I got a request to not only sign emails sent to external recipients but also to users on the same mailserver, internal users.
The use case isn’t exactly clear yet but it seems to be primarily down to the little ribbon showing in Outlook. A secondary reason is the fact that the ribbon would proof that the email hasn’t been altered.
Is there any way to always apply S/MIME signatures no matter if a domain is internal or external?
If internal email must be signed as well, you need to change the mail flow configuration file (config.xml).
The main issue getting internal email to be signed is that in most email setups, internal email is only handled locally by the mail server, i.e., email sent between internal users is not relayed via an external gateway (in this case the CipherMail gateway). I think with O365, it’s possible to configure this. With Exchange on-premises this requires a specialized transport (plugin)
Thanks Martijn, you are right about the O365 and on-premises. Given that the opportunity would have been about on-premises I have declined the request. Too little value for too much effort in my opinion. But good to know it’s possible and also where this is configured.