Thank you for all your help, I'm picking this back up where we left off. Setting it to "internal" helped as you suggested. I can now telnet from off site to the server's port 25 and send email via telnet but of course, only after adjusting the MTA (admin > mta > config > my networks > add my current public IP where I'm testing from). I get that, to avoid anonymous relay.
When I telnet test email it seems to send it in plain text...should I expect some kind of link to a portal or something? Is it because the mail was sent via TLS to Gmail that it didn't re-encrypt the contents? telnet x.x.x.x 25 Trying x.x.x.x... Connected to x.x.x.x. Escape character is '^]'. 220 cipher.domain.com ESMTP CipherMail ehlo mail.internaldomain.com 250-cipher.domain.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-STARTTLS 250-ENHANCEDSTATUSCODES 250 8BITMIME mail from:[email protected] 250 2.1.0 Ok rcpt to:[email protected] 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> Subject: Encrypt Test encryption number 5. . 250 2.0.0 Ok: queued as 44W61p2hVVz7SFG3 quit 221 2.0.0 Bye I was expecting Ciphermail to encrypt the contents somehow. I'm also confused a bit when the recipient gets the email (contents, attachments, etc) how the user decrypts the contents or the message. I'm still a bit foggy on that with my setup of ciphermail. I haven't found anything clear on the exact setup. Of course, I haven't put this server "in line" (internet > ciperhmail <> mail server) yet instead it's internet | ciphermail > mail server and the ciphermail is kind of standing out there with nothing pointing at it which lets me be able to test with telnet to see how it reacts both inbound from outside (telnet, from outside domain) and inside from (telnet trusted IP in MTA, from inside [email protected]). Hope that all makes sense. Maybe it's encrypting via TLS so since it's doing that it doesn't need to encrypt PGP or any other way...? Thanks for the help in understanding the process. On Thu, Mar 7, 2019 at 9:38 AM Martijn Brinkers <[email protected]> wrote: > See my comments inline > > On 07-03-19 14:57, Rafael Wolf wrote: > > Thank you, > > > > I have in relay domains: > > > > domain.com <http://domain.com> > > > > I have in the internal relay host: > > > > mail.domain.com <http://mail.domain.com> > > > > So...is it getting a bit confused between the root domain name and the > > sub domain perhaps? > > The gateway is split into separate parts: MTA (Postfix), which is > responsible for sending and receiving email, the MPA (mail processing > agent) which is responsible for encryption/decryption, the database > (which stores all settings), the Web GUI. > > The MPA is where all heavy lifting takes place like > encryption/decryption. The MPA need to know for which domains email > should be encrypted or decrypted. Therefore you need to manually add > your domains and set them to Internal. > > For all your domains do the following: > > 1. Add domain (from GUI, select domains, click "Add domain", Click > "Add", then on the "Edit domain" page, uncheck inherit for Locality and > set Locality to "Internal", then apply > > 2. Repeat 1 for your other domains. > > > Kind regards, > > Martijn Brinkers > > > > The email when testing via telnet to: [email protected] > > <mailto:[email protected]> then it gets relayed to mail.domain... > > > > I would think it just kicks it out and doesn't do anything special with > > it but it must be detecting it as an external and not internal address. > > > > domain.com <http://domain.com> and mail.domain.com > > <http://mail.domain.com> are the same IP (shared hosting on CPanel). > > > > Looking at their DNS records their mail.domain.com > > <http://mail.domain.com> doesn't have an A record only an MX...that > > might be the problem. I'll make an A record and retest. > > > > > > On Thu, Mar 7, 2019 at 3:48 AM Martijn Brinkers via Users > > <[email protected] <mailto:[email protected]>> wrote: > > > > Hi Rafael, > > > > See my comments inline > > > > On 03-03-19 15:24, Rafael Wolf via Users wrote: > > [SNIP] > > > > > So...I assume the content of my message is in the long encryption > > string > > > but if I'm looking at that in my GMail for example or other mail > > clients of > > > any kind I can't see anything but the encrypted.asc's long string > > of junk. > > > > > > How is anyone supposed to use the community version to encrypt & > > decrypt > > > stuff so they can see the content of received email? I have a > > hard time > > > believing regular users can figure out how to do that who aren't > > > technical. I've gone through the admin guide but nothing is > > standing out > > > to me. I see you can do S/MIME, PGP, PDF, etc. For whatever > > reason (and > > > the admin guide states why I think) PGP was selected to encrypt my > > test > > > message that I sent inbound. I haven't tried outbound yet. > > > > The most likely reason why your email sent to your internal domains > is > > encrypted is that you did not configure that domain to be an internal > > domain. The CipherMail gateway has to decide whether an email must be > > handled by the encryption or by the decryption pipeline. If an email > is > > sent to an "Internal" domain, the email is handled by the decryption > > pipeline and if the email is sent to an "External" domain, the email > is > > handled by the encryption pipeline. By default a domain is > considered to > > be "External" (you only own a few domains, the rest of all existing > > domains are external). You therefore need to add the domains for > which > > you receive email (the "Internal" domains) and override the > "Locality" > > for those domains from External to Internal. > > > > Kind regards, > > > > Martijn Brinkers > > > > -- > > CipherMail email encryption > > > > Email encryption with support for S/MIME, OpenPGP, PDF encryption and > > secure webmail pull. > > _______________________________________________ > > Users mailing list > > [email protected] <mailto:[email protected]> > > https://lists.ciphermail.com/mailman/listinfo/users > > > > > > > > -- > > Rafael > > > > > > -- > CipherMail email encryption > > Email encryption with support for S/MIME, OpenPGP, PDF encryption and > secure webmail pull. > -- Rafael _______________________________________________ Users mailing list [email protected] https://lists.ciphermail.com/mailman/listinfo/users
