Problem with the encryption on domain rule

Gateway
1

Hi,

I´m using the latest djigzo on a CentOS 6.3. I have a domain with a certificate to encrypt, but none of the mails which are going through the gateway are encrypted. Here is the log output, maybe somebody can tell me why it´s not working:

26 Oct 2012 16:09:43 | INFO incoming | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; Remote address: 192.168.1.35; Recipients: [test(a)encrypt.de]; Subject: test ; Message-ID: <EB6653A813FDF14F96405E552D11AC860277DBCE(a)server.internal.lan>; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO Subject filter is disabled for the sender; MailID: 0121f9cf-f632-4077-a39e-ce065089269c (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO postSubjectFilter state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO external state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO DLP is disabled for the sender; MailID: 0121f9cf-f632-4077-a39e-ce065089269c (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO postDLP state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO "subject trigger" is disabled for the sender; MailID: 0121f9cf-f632-4077-a39e-ce065089269c (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO checkForceEncryptHeader state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO "force encrypt header trigger" is disabled for the sender; MailID: 0121f9cf-f632-4077-a39e-ce065089269c (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO checkEncryptMode state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO "encrypt mode" is force for the recipient(s); MailID: 0121f9cf-f632-4077-a39e-ce065089269c (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO checkSMIME state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO checkPDFEncrypt state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO PDF encryption is disabled for the recipient(s); MailID: 0121f9cf-f632-4077-a39e-ce065089269c (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO checkMustEncrypt state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO Force signing not allowed for sender; MailID: 0121f9cf-f632-4077-a39e-ce065089269c (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO checkSMIMESign state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO "only sign when encrypt" is enabled for the sender. S/MIME signing will be skipped; MailID: 0121f9cf-f632-4077-a39e-ce065089269c (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO transport state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; Remote address: 192.168.1.35; Recipients: [test(a)encrypt.de]; Subject: test ; Message-ID: <EB6653A813FDF14F96405E552D11AC860277DBCE(a)server.internal.lan>; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:47 | INFO Cleaning Key Cache. Cache size: 0 (mitm.common.cache.KeyCacheImpl) [KeyCacheImpl Thread]

Any suggestions are welcome

Kind regards

fatcharly

2

A couple of questions

1. Can you check whether you have selected the certificate as encryption
certificate for the external domain?

2. Is the domain certificate trusted? i.e., not shown with a gray
background but with a white background?

3. I see that you have set encrypt mode to "Force". That might be on
purpose but if your intention is to have mandatory encryption when
sending to that domain, you should set encrypt mode to "Mandatory"

Kind regards,

Martijn

···

On 10/26/2012 04:33 PM, fatcharly(a)gmx.de wrote:

I´m using the latest djigzo on a CentOS 6.3. I have a domain with a certificate to encrypt, but none of the mails which are going through the gateway are encrypted. Here is the log output, maybe somebody can tell me why it´s not working:

26 Oct 2012 16:09:43 | INFO incoming | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; Remote address: 192.168.1.35; Recipients: [test(a)encrypt.de]; Subject: test ; Message-ID: <EB6653A813FDF14F96405E552D11AC860277DBCE(a)server.internal.lan>; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO Subject filter is disabled for the sender; MailID: 0121f9cf-f632-4077-a39e-ce065089269c (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO postSubjectFilter state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO external state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO DLP is disabled for the sender; MailID: 0121f9cf-f632-4077-a39e-ce065089269c (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO postDLP state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO "subject trigger" is disabled for the sender; MailID: 0121f9cf-f632-4077-a39e-ce065089269c (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO checkForceEncryptHeader state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO "force encrypt header trigger" is disabled for the sender; MailID: 0121f9cf-f632-4077-a39e-ce065089269c (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO checkEncryptMode state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO "encrypt mode" is force for the recipient(s); MailID: 0121f9cf-f632-4077-a39e-ce065089269c (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO checkSMIME state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO checkPDFEncrypt state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO PDF encryption is disabled for the recipient(s); MailID: 0121f9cf-f632-4077-a39e-ce065089269c (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO checkMustEncrypt state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO Force signing not allowed for sender; MailID: 0121f9cf-f632-4077-a39e-ce065089269c (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO checkSMIMESign state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO "only sign when encrypt" is enabled for the sender. S/MIME signing will be skipped; MailID: 0121f9cf-f632-4077-a39e-ce065089269c (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
26 Oct 2012 16:09:43 | INFO transport state | MailID: 0121f9cf-f632-4077-a39e-ce065089269c; Originator: name.name(a)company.de; Sender: name.name(a)company.de; Remote address: 192.168.1.35; Recipients: [test(a)encrypt.de]; Subject: test ; Message-ID: <EB6653A813FDF14F96405E552D11AC860277DBCE(a)server.internal.lan>; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
26 Oct 2012 16:09:47 | INFO Cleaning Key Cache. Cache size: 0 (mitm.common.cache.KeyCacheImpl) [KeyCacheImpl Thread]

--
DJIGZO email encryption