Security analysts benefit from decryption of incoming emails, even if the recipient address is in the blind carbon copy (Bcc) field because it allows them to decrypt mails that contain a STORM mail address as recipient in the blind carbon copy field.
Setup
To following setup is needed for using with S/MIME:
-
The setting
SMIME::Decrypt::Methods###Emailsearches for certificates that match email addresses inside the mail. This setting is enabled by default. -
The setting
SMIME::Decrypt::Methods###Systemsearches for certificates that match email addresses defined as system addresses. This setting is also enabled by default. -
The setting
SMIME::Decrypt::Methods###Allsearches for all available S/MIME certificates to try to decrypt (brute force, disabled by default). It can be enabled for testing. In productive systems if the system has several certificates it is not recommended due to performance issues.
For PGP no additional settings are needed.
Usage
Send an email encrypted with PGP or S/MIME from your personal account to the email address configured in OTRS but using the blind carbon copy (Bcc) field only (do not fill in the To or the Cc field). Go to the ticket detail view of the new ticket and the article should be correctly decrypted.
