About
This document will guide you through the configuration of Virtru Gateway 'catch-all' rules backed by Google infrastructure. With this guide, you will be able to set up your organizations mail flow to route all mail through the Virtru Gateway, mitigating potential data leaks through the use of Virtru DLP.
Assumptions:
- CNAME Records Created so Virtru can sign DKIM and the virtrugateway.com domain can send on behalf of your domain.
- TXT Records Created so Virtru can verify domain ownership prior to implementation.
- Mail Flow The Virtru Hosted Gateway is preconfigured for maximum security and interoperability between systems.
(Example)
- Mail Encryption Trigger:
-
Outbound
Messages
-
- Mail Flow: Gmail > Gateway > Final Delivery
- Authorization
-
X-Virtru-Auth: 00000000000000000000
(Virtru provided)
-
Note
The Authorization Header is specific to your organization and will be provided to you by Virtru.
Jump to:
Rule - Add Host
Rule - Add Compliance Rule
Create Virtru Encryption Rule
Rule - Add Host
Navigate to: Gmail Advanced - General Settings
Then to Hosts
Click the ADD ROUTE
button
Add Route(Host)
- Name:
- Virtru Hosted Gateway Outbound
- Host:
- smtp.virtrugateway.com
- Port
- 587
- Require secure transport (TLS)
- Yes
- Require CA-signed certificate
- Yes
Rule - Add Compliance Rule (Example)
Navigate to: Gmail Advanced - General Settings
Search for Content Compliance
Add Rule
Fill in the appropriate information.
- Name:
Virtru Hosted Gateway Outbound
- Email messages to affect:
Outbound
- If ALL of the following match the message
Add setting
Add expressions that describe the content you want to search for in each message.
Add Setting to Compliance Rule
If All of the following match the message
Add Expression
- Virtru Action
- Advanced Content Match
- Location
- Full Headers
- Match type
- Not Contains Text
- X-Virtru-Encrypt
- Exclude Google Drive shares
- Advance Content Match
- Location
- Envelope Sender
- Match type
- Not Contains Text
- google.com
Diagram
Add Actions
- Modify message
- Add custom header
- X-Virtru-Auth
- 00000000000000000000 (Virtru provided)
- Add custom header
- X-Virtru-Encrypt
- 1
- Change Route
- Virtru Hosted Gateway Outbound
- Add custom header
Diagram
Add Setting
Save the Rule to Gmail
Create Virtru Encryption Rule
Once the message is routed to the Virtru Hosted Gateway, a Virtru DLP Rule must be created and enabled to evaluate the message and encrypt. Each Virtru DLP Rule is evaluated against each message sent to the Virtru Hosted Gateway. The Virtru DLP Rules are shared between the Virtru Hosted Gateway and the Virtru Clients.
To create a rule follow this LINK