HIPAA is American health care provider regulations. It's similar in some
ways to PCI compliance, but it's got a lot of teeth and is thus scarier.
I think the challenge here is to get the email back to another Barracuda
device for decryption. I don't think routing according to sender is doable.
What's the big picture here? I'm guessing the Barracuda sends the
messages on somewhere other than QMT for delivery.
Off hand, I'd suggest using a sub-domain for encrypted messages. IOW,
normal messages would go to @domain.com, and encrypted messages to
@secure.domain.dom. You can define the alias domain on QMT, then use
smtproutes to route the alias to Barracuda. You'd also need to set up MX
for secure.domain.com. I think that would work, but I'm not positive.
I'm just not sure if the alias domain gets resolved before or after it
hits smtproutes. If it's done before, then (obviously) this wouldn't
work. I'm betting it would though.
Let us know how you make out.
--
-Eric 'shubes'
On 11/25/2014 11:47 PM, Sebastian Grewe wrote:
Hey Quinn,
I don't know what HIPAA is (something like PCI compliance I guess) but wouldn't
sending stuff through your server prior to delivering it to Barracuda break the
security chain? You would be a third, insecure party handling mail before sent
of the the secure service.
Maybe it's my lack of understanding what Barracuda does and how that makes it
HIPAA compliant, but in my opinion I'd tell that costumer to use Barracuda as
their outgoing mail provider and skip the man in the middle.
Just my two cents :-)
And as for your original question, haven't heard of such a thing yet but that
doesn't mean it doesn't exist somehow.
- Sebastian
Sent from my iPhone
On 26 Nov 2014, at 07:43, Quinn Comendant <[email protected]> wrote:
We have a customer who wants to use a Barracuda encryption service so they can
be HIPAA compliant. They have requested that outgoing mail their office submits
to our server on port 587 be forwarded to a barracuda network. I know qmail's
`smtproutes` allows incoming mail for a domain to be routed to another host,
but this requires the reverse of that: mail originating from a domain to be
routed to another host. Is there an equivalent `submissionroutes` configuration?
Thanks,
Quinn
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]