Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
121122123124125126127128129130
c Sends the email message to the BlackBerry Enterprise Server
3. The BlackBerry Enterprise Server sends the email to the recipient's inbox.
Data flow: Forwarding an S/MIME-protected email
message that contains attachments that are not
located on a device
On a BlackBerry device that is running BlackBerry 7 or later in a Microsoft Exchange environment, you can use the S/MIME
Attachment Support IT policy rule.
The S/MIME Attachment Support IT policy rule determines how a device responds when a BlackBerry device user sends a
new S/MIME-protected email message with an attachment, forwards an S/MIME-protected email message with an
attachment, or replies to an S/MIME-protected email message with an attachment. By default, this rule is set to the "End-
to-End or Trusted BES" value, which means the device can forward email messages with attachments whether or not the
attachments are located on the device. When the device forwards encrypted email messages that include attachments
that are not located on the device, it uses Trusted BES mode.
1. A user performs the following actions when the user forwards a message:
a Selects whether the message should be signed, encrypted, or signed and encrypted using S/MIME
b If applicable, attaches any new message attachments
c Sends the message
2. The email application on the device performs the following actions:
a Creates a message header that contains information about whether the user wants the forwarded message to be
signed, encrypted, or signed and encrypted using S/MIME. If the original message that the user forwards was
encrypted, the message header includes a key for decrypting the original message.
b Sends the partial message, which includes the new message body, any new attachments that are located on the
device, and the message header, to the BlackBerry Enterprise Server.
3. The BlackBerry Enterprise Server performs the following actions when it receives the partial message:
a Parses the message header
b Obtains the original message and performs one of the following actions:
If the original sender signed the message that a user is forwarding, removes all of the original signatures
If the original sender encrypted the message that a user is forwarding, decrypts the message using the key in
the message header
If the original sender signed and encrypted the message that a user is forwarding, decrypts the message using
the key in the message header and then removes all of the original signatures
Security Technical Overview Extending messaging security to a device
129