencrypt

$email_encrypt_keyfile "@FFBASE\changeme.cer"
$email_esender         steve@copia.com

$email_from            steve@copia.com

$email_address         changeme@changeme.com

$email_subject         "Test of encrypted mail"

$email_attach          "`PR_FAXPATH" "application/pdf; name=""`PR_FAXPDF"""

DKIM E-Mail

This operation is similar to signed e-mail, but uses a special DNS record to verify the sending domain against the supplied key. This requires you or your ISP to add records to the domain DNS.  For more information on this, see the E-Mail Security topic.  You can add multiple DNS records and use DK_SELECTOR to select which one to use for a specific transmission.  You require a configuration command:

$email_security        * DKIM

and then a typical FS file would contain:

$fax_user              "@FFUSER\EMAIL.USR

$email_options         DKIM

$email_dkim_keyfile    "@FFBASE\TestRSAKey.pem"

$var_def               DK_SELECTOR steve

$var_def               DK_HEADERFIELDS "From:To:Message-ID"

$var_def               DK_SHA256 yes

$email_esender         steve@copia.com

$email_from            steve@copia.com

$email_address         changeme@changeme.com

$email_subject         "Test of DKIM mail"

$email_attach          "brochure.pdf" "application/pdf"

 

You can create any combinations of the above three security methods by using separate $email_..._keyfile commands. In this case the $email_security configuration command would need to show multiple keywords.

See Sending Signed and Encrypted E-Mail for more information.