Gateway based email encryption with Office 365

The use of certificate-based email encryption is still a challenging task for administrators. When you store end-user certificates stored locally on computers, you accept the risk of the user certificates being deleted or overwritten unintentionally.

The use of smart cards helps to mitigate the risks associated with locally stored certificates. But smart cards are too complicated for large and agile companies. The use of smart cards with mobile devices is even more complicated, if not impossible.

Gateway Encryption

A simple and reliable solution is to use encryption and decryption capabilities at the company email gateway(s). This approach allows for:

  • Central management of user and domain certificates or keys
    • S/MIME
    • PGP
  • Central management of digital signage and encryption parameters for email communication with partner companies
  • Encryption of any outgoing email communication regardless of the client used to compose the message:
    • Outlook
    • OWA
    • Outlook on the web
    • Mobile phone
    • Tablet Application
  • Usage of internal eDiscovery solutions as internally stored email communication is still searchable
  • No lost user certificates anymore

Besides the option to import certificates manually, the real benefit is provided by automatic certificate provisioning. By using a certificate authority company account the gateway solution handles certificate requests automatically.

The supported S/MIME certificate authorities are:

  • GlobalSign
  • SwissSign

NoSpamProxy by Net at Work is a gateway solution proving this set of features for on-premise SMTP messaging infrastructures.

Office 365

The advantages provided by NoSpamProxy can be used with Office 365 as well. There is no need to have an Exchange Hybrid configuration ins place to benefit from the NoSpamProxy features. The NoSpamProxy gateway can be configured for the use with Office 365 cloud-only tenants.

The following picture illustrates how NoSpamProxy gateway is integrated into such a scenario.

NoSpamProxy als zentrales Gateway für Exchange Online

External emails are received by the local NoSpamProxy Gateway server and not by Exchange Online (1). The NoSpamProxy gateway handles the messages and sends the messages to Office 365 using an Office 365 connector (2). Outgoing messages to external recipients are sent to the on-premise NoSpamProxy gateway using a dedicated Office 365 Send Connector (3). The NoSpamProxy gateway handles the messages and sends the messages to the external recipients.

Multiple NoSpamProxy gateway servers can be deployed for a redundant setup.


The NoSpamProxy gateway solution provides more than just S/MIME or PGP encryption capabilities. NoSpamProxy is a robust fully-fledged anti-spam solution that rejects spam emails legally compliant. Each message that is not fully received by the company does not need to be archived.

NoSpamProxy features:

  • Legally compliant spam protection
  • Legally compliant email communication using digital signage
  • Protected email communication using password-protected PDF attachments
  • Large attachment support by using a dedicated we portal
  • Geographically dispersed gateways with central management

Want to know more about all NoSpamProxy features?
Not yet an Office 365 customer, but keen to know more about gateway-based encryption and a reliable anti-spam solution?

Get to know more about NoSpamProxy here.

%d Bloggern gefällt das: