Re: Sending submit instruction to email engine - pwd encryption

2012-10-31 Thread Antonio Monizza 
Hi Ron,

first of all thank you so much for your answer, actually I'm afraid I don't
fully understand how you manage a mail used at first without
login/password, to which then add login/password at mail arrival on remedy
email engine

can you please explain this in deeper detail?

thanks
cheers
Antonello
antomoni...@gmail.com

On Tue, Oct 30, 2012 at 5:16 PM, Peters, Ron  wrote:

> **
>
> You sort of imply that you’ll have a custom form/app that will be
> available to external folks and have the fields to be filled out which will
> send the email. A couple thoughts here. As Rebecca mentioned you could put
> the login/password in the template being sent but hide it behind your
> form/app. The problem may be that the login/password would be easily
> extracted from the in-flight message which is a security issue.
>
> ** **
>
> You could have the form/app generate the email without the login/password
> and then add that information when the message arrives to your internal
> server which keeps the sensitive information internal. I use a system like
> this for creating incidents that come from many different email sources
> that have no knowledge of the login/password necessary for ticket creation.
> Let me know if you want more information and we can talk directly.
>
> ** **
>
> Ron
>
> ** **
>
> *From:* Action Request System discussion list(ARSList) [mailto:
> arslist@ARSLIST.ORG] *On Behalf Of *Antonio Monizza
> *Sent:* Tuesday, October 30, 2012 8:14 AM
> *To:* arslist@ARSLIST.ORG
> *Subject:* Sending submit instruction to email engine - pwd encryption
>
> ** **
>
> ** Hi all,
>
>
> I need to implement a record creation on a table using an email template,
> which is quite simple
>
> my only concern is about a security constraint according to which the
> password must be encrypted (while I assume it is normally not encrypted
> when you fill the template in the mail body before sending it to ARS email
> engine)
>
> There will be a unique userid/pwd designed for this interface, regardless
> of the actual users sending the email, email senders will be outside our
> organization infrastructure network
>
> Is that feasible? Any tips about this topic?
>
> Thanks in advance for your help
>
> Antonello Monizza
> _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ 
>
>  _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_
>

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"

Re: Sending submit instruction to email engine - pwd encryption

2012-10-30 Thread Peters, Ron 
You sort of imply that you'll have a custom form/app that will be available to 
external folks and have the fields to be filled out which will send the email. 
A couple thoughts here. As Rebecca mentioned you could put the login/password 
in the template being sent but hide it behind your form/app. The problem may be 
that the login/password would be easily extracted from the in-flight message 
which is a security issue.

You could have the form/app generate the email without the login/password and 
then add that information when the message arrives to your internal server 
which keeps the sensitive information internal. I use a system like this for 
creating incidents that come from many different email sources that have no 
knowledge of the login/password necessary for ticket creation. Let me know if 
you want more information and we can talk directly.

Ron

From: Action Request System discussion list(ARSList) 
[mailto:arslist@ARSLIST.ORG] On Behalf Of Antonio Monizza
Sent: Tuesday, October 30, 2012 8:14 AM
To: arslist@ARSLIST.ORG
Subject: Sending submit instruction to email engine - pwd encryption

** Hi all,

I need to implement a record creation on a table using an email template, which 
is quite simple

my only concern is about a security constraint according to which the password 
must be encrypted (while I assume it is normally not encrypted when you fill 
the template in the mail body before sending it to ARS email engine)

There will be a unique userid/pwd designed for this interface, regardless of 
the actual users sending the email, email senders will be outside our 
organization infrastructure network

Is that feasible? Any tips about this topic?

Thanks in advance for your help

Antonello Monizza
_attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers 
Are"_

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"

Re: Sending submit instruction to email engine - pwd encryption

2012-10-30 Thread Boyd, Rebecca 
How about putting the userid/pwd in the email template form that's stored
on the server?


On Tue, Oct 30, 2012 at 11:13 AM, Antonio Monizza wrote:

> ** Hi all,
>
> I need to implement a record creation on a table using an email template,
> which is quite simple
>
> my only concern is about a security constraint according to which the
> password must be encrypted (while I assume it is normally not encrypted
> when you fill the template in the mail body before sending it to ARS email
> engine)
>
> There will be a unique userid/pwd designed for this interface, regardless
> of the actual users sending the email, email senders will be outside our
> organization infrastructure network
>
> Is that feasible? Any tips about this topic?
>
> Thanks in advance for your help
>
> Antonello Monizza
> _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_




-- 
Rebecca Boyd
Application Administrator
Wake Forest University

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"