Monday, September 13, 2010

How Forefront Protection 2010 for Exchange Server handles encrypted emails

Fellow MVP Andrew Cheng raised an interesting question in the Forefront Protection 2010 for Exchange Server forum.  He wanted to know how FPE handles encrypted emails and whether it will delete or block these emails if it's configured to delete encrypted compressed files.

I prototyped this and can say with certainty that configuring Policy Management > Global Settings > Advanced Options > Delete encrypted compressed files will NOT block encrypted emails. As a matter of fact, you can even send encrypted attachments in an encrypted email and the encrypted attachments will not be deleted.
Here are the results of my tests, all were sending emails to an Exchange 2010 user protected by FPE 2010. FPE was configured to delete encrypted attachments, as described above.
  • Send non-encrypted email with non-encrypted ZIP attachment: Received email and attachment
  • Send non-encrypted email with encrypted ZIP attachment: Received email, but attachment was stripped
  • Send encrypted email with non-encrypted ZIP attachment: Received email and attachment
  • Send encrypted email with encrypted ZIP attachment: Received email and attachment
By the way, I used free secure email certificates from Comodo to perform these tests.  I highly recommend them, as they're easy to request and install.  Oh, and did I mention they're FREE? 11:47 AM