MailSealer Settings

  • In the common settings, the MailSealer and MailSealer light can be enabled
  • If both of them are active, the MailSealer first checks whether a corresponding policy is in effect
  • If a policy is in effect, the MailSealer Light is no longer executed
  • The only exception is if the policy has no signature and no encryption is activated

The settings are saved with "Apply Settings"


  • Certificates can be collected for all incoming mails if configured
  • OCSP is used to check the status of certificates with the online certificate status protocol
  • CRLs (Certificate Revocation Lists) can be activated in order to check for revoced certificates (in case of detected misuse)
  • If the Reddoxx CA is enabled, certificates for sender e-mail adresses can be automatically created
  • The default certificate validity (for certificates created via your own certificate authority) can be set (it is 365 days as default)


  • If Clear signing is set, the signature is added as separate MIME part to the E-mail
  • Sign before crypt can be used to sign the E-Mail prior to encryption. The advantage here is that the signature cannot be detected using so-called man-in-the-middle attacks.
  • The certificate chain can be attached to the signature


  • Include Sender key is required, if the sender later wants to receive the mail from the mail archive, so it can be decrypted again


  • Mailsealer licenses can automatically be assigned if "Auto assign licenses" is selected
  • The licenses will only be assigned, if a mail could be encrypted via MailSealer
  • If public or private key for mail encryption are not available, and the mail could not be encrypted, no license will be assigned accordingly

The settings are saved with "Apply Settings".

  • Here the opening and closing tag for the passphrase in the subject is definied
  • The default string is ( for the opening tag and ) for the closing tag, the passphrase in the subject then would be entered as (PASSPHRASE)

The settings are saved with "Apply Settings"

  • If desired, the signature method and encryption algorithm can be adjusted
  • The recipient needs to support especially the encryption method
  • The default settings is 3DES (triple Data Encryption Standard) encryption with SHA1 (Secure Hash Algorithm) signature method

The settings are saved with "Apply Settings"