Hi,
I've been asked to set up a single mailbox project with a public key certificate so that it can receive encrypted emails. The top of message body will contain the email addresses of intended recipients, and it's been suggested that we use Outlook/exchange rules to then forward the mail to the final recipients.
(We'll have to leave aside that I spent many hours issuing individual SMIME certificates to all users on this same project - the project Client has decreed that they'll only send and accept emails to/from a central mailbox).
I've been running some tests using outlook rules to forward these emails with no joy. Because the body text is encrypted, exchange/outlook can't read the addresses to trigger the rules.
The only way I can see this working would to strip the encryption from the email (possibly some VB script shenanigans? Its not something I have any expertise in, but I'm willing to learn ).
All outgoing email on the project will also have to be sent from this account, although I think I should be ok setting users up as delegates for the mailbox and making sure they have the correct public keys associated with the outlook contacts for the remote mailboxes.
Does anyone have any clever ideas?
My gut feeling is that this scheme is a wrongun; wouldn't a TLS connection be a better option if all we're worried about is interception? Once we've decrypted the mails to forward them internally it surely defeats the object?