SECURITY
To encrypt outgoing mail
Encrypting outgoing mail ensures that only the recipient of a message can read it while the message is in transit, stored in intermediate mailboxes, or in the recipient's mail file.
Each Lotus Notes client user must encrypt outgoing mail. The administrator cannot encrypt all outgoing mail on a server.
Senders control the choice of MIME format or Lotus Notes format when sending mail directly to the Internet or for messages that are addressed to Internet addresses. Mail recipients control the format of incoming mail in their user preferences. The message format determines the choice of encryption method.
Lotus Notes uses S/MIME encryption for outgoing mail in the following situations:
Some recipients may have dual Internet certificates, meaning one certificate is for encryption and the other is for signatures and SSL. If the recipient uses dual certificates, Lotus Notes extracts the Internet encryption certificate and uses it to encrypt the message.
The sender of an encrypted Lotus Notes mail message must have the public key for each intended recipient. The public key can be stored in the Lotus Domino Directory, in an LDAP directory that is accessible to the sender, or in the sender's Contacts.
For information on encrypting outgoing mail, see the topic "Encrypting and digitally signing email messages" if you have installed IBM Lotus Notes 8 Help.
To encrypt incoming mail for a mail file
If users have Editor access to their Person documents in the IBM® Lotus® Domino® Directory, they can encrypt all incoming mail they receive. Otherwise, the administrator must complete this procedure for them.
1. Open the user's Person document in the Lotus Domino Directory.
2. Click Edit Person, and then click Basics.
3. In the field "When receiving unencrypted mail, encrypt before storing in your mail file," select Yes.
4. Save the document.
To encrypt saved mail
Users can encrypt drafts of unsent messages and messages that they save after sending. For unsent mail, the message is encrypted only with the sender's public key. For sent mail, the message is encrypted with the sender's and the recipient's public keys.
Only messages saved after this option is chosen are encrypted. To encrypt previously saved messages, users must open and resave the messages. Encrypting saved mail prevents unauthorized access to messages by other users with unauthorized access to the mail server.
Related topics