About
This document will guide you through the configuration of Virtru Gateway rules backed by Gmail infrastructure.
Assumptions:
- CNAME Records Created so Virtru can sign DKIM and the virtrugateway.com domain can send on behalf of your domain.
- TXT Records Created so Virtru can verify domain ownership prior to implementation.
- Mail Flow The Virtru Hosted Gateway is preconfigured for maximum security and interoperability between systems.
(Example)
- Mail Encryption Trigger:
#secure#
in SubjectOutbound
Messages
- Mail Flow: Gmail > Gateway > Final Delivery
- Authorization
X-Virtru-Auth: 00000000000000000000
(Virtru provided)
Note
The Authorization Header is specific to your organization and will be provided to you by Virtru.
Jump to:
Diagram of Standard Mailflow
Rule - Add Host
Rule - Add Compliance Rule
Create Virtru Encryption Rule
Diagram of Standard Mailflow
Rule - Add Host
Navigate to: Gmail Advanced - General Settings
Then to Hosts
Click the ADD ROUTE
button
Add Route(Host)
- Name:
- Virtru Hosted Gateway Outbound
- Host:
- smtp.virtrugateway.com
- Port
- 587
- Require secure transport (TLS)
- Yes
- Require CA-signed certificate
- Yes
Rule - Add Compliance Rule (Example)
Navigate to: Gmail Advanced - General Settings
Search for Content Compliance
Add Rule
Fill in the appropriate information.
- Name:
Virtru Hosted Gateway Outbound
- Email messages to affect:
Outbound
- If ALL of the following match the message
Add setting
Add expressions that describe the content you want to search for in each message.
Add Setting
If All of the following match the message
Add Expression
Add
- Subject Contains #secure#
- Advanced Content Match
- Location
- Subject
- Match type
- Contains Text
- Content
- #secure#
- Virtru Action
- Advanced Content Match
- Location
- Full Headers
- Match type
- Not Contains Text
- X-Virtru-Encrypt
- Exclude Google Drive shares
- Advance Content Match
- Location
- Envelope Sender
- Match type
- Not Contains Text
- google.com
Diagram
Add Actions
- Modify message
- Add custom header
- X-Virtru-Auth
- 00000000000000000000 (Virtru provided)
- Add custom header
- X-Virtru-Encrypt
- 1
- Change Route
- Virtru Hosted Gateway Outbound
- Add custom header
Diagram
Add Setting
Save the Rule to Gmail
Create Virtru Encryption Rule
Once the message is routed to the Virtru Hosted Gateway, a Virtru DLP Rule must be created and enabled to evaluate the message and encrypt. Each Virtru DLP Rule is evaluated against each message sent to the Virtru Hosted Gateway. The Virtru DLP Rules are shared between the Virtru Hosted Gateway and the Virtru Clients.
To create a rule follow this LINK