> On 15 Feb 2015, at 07:56 , John <j...@klam.ca> wrote:
>
> On 2/15/2015 9:40 AM, Mauricio Tavares wrote:
>> On Sun, Feb 15, 2015 at 9:12 AM, John <j...@klam.ca> wrote:
>>> A couple of the servers I support are medical offices, and for patient
>>> confidentiality reasons they need to send email out encrypted.
>>> After a lot of discussion they have come to the conclusion that in order to
>>> avoid accidentally sending confidential data unencrypted, all email must be
>>> encrypted.
>>> What they would like is a filter on outgoing email that checks for
>>> encryption and refuses anything not encrypted. They need to err on the side
>>> of caution.
>>>
>>> So far Google has not been my friend.
>>>
>>> Does anybody know of a way of enforcing encryption, or detecting unencrypted
>>> email.
>>>
>> Stupid question: is the entire email supposed to be encrypted or
>> just part of it ("Hi Bubba. Please see attached an encrypted doc
>> containing an update.")? Also, which encryption did they settle down
>> on?
> Why is this a stupid question?
Not your question. Mauricio was asking a question he prefaced with “stupid
question:“
> All email sent must be encrypted, they plan on using SMIME mainly because it
> is more common than PGP. The MUAs are a mixture of Outlook and Thunderbird.
I’d assume there would be something in the headers to indicate the message was
encrypted. Probably some sort of milter running on your submission port would
be able to check this?
Might even already be in mime-defang?
--
'They were myths and they were real,' he said loudly. 'Both a wave and a
particle.' --Guards! Guards!
