We have an automatic reporting and notification system written in .net that sends emails with plain text. We are having to encrypt the messages that we send our clients.
The possible implementation approaches we have:
- Send messages as S/Mime email with attachments.
- Plain text email with that just contains a link to a web site that will display the message over https.
It seems like S/Mime is a simpler solution, as we won’t need to create the web application or secure it.
Our concern is our interoperability with our clients email clients and more importantly their email filtering software.
Has anyone had success or issues deploying a Secure MIME messaging solution?
Given the wealth of different clients people use these days for email, like BlackBerry, Iphone, Android, Samsung, Nokia, Thunderbird, Outlook (Express), Apple Mail, web mail etc, I would go for the web application over https. It does take an extra step of clicking the link, and logging in, but it could be used from a lot more devices without extra configuration steps.