Using S/MIME encryption
S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of MIME data. The FortiMail unit supports S/MIME encryption.
You can encrypt email messages with S/MIME between two FortiMail units. For example, if you want to encrypt and send an email from FortiMail unit A to FortiMail unit B, you need to do the following:
1. On FortiMail unit A:
• create a certificate binding for the outgoing email to obtain FortiMail unit B’s public key in the certificate to encrypt the email. For details, see
“Configuring certificate bindings”.
| If the email to be encrypted is matched both by the message delivery rule and the policy, the email will be encrypted based on the content profile in the policy. |
2. On FortiMail unit B:
• create a certificate binding for the incoming email and import both FortiMail unit B’s private key and certificate to decrypt the email encrypted by FortiMail unit A using FortiMail unit B’s public key.