On 09/18/2011 09:00 PM, Brad Triem wrote: > ----- Original Message ----- >> On 09/18/2011 06:27 PM, Brad Triem wrote: >>> Appears that didn't work. Below is the snippet from the djigzo >>> maillog: >>> >>> Sep 18 11:20:03 secure postfix/qmgr[9933]: DF40769B35A: >>> from=<[email protected]>, size=1753, nrcpt=1 (queue active) >>> Sep 18 11:20:03 secure postfix/smtpd[8592]: disconnect from >>> localhost.localdomain[127.0.0.1] >>> Sep 18 11:20:05 secure postfix/smtp[8598]: DF40769B35A: >>> to=<[email protected]>, >>> relay=mail.externaldomain.net[xxx.xxx.xxx.xxx]:25, delay=1.3, >>> delays=0.01/0.01/0.63/0.61, dsn=2.0.0, status=sent (250 ok >>> 1316362805 qp 24043) >>> >>> The from= shows [email protected]. But when I receive the email in >>> my test external account, it shows the From and reply-to as >>> [email protected]. When I look at the header of the >>> email, at the very top it shows "Return-Path: [email protected]". >>> >>> The mx records for encrypted.domain.com are set properly as well. >>> Looking for a few more ideas or suggestions. Thanks again. >> >> Djigzo uses the "From" header for the identity of the sender. If >> there >> is no "From" header in the message. the envelope sender is used. >> Sometimes the terms "from" and "sender" are used interchangeably. The >> MPA logs therefore uses the term "originator" for the identity of the >> sender. The originator by default uses the from header value. >> >> The MTA logs (i.e., the Postfix logs) only show the envelope sender. >> The >> envelope sender in the MTA logs is called "from". This is *not* the >> from >> header. To see which identity is used, you should look at the MPA >> logs >> (see the originator field). >> >> In your case I guess the originator is "[email protected]" >> and >> not "[email protected]". You should therefore set all settings for the >> sender on the encrypted.domain.com domain and not on the domain.com >> domain. >> >> Hope this makes sense. >> >> Kind regards, >> >> Martijn Brinkers >> > > > The MPA log shows the following: > > 8 Sep 2011 11:20:03 | INFO checkSMIMESign | MailID: > ea7621fe-10ae-4f48-b888-c05532f2c91a; Originator: [email protected]; > Sender: [email protected]; (mitm.application.djigzo.james.mailets.Log) [Spool > Thread #0] > > Based on what you said, this email should be encrypted due to the originators > domain, unless I have something wrong in the below configuration for the > domain in djigzo: > > Locality: Internal > Encrypt Mode: Force > Encryption notification: checked > > Password: blank > Password ID: blank > Validity Interval: 0 > Send to originator: checked > > S/MIME: not allowed > > Subject trigger: not enabled > > SMS: not enabled > > PDF Encryption Allowed: checked > Max. message size: 52428800 > > Advanced Settings: > > PDF Reply Allowed: checked > Validity Interval: 1440 > Reply URL and Reply Sender configured
You have set Encrypt Mode to "Force" but I think you need to set it to "Mandatory". In retrospect force should have been named differently. If you want to make encryption mandatory you should use mandatory. Hopefully this helps. Kind regards, Martijn Brinkers -- Djigzo open source email encryption _______________________________________________ Users mailing list [email protected] http://lists.djigzo.com/lists/listinfo/users
