On 03/25/2016 02:36 PM, [email protected] wrote: > > Zitat von Matthias Henze <[email protected]>: > >> Hi, >> >> I had several discussions with other vendors of mail encryption >> gateways and all told me that I'm wrong. But today Ciphermail did some >> thing I've predicted and proved that I was right. >> >> This is what I think, please correct me if I'm wrong: >> >> For me s/Mime (like PGP) is a encryption system based on public and >> private keys. If some one has access to the public key he can encrypt >> some thing which only can be decrypted with the private key. So, when >> some one sends an s/Mime signed mail to me I should be able to send a >> encrypted mail to him even if I do not have a s/Mime certificate for >> my e-mail address on my system. >> >> Exactly this happened on my site with Ciphermail. I have a s/Mime >> certificate for my e-mail addresses imported in Ciphermail and some >> one else sent a signed mail to me. With this mail Ciphermail stored >> the public key of the third party. When I mail to him Ciphermail does >> what I would expect and encrypts the mails. Yesterday a other mail >> user of my site which has no certificate in Ciphermail received a mail >> from exact the same person and replied. The reply got encrypted by >> Chiphermail despite the sender has no certificate imported to >> Chiphermail. This was what I would expect to happen. >> >> Bravo Ciphermail! :-) And thank you Ciphermail! You proved me right! >> >> I had a discussion with the support of an other encryption gateway and >> asked them, why mail sent to me from the other site got not encrypted >> despite the system recorded my signature with my public key. They told >> me that the mail do not get encrypted because the *sender* does not >> have a certificate imported to their system and that it is impossible >> to send s/Mime encrypted mails without a certificate for the *sender*. > > This is a common (mis)behavior of e-mail clients, they refuse to sent > encrypted e-mail if they are not able to store the e-mail encrypted in > the "sent" folder. This is only possible if the *sender* also has a > certificate and a private key, but this not mandated by S/MIME standard. > I guess the other party simply adapted this behavior without rethinking > if it is useful for a gateway at all.
Oh I now see I completely misunderstood the original question :) As Andreas already explained, email clients want to store the message encrypted in the sent items folder and therefore requires that the sender has a key. With a gateway this is not required. Kind regards, Martijn Brinkers -- CipherMail email encryption Email encryption with support for S/MIME, OpenPGP, PDF encryption and secure webmail pull. https://www.ciphermail.com Twitter: http://twitter.com/CipherMail _______________________________________________ Users mailing list [email protected] https://lists.djigzo.com/lists/listinfo/users
