Secure Document Handling (REST only)
Secure Document Handling increases your security standard in order to send business-critical documents encrypted via email. Before the documents are sent, Retarus encrypts them and creates and sends the password in a separate process so that only the person actually authorized can open them.
This feature is only available with the AntiVirus x2 Attachment-Scan.
Secure Document Handling is used to encrypt file attachments of an email to be sent. For this purpose, the marked attachments are automatically packed into a password-protected ZIP archive in the Retarus infrastructure and sent. As soon as we this original email was successfully delivered, Retarus sends another email containing the password to the recipients of the original email. For security reasons and in order to save costs, the password email will be generated only for successfully delivered emails and it is billed as a standard email.
![image-20240508-073536.png](../__attachments/59867143/image-20240508-073536.png?inst-v=318867b3-0306-493e-8e28-129836f54d5d)
Encryption process
With Secure Document Handling you have the possibility to flag which attachments within an JSON-REST-Request should be encrypted.
"attachments":[
{
"name":"name1.txt",
"contentType":"application/octetstream",
"contentId":"xkQleA0s",
"content":"bmFtZQ==",
"secureDocument":"true" //Flag for encryption active
},
{
"name":"name2.pdf",
"contentType":"application/octetstream",
"contentId":"777",
"content":"bmFtZQ=="
//Flag for encryption active
}
]
All flagged attachments will be in encrypted in one password-protected ZIP archive.
Password transmission
For providing a flexible level of security you have the possibility to define which password level should be used, in the JSON REST Request of the original email. You may choose from following password strengths: medium, high or very_high which result in password lengths of 8,10 and 15 characters, respectively.
"secureDocument":{
"active":true,
"filename":"test",
"subjectPrefix":"Password for: <Original email subject - trimmed>",
"password":{
"type":"high"
}
}
Monitoring and event types
Retarus provides status information on every email sent via the API callback (HTTP Push Notifications). You will be informed about newly created events, e.g. delivery status, reasons for undeliverability, blocking of emails to recipients listed in the Suppression List, etc.
Within our API Callback solution, you will be informed as soon the process has finished for sending the password to your end user.
Event/phase | Event/state | Event/type | Event/subType | Description |
---|---|---|---|---|
TRIGGER | POST_DELIVERY | PASSWORD_MAIL | OK | |
TRIGGER | POST_DELIVERY | PASSWORD_MAIL | FAILED | Failed to trigger password email. |
TRIGGER | POST_DELIVERY | PASSWORD_MAIL | NOT_TRIGGERED | Original email was not delivered, password email not triggered. |
JSON Sample
{
"job":{
"referenceJob":"d3aac74b-80a5-46cb-b35c-0d6dc7ccf42f",
"costCenter":"cost-center",
"campaignId":"zOsVEmBBV3TYzTPe",
"features":{
"templating":{
"active":true
},
"antivirus":{
"active":true
},
"secureDocument":{
"active":true,
"filename":"test",
"subjectPrefix":"Password for: <original mail subject - trimmed>",
"password":{
"type":"strong"
}
}
}
},
"subject":{
"contentEncoding":"plain",
"contentTransferEncoding":"base64",
"charset":"UTF-8",
"content":"subject"
},
"body":{
"contentType":"text/html",
"contentEncoding":"quoted-printable",
"contentTransferEncoding":"base64",
"charset":"UTF-8",
"content":"<html><body>hello world</body></html>"
},
"attachments":[
{
"name":"name.pdf",
"contentType":"application/octetstream",
"content":"bmFtZQ==",
"secureDocument":true
},
{
"name":"name.jpg",
"contentType":"application/octetstream",
"content":"bmFtZQ=="
}
],
"recipients":[
{
"mail":{
"to":[
{
"email":"TO_1_Friendly <to1@example.com>"
},
{
"email":"to2@example.com"
}
]
}
}
]
}
contentId will be ignored for files with secure document enabled. The reason is that multiple files can be encrypted together, making this field obsolete for this feature.