5 email security, Setting permissions on an email message – HTC Mogul User Manual

Section 8: Working With Company Email and Meeting Appointments 105

8.5 Email Security

Windows Mobile on your device protects your Outlook email through the Secure/Multipurpose Internet Mail
Extension (S/MIME), which allows you to digitally sign and encrypt your messages.

Digitally signing a message applies your certificate with the authorization key to the message. This proves to the
recipient that the message is from you and not from an imposter or a hacker, and that the message has not been
altered.

Encryption protects the privacy of your message by converting it from plain, readable text into cipher (scrambled)
text. Only a recipient who has the authorization key can decipher the message.

Notes:

S/MIME encryption and digital signatures for Windows Mobile devices are available only with
Exchange Server 2003 SP2 or a later version that supports S/MIME. If you are not using one of these
versions, or have not yet synchronized, these options are unavailable.

You can encrypt a message with or without a certificate. However, to read an encrypted message, you
need a valid certificate to decrypt it.

To individually sign and encrypt a new message:

1. Tap Start > Programs > Messaging > Outlook E-mail.

2. Tap Menu > New to create a new message.

3. Tap Menu > Message Options.

4. From the Security list, select whether to encrypt only, sign the message only, or both.

5. Tap OK.

To verify the digital signature on a signed message you receive:

1. Open the Outlook email message that has been digitally signed.

2. At the top of the message, tap View Signature Status.

3. Tap Menu > Check Certificate. To view the details of the certificate in the message, tap Menu > View

Certificate.

Notes

There can be several reasons why a digital signature is not valid. For example, the sender’s certificate
may have expired, it may have been revoked by the certificate authority, or the server that verifies the
certificate may be unavailable. Contact the sender to report the problem.

To digitally sign and encrypt all messages:

You can set up ActiveSync to digitally sign and encrypt all outgoing messages. You must obtain a valid
certificate to sign and encrypt email messages successfully.

1. Tap Start > Programs > ActiveSync.

2. Tap Menu > Options.

3. Select the E-mail information type, and tap Settings. On the E-mail Sync Options screen, tap Advanced.

4. Do one or both of the following:

To sign all your outgoing email messages so that recipients can be certain that the messages were

sent by you and have not been altered in any way, select the Sign all outgoing e-mail messages
check box.

To encrypt all your outgoing email messages so that the contents of your messages are protected

from being viewed by anyone other than the intended recipients, select the Encrypt all outgoing
e-mail messages check box.

5. Tap Choose Certificate to select a certificate for signing or encrypting outgoing email messages.

Setting Permissions on an Email Message

Another way of protecting your email messages is to send messages with restricted permissions using
Information Rights Management (IRM).

Note:

This works only with a Microsoft Outlook email account and if your company is using RMS Server SP1.

1. Tap Start > Programs > Messaging > Outlook E-mail.

2. Create a message, and then tap Menu > Message Options.

3. In Permissions, do one of the following:

To allow anyone to read the message, select Unrestricted access.

To prevent the message from being forwarded, printed, or copied, select Do not forward.

4. Tap OK.

Tip:

An IRM-protected message received on your device can only be replied to or forwarded if the message
permits it.