#dominoforever | Product Ideas Portal

 

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

How to prevent user for adding ini parameter Mail_Skip_Nokey_Dialog=1

Mail_Skip_Nokey_Dialog=1 will be set if a user is prompted with an mail encryption failure dialog and selects "Don't show signature or encryption failures again and continue sending".

- is there a policy setting to prevent users from setting Mail_Skip_Nokey_Dialog=1, so that they are always prompted for these kind of failures?
- would it be possible to have a kind of white-list for domains where signature or encryption failures are acceptable?

 

to set Mail_Skip_Nokey_Dialog=0 is just cosmetic, no more than a daily reminder. The user can overwrite this setting with the first mail after he has launched Notes.


I would treat this as weak point/vulnerability, because we can force encryption through a desktop policy but the user is still able to sent unencrypted mail.

  • Guest
  • Jan 23 2020
  • Needs clarification
  • Attach files
  • Guest commented
    27 Jan, 2020 07:49am

    Hi Thomas,

    yes, you are right, the complete request is to ensure that only encrypted mail is sent to specific destinations. 

    The ability to force "Mail_Skip_Nokey_Dialog=0" will support this approach, because the sender will be at least notified about any error.

    The better solution would be to remove the "Send" button from this dialog.

    The perfect solution would be a list field, where administrators can enter Domino and SMTP domains for which encryption is mandatory.

     

    Regards,

    Claus 

  • Admin
    Thomas Hampel commented
    25 Jan, 2020 11:53pm
    This idea is about enforcing all mail to be encrypted or to prevent unencrypted mail from being sent or just to prevent this dialog box?