The VIPRE SecureMail COM Add-in for Outlook verifies which of your recipients are secured or unsecured and allows you to send digital posts. Properly configuring the SecureMail plugin is essential to fully utilizing it and ensuring it meets your organization's specific needs. This process involves setting up various aspects of SecureMail to align with the desired functionality. 

Install & Configure Plugin

1. Navigate to the VIPRE Email Security portal and click SecureMail on the left menu
2. Click on plug-in
3. At the top of the page, click Download Outlook Add-in
4. This will present you with two options: 32-bit or 64-bit; choose the correct version for your installed Outlook Agent to download and run the installer
5. Click the + plus sign next to Add new profile
6. Configure SecureMail using the settings guide below:
   • Name your profile as desired
   • General
     • Send Secure toggled by default (default is yes)
       • If this is enabled, the button is turned on by default. However, the user can disable it in the email-sending process if they want to send an insecure message.
     • Force ‘Send Secure’ to always be on
       • If this is enabled, the button cannot be deactivated by either a user or an administrator.
     • Always remove insecure recipients from the email (default is no)
       • If this is enabled, insecure recipients will be removed from the email when sending the email.
     • Use automatic SafePortal / Portal? (default is no)
       • If this is enabled, emails to insecure recipients are sent to SafePortal, where they only receive a login to our SafePortal instead of sending the email insecurely. Note that this requires the purchase of the SafePortal product.
     • Show force to SafePortal / Portal (default is no)
       • If this is enabled, an extra button is added that allows forcing to SafePortal, even if the recipient is considered secure. Note that this requires the purchase of the SafePortal product.
     • Treat Exchange addresses (X400 / X500) as internal when they cannot be looked up (fallback)
       • If this is enabled, X400 and X500 exchange addresses are interpreted as internal if our plugin check cannot look them up.
     • Show a warning dialog when trying to send encrypted emails to a MOCES certificate (employee certificate)
       • If this is enabled, the user is given the option to choose whether to continue sending to an employee certificate or just send TLS encrypted.
     • Require TLS for encrypted emails and warn if it is missing
       • If this is enabled, TLS is required for the recipient even if they are on the tunnel mail list, and the email is encrypted against the certificate.
     • Allow to cache AD settings (on the user's drive)
       • If this is enabled, the plugin saves the settings from ActiveDirectory on the user's PC and refers to them if the user is not connected to AD.
     • Minimum Security Level
       • Choose the minimum security level (what is the minimum level that should be categorized as secure); if you do not consider TLS 1.2 secure enough, you have the option to enforce a higher security level, e.g., Encrypted (certificate), Tunnel (tunnel mail list), or Secure recipient (SafePortal). However, this can also be used to define lower requirements, such as allowing sending to insecure recipients without warning.
   • Certificate Types
     • Allow VOCES? (company certificate)
       • If this is enabled, we will encrypt to a company certificate if such a certificate exists. Even with this disabled, we still encrypt to Tunnelmail, which also requires company certificates.
     • Allow MOCES? (employee certificate)
       • If this is enabled, we will encrypt to an employee certificate if such a certificate exists.
   • Functional Mailboxes
     • From the dropdown, choose the certificate alias from all uploaded certificates that the user should be able to encrypt from. If multiple certificates have been chosen as your functional mailbox, provide a display name to identify the certificate easily.
   • Digital Post
     • Ignore exempt recipient(s) (default is yes: Digital Post reports people as exempt if they have not logged into Digital Post)
       • A user is exempt from digital post if either they have never logged on before, or they have specifically been removed from receiving digital post. In some cases, they should still be able to receive. Therefore, we have added an option to ignore this, so the mail still gets delivered even if they are exempt.
     • Set "may recipient(s) reply" by default
       • Check this if you want a recipient/citizen to be able to reply to your DigitalPost.
     • Can the user look up the recipient's name
       • If this is enabled and your company has an agreement with CPR, you can look up
         • For example, 010101-0101 belonging to Anders Andersen. The previous is just an example and not a real CPR number.
   • Sender Systems
     • Click the plus (+) icon to add sender systems for this configuration
   • Advanced
     • Show Advanced View
       • In Advanced View, you can see to which security level the email is encrypted. Below are the two different views: 
         • Advanced
         • Non-Advanced
     • Remove internal recipient(s) from the processing instructions
       • If this is enabled, your internal recipients are removed from the processing instructions. This significantly reduces the instances of forwarding emails internally and receiving "Unable to process recipient, no processing instructions specified for this recipient." If an email that was sent as secure mail is forwarded, there are already instructions in place. If these do not match the sender, we stop the email without a checkmark here.
   • Limits
     • Secure Recipients Lookup Rate
       • This adds a maximum number of recipients being looked up at once, including direct recipients, CC, BCC, etc. If, for example, ten is written in this field, and you are sending to 50, the SecureMail plugin will look up the first ten, and then the next ten, and so on, until all 50 have been looked up.
     • Banned Subject Words
       • If a word is inserted here, such as CPR, the user will receive a warning if they try to send an email with a subject containing CPR. They then have the option to send it anyway or cancel.
     • Warn if the subject contains a CPR
       • If this is checked, we will also look for CPR numbers in the following format(s): XXXXXXXXXX and/or XXXXXX-XXXX
7. Save at the bottom and then scroll back to the top to export your profile and create the configuration file
8. Add to the configuration folder located at C:\ProgramData\VIPRESecureMail
   • If the folder does not exist after installing the plug-in, you can go to ProgramData and create it yourself.

Using SecureMail COM Add-in

When sending an email message, after you add recipients, the VIPRE SecureMail plugin does a look-up to tell you which recipients are considered "secure", and which are not, based on the settings you configured.

Plugin Options/Actions

• Click Secure Recipient(s) or Insecure Recipient(s) in the top left to see full lists of all recipients
• Send Securely: Clicking this turns the SecureMail plugin on/off (unless it has been configured to always be turned on)
• Digital Post: Clicking this presents you with a pop-up that allows you to send your digital post
  • Provide the CPR/CVR number you want to send to
  • Select Lookup Name to get the name of the entity you’re sending to
  • Select a Contact Point, depending on which area of the company you’re trying to contact
  • Answer the next four questions with checkmarks as desired
  • Choose the Primary Document; if including multiple attachments to the digital post, choose one as the primary to be shown as the email body to the user receiving the digital post, and other attachments will be just regular attachments
  • Click Continue to return to the email message and send it as normal

Find Help

If you have any questions, contact us at dk.support@vipre.com.