Looking for transparent encryption software

Posted on 2007-08-09
Last Modified: 2012-05-05
We are running Exchange Server 2003 with 100 mailboxes.  We  need to find an encryption product that can be used with the global address list & with internet recepients.  We want it to be transparent to the clients & customers - meaning no exchange of public keys or 3rd party certificates.  Does anyone have any suggestions?
Question by:Snitz
    LVL 6

    Expert Comment

    look at this website

    PGP (Pretty Good Privacy) encryption uses public / private key sets to encrypt and de-crypt emails.  

    Thay been around for a few yrs, but it is very hard to implement.

    LVL 33

    Expert Comment

    by:Dave Howe
     There are really only two standards for transparently encrypted mail, and unfortunately both of them require the *recipient* to take steps to obtain a decryption key; there are a few solutions that don't require this, but those invariably involve clicking a link that takes you to a website where the decryption takes place (not a good move; if its important enough to encrypt, its important enough you don't want the decryption to take place on someone else's machine)

      Those are PGP (aka GPG) and s/mime (which uses the same technology used for https websites)

      For oneshots, you can make a self-decrypting archive; a good tool for this is the completely free 7-zip ( - Downside is that the SDA is an executable file; you don't need to run it (a copy of 7-zip can decrypt it too) but its still a .exe so email systems will be hostile to it, and of course this involves several manual steps (you must create a document (.txt or more probably .doc), zip it with 7-zip, attach it to an email, then the recipient run it, have it extract the file to somewhere, then open the file.
    LVL 6

    Accepted Solution

    What you are looking for does not exist. Encryption requires some kind of tokens(keys or certs) to be exchanged to ensure that the correct parties can access the encrypted files and others can not.

    DaveHowe is right about the two options available and webmail solutions, but I would go one step farther in saying that webmail is not viable at all since anyone can get the plaintext e-mail with the link and go to the site. If the fraudulent person gets there first they can create the initial password and gain access to the mailbox. This could be avoided if you set up the password on the webmail boxfor the recipient, but then you are exchanging passwords instead of certs or keys (honestly not any easier and less secure).

    Also, I would put my money on PGP as the more secure solution, and is mild to setup, transfer keys, etc. My company has at least 1000 people worldwide using messaging encryption with PGP including connections with suppliers and lawyers, and it really isn't that difficult. You should reconsider your decision to avoid key or certs.
    LVL 1

    Expert Comment

    Forced accept.

    EE Admin

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    "Migrate" an SMTP relay receive connector to a new server using info from an old server.
    If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
    To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    7 Experts available now in Live!

    Get 1:1 Help Now