Decrypt Bcc Emails

Security analysts benefit from decryption of incoming emails, even if the recipient address is in the blind carbon copy (Bcc) field because it allows them to decrypt mails that contain a STORM mail address as recipient in the blind carbon copy field.

Setup

To following setup is needed for using with S/MIME:

  • The setting SMIME::Decrypt::Methods###Email searches for certificates that match email addresses inside the mail. This setting is enabled by default.
  • The setting SMIME::Decrypt::Methods###System searches for certificates that match email addresses defined as system addresses. This setting is also enabled by default.
  • The setting SMIME::Decrypt::Methods###All searches for all available S/MIME certificates to try to decrypt (brute force, disabled by default). It can be enabled for testing. In productive systems if the system has several certificates it is not recommended due to performance issues.

For PGP no additional settings are needed.

Usage

Send encrypted an email encripted with PGP or S/MIME from your personal account to the email address configured in OTRS but only using the blind carbon copy (Bcc) field (do not fill in the To or the Cc field). Go to the ticket detail view of the new ticket and the articles should be correctly decrypted.

Decrypted Bcc Email Example

Decrypted Bcc Email Example