Configuring SecureMail
SecureMail is an add-on for the Email Security product that allows users to send an email message that can only be viewed and responded to from within a secure web based dashboard. This is particularly useful for sending sensitive messages that should not be stored in the recipients inbox, like a traditional email message would be. SecureMail is convenient - the sender only has to compose a new mail in their favourite email client (Outlook, Outlook Web Access, iOS Mail, etc) and meet the trigger criteria for it to be automatically converted to a link that the recipient can use to view the message securely in the web dashboard.
Configuring the SecureMail Trigger Rule
When the SecureMail license is added to your account a new Message Rule will be generated with the title SecureMail and it will appear in the Message Rule list in between the Deliver Inbound and Deliver Outbound rules. The rule will have a special final action of "Secure Deliver".
Navigate to Products, Email Security and then Message Rules to view the rule.

By default, a new Custom Rule Data regular expression entry is created containing the trigger word [secure]
which is then attached to the Subject rule condition. This means that for the message to be processed by SecureMail, the sender should include the [secure]
trigger word somewhere in the message subject. The rule can be edited, for example if you prefer the keyword to trigger on the message body, or use an entirely different trigger such as a special header or list of sender email addresses.
The trigger word can be edited by navigating to the Products, Email Security and then Custom Rule Data section and clicking the SecureMail Trigger entry.

Configuring Securemail Settings
Navigate to Products, Email Security, Product Configuration and click the SecureMail Settings option.

The settings control the behaviour of the SecureMail experience for recipients.
General
- Read Receipts - check this option if the sender should receive a read receipt when the recipient has opened the message.
- Internal user permissions - check the permissions that an internal user should have when replying to a SecureMail message, such as the ability to add a CC or Forward address. In most cases, these will be the same as the External user permissions. These permissions apply to all SecureMail Messages that are sent.
- External user permissions - check the permissions that an external user should have when replying to a SecureMail message, such as the ability to add a CC or Forward address. In most cases, these will be the same as the Internal user permissions. These permissions apply to all SecureMail Messages that are sent.
- External interface base domain - (read only) the base domain of the SecureMail dashboard used by external users to view and respond to secure messages. Please contact your service provider for further information.
Templates
It is possible to fully customise the SecureMail templates using the inbuilt HTML editor. The following templates are available:
- New SecureMail template - sent to the recipient when they receive a new SecureMail message.
- Read Receipt template - sent to the sender when the recipient opens the SecureMail message for the first time (if the Read Receipts setting is enabled).
- Confirm Registration template - sent to the recipient after they have registered for access to SecureMail.
- Registration Activation template - sent to the recipient when their SecureMail account is ready to use.
When creating templates a number of built in placeholders are available:
Placeholder | Description |
$SUBJECT$ | The subject of the secure message being sent |
$RECIPIENT$ | The recipient of the secure message |
$LINK$ | The link for the recipient to press. This will be in the context of the template in use. |
$EMAIL_DATE$ | This is the UTC timestamp of when the secure email message was sent. |
$TIMESTAMP$ | The UTC timestamp of when a message was opened. This is used typically in the Read Receipt template. |
Composing a new SecureMail message
The sender should simply compose a new message in their normal email client (i.e. Outlook, Outlook Web Access) and ensure the trigger conditions are met. By default, the trigger condition is that the subject should contain the pattern [secure]
.
