Organizations can connect their e-mail infrastructure directly to IncaMail’s MGI (mail gateway integration) service. The incoming and outgoing communication uses encrypted channels. Unlike personal and registered messages, confidential messages can be signed in the mailbox, but are delivered unencrypted and can thus be searched for and archived in the e-mail client. For MGI, a valid SSL certificate is required.
The encrypted communication between the IncaMail service and the e-mail infrastructure takes place via “TLS with mutual authentication”, “enforced TLS” or “domain security”. Depending on the system, the communication can use the IncaMail server directly or an available mail gateway. In this case, “SSL termination” takes place.
IncaMail works with all modern mail systems (mail server or mail gateway), which support the following functions:
- SMTP via port 25 with TLS (if necessary enable via firewall)
- “TLS with mutual authentication”, “enforced TLS” or “domain security” can be activated
- Administration of own SSL certificate for STARTTLS
- Important: only valid certificates from a recognized CA and registered with IncaMail will be accepted. In case of doubt, please contact us.
- Use of root certificate lists for common operating systems or option of registering (Truststore) for the Swisssign certificate of the IncaMail service (e.g. for Cisco Ironport)
- Internet connection without restrictions on TCP port 25
Most common mail servers (e.g. Microsoft Exchange) and mail gateways (e.g. Cisco Ironport, Fortinet Fortimail etc.) satisfy these criteria.
For the following e-mail clients, free MGI add-ins are available:
- Outlook
- Outlook on the web
Notes: for all other e-mail clients (e.g. Apple Mail), the user must attach “.incamail.ch” to the recipient e-mail address, so that the message is delivered by IncaMail.