Email Encryption

Download pdf

TLS Encryption

Many email providers, such as Gmail, use TLS security protocols as a standard for receiving encrypted emails. Read the overview for TLS encryption, and watch the short video for a full understanding of this option. When an encrypted message is sent via TLS, it will be decrypted at the server level, and therefore does not require the recipient to input a password to access it.

Overview of TLS:
Transport Layer Security (TLS) is essentially server-2-server encryption. This setting is NOT enabled by default.

When TLS is enabled on our Control Panel for a customer’s account, messages are always sent secure to RPost, we then use our TLS detection service to determine if the recipients mail server has TLS enabled.
If TLS is NOT detected, the messages are sent according to normal encryption settings (IE auto password email with senders password or system generated password).
IF TLS IS detected, the message is delivered securely all the way to the mail server. The message is decrypted at the mail server and is sent to the recipients mailbox unencrypted with no password requirement. The message is marked with the RPost banner and is clearly identified as being “transmitted encrypted”.


Setting User Defined Password

RPost has two methods of creating passwords for encrypted emails; providing the user with a random system generated password, or the user is able to provide his or her own password. Typically, the default setting is to have a system generated password created. To change this so the user can create their own password, follow the steps below:

1. When composing an email, select “Encrypt” and “Custom”.
2. Now, input the desired encryption password into the box, and select the “Email custom password” box if you wish to have this password sent to the recipient.



Signature Validity Error

When opening a document with a digital signature in Adobe Reader, there is an error that the “Signature validity is unknown” (pictured below). Follow the steps below to resolve.
sig 1

1. In the PDF window, select the Signature icon available on the left pane and then under the Signature Details section, select “Certificate Details” option:
sig 2

2. On the Certificate Viewer window, navigate to the “Trust” tab and select the “Add to Trusted Identities” button:
sig 3

3. A security warning popup would appear, select OK on the popup to continue.
sig 4

4. On the new popup, Import Contact Settings, check all the check boxes available under “Certified documents” section:
sig 5

5. Select the OK button on this popup.
6. Then select the OK button on the Certificate Viewer popup.
7. Close the file/PDF reader and open the PDF file again.


Mac PDF Viewer

Mac Preview will only display the body of the email but not the attachments within the encrypted message.  The message must be opened with Adobe Reader Version 7.0 and higher. There is a link inside the encrypted message to do this. Once Adobe Reader is installed, be sure to download the encrypted message and open it view Adobe Reader, not inside the web browser.


Missing or Wrong Password

When sending an encrypted email with RPost®, the sender has the option to create their own password, or use an RPost® system generated password. They also have the option if they would like this password to be sent in an email prior to the encrypted email, or not. If the email with the password is lost, or the password was never sent at all, use the link in the email to create or retrieve the password.

If there are any further issues, follow these steps:

1. Check your email inbox for an email from RPost sent shortly before with the password in it highlighted in yellow. It should say “An encrypted message has been sent to you and will arrive in your inbox in the next few minutes” and below it will display the password highlighted in yellow.
2. If this email can’t be located, click on the link that says “To retrieve the password or create your own password for future RPost encrypted messages click here.” If you don’t see this text in the email, you must contact the sender for the password, which will be in their inbox.

3. If neither sender nor recipient can locate the password, it must be resent.
4. Always confirm that, and are Whitelisted or added to safe sender list because there is the possibly that an overzealous filter could have quarantined the password email.

Here is a video on getting a duplicate password. It will also show you how to setup a permanent password for all FUTURE emails.


Accessing Encrypted Attachments

As with all RPost encrypted email messages, Adobe Reader needs to be the default PDF viewer used when opening the message and its attachments. The same goes for web based email providers, except the PDF attachment needs to be downloaded first, then opened using Adobe Reader. Each encrypted email has a link to Adobe Reader if the recipient does not already have it on their computer. Please follow the steps below to open encrypted emails and attachments in Chrome:

1. “Download” the PDF attachment.

2. At the bottom of the web browser, please select the arrow next to the PDF download and select “Always open in Adobe Reader”.

3. Then, click on the PDF, and input password given by recipient if needed.

4. On the left hand side, select the paper clip and the attachments will be accessible.