When are incoming rules used?

Incoming rules are always applied when a message is sent to your domain. They enable:

• Decryption: To ensure that only authorized recipients can read the content of an encrypted message.
• Signature verification: To check the authenticity and integrity of the message.

Guide: Creating an incoming rule

1. Create a new route:

• Navigate to "Routing" in the menu and click on the "+". Click on "incoming" in the first step.

2. Select security protocol:

• Choose the desired protocol. Multiple selections are possible:
  • S/MIME: For certificate-based decryption and signature verification.
  • PGP: For key-based decryption and signature verification.
    Tip: More information about the protocols can be found in the "Cryptography" section.

3. Define sender/recipient:

• Specify which messages the rule should be applied to. There are three different options for sender and recipient:
  • Custom: You can either specify a particular mailbox or use the * operator.
  • Group: The rule applies to a predefined group
  • All: All incoming emails are considered in the rule.
• Note: If no groups have been created yet, follow the instructions in the Groups section.

4. Set cryptography options:

The following options are available in the dropdown menu:

• Decryption rules:
  • Do not decrypt
  • Decrypt if possible
• Signature verification rules:
  • Do not verify
  • Verify if possible
• Keys:
  • Encryption with a specific certificate or key.
  • Automatic selection of the appropriate certificate/key from your imported ones. This option is automatically active if you don't select any keys or certificates.
• Tip: If you want to use a specific certificate or key, make sure you have imported it beforehand.

5. Notifications:

• You have the option to display the respective cryptography status in the subject of your incoming emails.
• You can do this for: successful decryption, failed decryption, successful signature verification, failed signature verification

6. Save rule:

• Review your settings in the summary and click "+". The rule will now be active and appear in the overview.

Notes

• Incoming rules only apply to messages sent to your own domain.
• Make sure all required certificates or keys are stored in the cryptography section.