Secure Document Handling (REST only)
Secure Document Handling enhances your security standards for transmitting business-critical documents securely via email. Before sending, Retarus encrypts the documents and, in a separate process, sends the password to ensure that only authorized recipients can access the content.
This feature is only available with the AntiVirus x2 Attachment-Scan.
This feature can’t be used in combination with the Message Signing feature.
Secure Document Handling encrypts file attachments in outgoing emails by automatically packaging the marked attachments into a password-protected ZIP archive within the Retarus infrastructure before sending. Once the original email is successfully delivered, Retarus sends a separate email containing the password to the recipients of the original message. For security and cost-efficiency, the password email is generated only for successfully delivered messages and is billed as a standard email.
Encryption process
With Secure Document Handling you have the possibility to flag which attachments within an JSON-REST-Request should be encrypted.
"attachments":[
{
"name":"name1.txt",
"contentType":"application/octetstream",
"contentId":"xkQleA0s",
"content":"bmFtZQ==",
"secureDocument":"true" //Flag for encryption active
},
{
"name":"name2.pdf",
"contentType":"application/octetstream",
"contentId":"777",
"content":"bmFtZQ=="
//Flag for encryption active
}
]All flagged attachments will be in encrypted in one password-protected ZIP archive.
Password transmission
For providing a flexible level of security you have the possibility to define which password level should be used, in the JSON REST Request of the original email. You may choose from following password strengths: medium, high or very_high which result in password lengths of 8,10 and 15 characters, respectively.
"secureDocument":{
"active":true,
"filename":"test",
"subjectPrefix":"Password for: <Original email subject - trimmed>",
"password":{
"type":"high"
}
}Monitoring and event types
Retarus provides status information on every email sent via the API callback (HTTP Push Notifications). You will be informed about newly created events, e.g. delivery status, reasons for undeliverability, blocking of emails to recipients listed in the Suppression List, etc.
Within our API Callback solution, you will be informed as soon the process has finished for sending the password to your end user.
Event/phase | Event/state | Event/type | Event/subType | Description |
|---|---|---|---|---|
TRIGGER | POST_DELIVERY | PASSWORD_MAIL | OK | |
TRIGGER | POST_DELIVERY | PASSWORD_MAIL | FAILED | Failed to trigger password email. |
TRIGGER | POST_DELIVERY | PASSWORD_MAIL | NOT_TRIGGERED | Original email was not delivered, password email not triggered. |
JSON Sample
{
"job":{
"referenceJob":"d3aac74b-80a5-46cb-b35c-0d6dc7ccf42f",
"costCenter":"cost-center",
"campaignId":"zOsVEmBBV3TYzTPe",
"features":{
"templating":{
"active":true
},
"antivirus":{
"active":true
},
"secureDocument":{
"active":true,
"filename":"test",
"subjectPrefix":"Password for: <original mail subject - trimmed>",
"password":{
"type":"strong"
}
}
}
},
"subject":{
"contentEncoding":"plain",
"contentTransferEncoding":"base64",
"charset":"UTF-8",
"content":"subject"
},
"body":{
"contentType":"text/html",
"contentEncoding":"quoted-printable",
"contentTransferEncoding":"base64",
"charset":"UTF-8",
"content":"<html><body>hello world</body></html>"
},
"attachments":[
{
"name":"name.pdf",
"contentType":"application/octetstream",
"content":"bmFtZQ==",
"secureDocument":true
},
{
"name":"name.jpg",
"contentType":"application/octetstream",
"content":"bmFtZQ=="
}
],
"recipients":[
{
"mail":{
"to":[
{
"email":"TO_1_Friendly <to1@example.com>"
},
{
"email":"to2@example.com"
}
]
}
}
]
}contentId will be ignored for files with secure document enabled. The reason is that multiple files can be encrypted together, making this field obsolete for this feature.