Configure Secure Message Delivery encryption

The maximum length for the hostname is 64 characters.

Entering a hostname rather than an IP address is recommended, to avoid potential Microsoft Outlook warning messages generated in an end user’s inbox by the notification message.

If you have an appliance cluster, enter the IP address or hostname for one cluster appliance (primary or secondary). The cluster load balancing function directs traffic appropriately.

• Enforce strong password policy

  With this policy in force, an end-user password must meet the following requirements:

  • Between eight and 15 characters
  • At least one uppercase letter
  • At least one lowercase letter
  • At least one number
  • At least one special character; supported characters include:

    ! " # $ & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~

  End users are prompted to create strong passwords in the Secure Message portal.
• Display images within messages viewed in the Secure Message Portal

  Use this option to determine whether to allow images to display in secure messages viewed in the Secure Message portal. For security, this option is disabled by default.

  Warning: Enabling this feature is not recommended, because a malicious script hosted remotely could be disguised in the email as an image, allowing the attacker to compromise your system.
• Maximum message size

  End-user message size includes any attachments. The default value is 50 MB; maximum value is 100 MB.

• Reply all to secure messages received in the portal

  An end user may reply to all message recipients. However, if the option Internal domain email addresses only is selected for Allowed Recipients, the user may reply only to recipients inside your organization.

  The recipient list cannot be modified for this type of message.

• Forward secure messages received in the portal

  An end user may forward any secure message received to allowed recipients.

• Compose new secure messages within the portal

  An end user may compose and send a new secure message to allowed recipients.

• Attach files to secure messages sent from the portal

  An end user may send an attachment in a secure message These options are all selected by default.

The Allowed Recipients box offers options for the types of recipients to whom your customer may reply, forward, or send new secure messages. For security purposes, the recipient list must include at least one email address within your organization.

• Internal domain email addresses only. Only email addresses within your organization’s protected domains may be specified as recipients.

  Internal and external domain email addresses (at least one internal email address required). Email addresses outside your organization’s protected domains may be specified as recipients, but at least one address within your domains must be entered (default selection).

  See Protected Domain group for more information about determining your protected domains.

• Use the default message or customize it to suit your needs.

  The $URL$ field must be included in your notification because it creates the link the end user clicks to access the secure email portal.

• In the field Sender, enter one sender address for the notification.

  The sender address must belong to your internal protected domain. Because you do not want responses to the notification, ensure that the sender address is configured to drop any direct replies to the notification.

• In the field Subject, enter an email subject.

Any customizations you make to the notification email template are lost when upgrading to a new version of Forcepoint Email Security. After upgrade, you will need to reconfigure your customized templates.