On This Page
The Virtru Hosted Gateway is a hosted secure email gateway that provides Virtru’s data protection and DLP functionality as an MTA endpoint.
The email gateway service encrypts data before leaving or entering your domain, even if the sender does not have Virtru plugins installed or enabled in their email client.
The Hosted Gateway requires no install/config/maintenance and is a component of any compliance initiative requiring data protection.
Some DNS entries are required prior to implementation. Please create these DNS records prior to Gateway setup. These records will need to be created for each domain that will be sending mail through the Hosted Gateway.
- CNAME Records
Created so Virtru can sign DKIM and the virtrugateway.com domain can send on behalf of your domain, please create each CNAME entry below:
- Name: virtrugw._domainkey.<yourdomain>
- Type: CNAME
- Value: virtrugw._domainkey.virtrugateway.com
- Name: virtrugw2._domainkey.<yourdomain>
- Type: CNAME
- Value: virtrugw2._domainkey.virtrugateway.com
- TXT Record
- Created so Virtru can verify domain ownership prior to implementation
- Name: @
- Type: TXT
- Value: virtru-site-verify=<virtru_supplied_random_txt>
Note - GoDaddy, Namecheap, Squarespace
If using GoDaddy as your DNS provider please drop the domain name from the CNAME record name. GoDaddy auto adds domain names so failing to drop the .<yourdomain> noted above will cause the domain to be listed twice in the record.
Go Daddy Screen shot examples:
Note - Route53
If using Route53 as your DNS provider please ensure the Name field is empty when or only contains the subdomain when creating the records.
Route 53 screen shot examples:
The Virtru Hosted Gateway is preconfigured for maximum security and interoperability between systems.
The Virtru Hosted Gateway authenticates inbound traffic via header authentication. The application sending to the Virtru Hosted Gateway must have the ability to add an X-Header.
Virtru will provide the Authentication code.
The Virtru Hosted Gateway uses an X-Header to dictate a decryption request. For every inbound decrypt request, this header must exist.
The Virtru Hosted Gateway will always perform final delivery using the recipient's MX record.