1. Home
  2. Docs
  3. General
  4. DLP rules & policies guide
  5. Additional information – policies

Additional information – policies

Encrypt Message Content

When this policy is enabled, the “Encrypt Message Content” method will be enabled by default when composing new emails via the Trustifi add-in or web app.

When this policy is enabled in “strict” mode, the “Encrypt Message Content” method will be enabled and users cannot disable it. In “strict” mode, all emails sent using the email relay will have content encryption enabled by default.


Require Authentication

When this policy is enabled, the “Require Authentication” method will be enabled by default when composing new emails via the Trustifi add-in or web app.

When this policy is enabled in “strict” mode, the “Require Authentication” method will be enabled and users cannot disable it. In “strict” mode, all emails sent using the email relay will have multi-factor authentication enabled by default.


Authentication methods allowed

This policy allows admins to select which of the 4 possible authentication methods should be allowed to use in encrypted emails with MFA: (1) phone, (2) password, (3) email, (4) SSO.
Note: The “Email” method is used as a default in cases where the recipient does not have a registered phone number. If this method is disabled then on those cases, the email will fail to send, and the sender will be notified.


Attachments Encryption Policy

This policy dictates whether attachments should be automatically encrypted based on sensitive content found in files. There are 3 options to select from:

  1. Encrypt from sensitivity threshold
    Attachments will be encrypted if the content found within matches a score equal to or above the selected score.
  2. Always encrypt attachments
    Attachments in sent emails will always be encrypted
  3. Never encrypt attachments
    Attachments in sent emails will never be automatically encrypted, unless a DLP rule is triggered

Email expiration

To enable a default time of email expiration, click on the toggle next to “Email expires in” and set a number value in the “days” field.

This will set a default expiration times for all outgoing emails under your Trustifi plan.

After an encrypted email has reached its expiration time, it will no longer be available to the recipient and will be deleted from the sender’s email history.


Block outbound emails to blocklisted recipients

Outbound emails sent to addresses or domains in your inbound global blocklist will be automatically blocked


Block outbound emails for attachments types

Emails containing the selected attachments types will be automatically blocked. You may chose any or all of the following:

  • Macros
  • Scripts
  • Executables

Attachment expiration

To set an expiration time for attachments sent by your users, click on the toggle next to “Delete attachments in” and set a number value in the “days” field.

Once an attachment reaches its expiration time, it will no longer be available to the recipient and will be deleted from the sender’s storage.


Track Links

When enabled, all links in sent emails will have tracking enabled so the sender can see if and when an email’s recipient has clicked on any of the links inside.


Allow Updating Messages

Allows enders to update the content and attachments of encrypted emails after they’ve been sent.


Allow print

Recipients will be able to print the content of the encrypted email


Block Inappropriate Content

Emails containing inappropriate content such as nudity, violence and drug use (in text or picture form) will be blocked and quarantined. These emails can then be reviewed and released by an admin.


Block Malicious Content

Emails containing malicious content such as links and attachments will be blocked and quarantined (This feature cannot be disabled).
These emails can then be reviewed and released by an admin.


Retention Policy

Admins can decide how long their users’ emails and attachments will be retained in Trustifi’s secure servers. Once an email or attachment has passed the configured retention period, it will be permanently deleted.
Longest retention period allowed is 7 years.

How can we help?