Mechanism processing secure messages

Secure messages including encrypted and digitally signed messages are fragile in terms of modifications applied to their body (writing about the message body we also mean the attachments included). As a result, some of the actions performed on these messages can either damage the encryption or invalidate a digital sign. However, CodeTwo Exchange Rules Pro is equipped with the secure messages processing mechanism that lets you process actions (exceptions apply) for both above mentioned types of secure messages keeping them encrypted and valid.


Be aware that not all encryption and digital signatures standards are supported - see Supported platforms and requirements article.


Note that the program processes both types of secure messages by default. It means that if the conditions set in rules are met then both types of these messages will be processed by the program yet have the applicable actions applied. However, you can exclude either of the secure messages' types from processing by choosing the Secure message type in the Exceptions tab in your rules. On the other hand, if you want to instruct the program to execute actions set in rules only on secure messages (excluding other types of messages such as new emails, replies, etc.), go to the Conditions tab in these rules and configure the Secure message type condition.

The mechanism responsible for processing secure messages validates all actions configured in rules and divides these actions for those that:

If all actions defined in a particular rule can be applied to secure messages, they are executed directly on these messages. As a result, the original secure messages with applied actions are sent.

If, however, the mechanism detects at least one action in a particular rule that is potentially harmful to secure messages, it handles such actions by creating so-called envelope messages in the following way:

  1. First, the mechanism executes applicable actions on secure messages and then creates the envelopes.
  2. The original sender, recipient(s) and subject properties from secure messages are being copied to the envelopes.
  3. The same actions that were executed on secure messages are now being executed on the envelopes.
  4. Next, the program executes the rest of actions harmful to secure messages on envelopes.
  5. Last but not least, the mechanism adds secure messages to the envelopes as attachments.
  6. After that, the envelopes including attached secure messages are sent.

Learn how to adjust the template of envelopes

It may also happen at times that some of the actions can neither be executed on secure messages nor the envelopes. In such a case, the program ignores them and executes only valid actions. If all actions, in turn, cannot be applied to secure messages and envelopes, then the original secure messages are sent intact.

The table below shows which actions are performed directly on secure messages, which of them impose creating the envelopes and which ones are excluded from processing:

Action Secure message Envelope
Add recipient Green tick.   Yes Green tick.   Yes
Block message Green tick.   Yes Green tick.   Yes
Modify subject Green tick.   Yes Green tick.   Yes
Rewrite sender's address Green tick.   Yes Green tick.   Yes
Auto respond * Green tick.   Yes Green tick.   Yes
Forward message * Green tick.   Yes Green tick.   Yes
Add attachment    No Green tick.   Yes
Apply full composition X    No Green tick.   Yes
Insert disclaimer X    No Green tick.   Yes
Insert signature X    No Green tick.   Yes
Compress attachments X    No X    No
Force email format X    No X    No
Remove keywords X    No X    No
Remove sensitive content X    No X    No
Remove themes and stationery X    No X    No
Strip / dump attachments X    No    No

Despite the fact that the Auto respond and the Forward message actions can be applied to both secure and envelope messages, they are executed only on one of these messages at once. Such a solution ensures that these actions are not duplicated (messages are not sent twice to the same recipient). The decision to execute these actions whether on secure messages or envelopes is determined by the presence of at least one other action defined in a particular rule that can only be processed on envelope messages.

Study the examples below to get a better understanding in what scenarios the aforementioned actions will be applied to secure or envelope messages:

  • If there is only the Auto respond or the Forward message action set in a rule, then one of these actions is applied to a secure message.
  • If there are only both the Auto respond and the Forward message actions set in a rule, then they are applied to a secure message.
  • If there are either the Auto respond or / and the Forward message actions set in a rule and there is at least one other action that requires creation of the envelope message, then the Auto respond or / and the Forward message actions are applied to the envelope. The rest of actions if present, in turn, are executed in one of the patterns described above.

Was this information useful?