Article ID: 110516170

Situation-dependent email parking and automatic re-sending

Tags:  IBM Domino  KeyManager

Sign your emails using iQ.Suite KeyManager. No certificate is available for the first time a user would like to send a signed email.

iQ.Suite KeyManager

List of existing individual certificates in iQ.Suite KeyManager

Certificates in iQ.Suite KeyManager
List of existing individual certificates in iQ.Suite KeyManager (now including the new user)

The first email is created as a request for a new certificate in iQ.Suite KeyManager. While the certificate is created via a Trust Center or an individual certificate, the email cannot be processed further and would be wrongfully put into quarantine by the signature job.

In a case like this, the administrator would have to send the email anew from quarantine, or the original sender would have to send it from his mail file, as soon as a key existed in iQ.Suite KeyManager.

Using the Smart module, this can be automated.

Step By Step
iQ.Suite Text Rule

A rule requesting the signing of the email (e.g. a text rule)

iQ.Suite Text Rule: iQ.Suite KeyManager – Sign E-Mail

An email to be signed.

An email to be signed
Crypt Mail Job Basic

A Crypt mail job transferring an email to be signed to iQ.Suite KeyManager

Crypt Mail Job [Basic] - iQ.Suite KeyManager - Sign S/MIME Outgoing Message with iQ.Suite KeyManager

Crypt Mail Job Operations

Crypt Mail Job [Operations] - iQ.Suite KeyManager - Sign S/MIME Outgoing Message with iQ.Suite KeyManager

Crypt Mail Job Misc

This jobs signs emails using iQ.Suite KeyManager. If successful, the text ““ is added to the subject heading.

If an error occurred (e.g. missing certificate), your email would not be transferred to the next job and also NOT put into quarantine.

Crypt Mail Job [Misc.] - iQ.Suite KeyManager - Sign S/MIME Outgoing Message with iQ.Suite KeyManager

iQ.Suite Text rule

A rule that checks whether the email was signed

This rule checks via the “success text” in the subject line whether the previous job signed the email. 

iQ.Suite Text rule: iQ.Suite KeyManager - is signed

iQ.Suite KeyManager should be signed

A rule that checks whether the email should be signed.

This rule checks using the list ($TKFlag50), whether the signing job has been processed.

iQ.Suite KeyManager - should be signed

Delay not signed emails

A Smart Mail Job that delays the email when the signing job was processed, but the email could NOT be signed successfully.

Job: iQ.Suite KeyManager - delay not signed emails [Basics]

Delay not signed emails operations

ATTENTION: Rule Execution Mode must be set to “Just Before the job“, since the values of both rules are changed with the “iQ.Suite KeyManager - Sign S/MIME Outgoing Message with iQ.Suite KeyManager” job.

The global parameter “ToolKit_UseDynamicRuleEvaluation” must be set to “Yes“.

Job: iQ.Suite KeyManager - delay not signed emails [Operations]

Entry into the delay database

This job “parks” emails for 5 minutes in the Smart Database.

Entry into the delay database
Send Parked Mail

A database job that stores the email back in the inbox for further processing.

This job transfers all emails available after the delay interval back into the inbox. The job runs every 15 minutes, which means that the email may be parked between 5 and 20 minutes.

Smart Database Job: iQ.Suite KeyManager - Send Parked Mail

Sign S/MIME Outgoing Message

Since the Mail-Grabber resumes after retrieving the email from the Smart Database at the same point at which the email was parked, an additional job is needed for signing (the first job will NOT be re-started).

Job: iQ.Suite KeyManager - Sign S/MIME Outgoing Message with iQ.Suite KeyManager 2 [Basics]

iQ.Suite KeyManager 2 Operations

This job is only executed, if the email should be signed, but has not yet been signed. The rule must be checked immediately before the job.

Job: iQ.Suite KeyManager - Sign S/MIME Outgoing Message with iQ.Suite KeyManager 2 [Operations]

Sign S/MIME Outgoing Message

In this job, the email is stopped in case of an error, put into quarantine and the administrator is notified.

If successful “” is also added in the subject heading. Due to the delay of the email, iQ.Suite KeyManager has enough time to create the necessary certificate in a Trust Center and is then able to sign the email with the second job.

Job: iQ.Suite KeyManager - Sign S/MIME Outgoing Message with iQ.Suite KeyManager 2 [Misc.]

Subject heading

Emails with note in the subject heading informing about a signature.

Body with Signatur
Body with Signatur

You can add the configuration documents, as stated in the example, via the import function into your own iQ.Suite configuration (or any testing environment).

Last updated: 11 May 2016


« Previous article Next article »

Rate it

0/5 stars (0 votes)
Situation-dependent email parking and automatic re-sending 0 5 0

Add a comment


Captcha

Go back

Cookies are important to the proper functioning of this site. Click Agree to proceed and accept cookies. Learn more >>