About this article
This article contains questions and answers covering the general functionality of the Templafy Email Signature Server.
- Are emails sent between the Email Signature Server and Microsoft 365 Exchange Online secure?
- Are email signatures distributed securely to the Email Signature Server?
- Does the Email Signature Server support Shared Mailboxes?
- Are separate Email Signature Servers required for Desktop and Mobile?
- Does the Email Signature Server remove any signatures that users have created in Outlook Web App, Mac email clients, or mobile devices?
- What antispam measures does Templafy Email Signature Server support?
- Is the data encrypted in transit and at rest?
- Is there vulnerability testing conducted on the Email Signature Server?
- Where can I find more information security and data protection information relating to the Email Signature Server?
- Are Microsoft "Enhanced Filtering for Connectors" supported?
- What are the data flows?
Are emails sent between the Email Signature Server and Microsoft 365 Exchange Online secure?
Yes. The X.509 TLS security certificates that are configured in the Email Signature Server implementation are used to establish an encrypted channel on SMTP port 25 for transfer of the emails between Exchange Online and the Email Signature Server.
Reference:
Are email signatures distributed securely to the Email Signature Server?
Yes. Templafy uses Shared Access Signature (also known as SAS Links) which is a native secure service in Azure Storage for distributing the generated HTMLs in Templafy to the Blob storage of the Email Signature Server.
This is applicable for both Templafy Email Signature Server Hosting versions:
- Client Hosted
- Templafy Hosted
Reference:
Does the Email Signature Server support Shared Mailboxes?
Yes. There are various configuration options available to have signatures appended by either the Outlook Add-in or the Email Signature Server.
Are separate Email Signature Servers required for Desktop and Mobile?
No, email signature server is device agnostic meaning specific adaptations are not required to implement email signatures on both desktop and mobile devices. It's recommended to keep the templates simple to load correctly on small screens such as mobile devices.
Does the Email Signature Server remove any signatures that users have created in Outlook Web App, Mac email clients, or mobile devices?
Custom email signatures created by users in the Outlook Web App, on a Mac computer, or on a mobile device will need to be removed by the user or the Organization Administrator.
Default signatures that an email software client may attach (e.g., "Sent from my iPhone") are automatically replaced by the Email Signature Server signature.
Reference:
What antispam measures does Templafy Email Signature Server support?
Templafy Email Signature Server supports:
- DKIM
- SPF
- DMARC
Is the data encrypted in transit and at rest?
Yes. All data residing in blob and table storages is encrypted at rest using Azure’s PaaS default encryption standard. All data in transit is encrypted using HTTPS TLS 1.2 throughout, including calls between the Email Signature Server and Exchange within Azure.
Is there vulnerability testing conducted on the Email Signature Server?
Yes. Penetration testing is conducted twice a year on the application and architecture. Latest results are available upon request. Furthermore, 24/7 monitoring is carried out using Azure Defender. An incident management process is established to react in a timely manner to any security alerts.
Where can I find more information security and data protection information relating to the Email Signature Server?
Templafy is ISO/IEC 27001:2017 certified and delivers SOC 2 type II reports upon request. Both these cover the Email Signature Server amongst the other modules in scope. In addition, The Email Signature Server service is governed by the Data Processing Agreement and the Service Level Agreement outlined in the SaaS Agreement.
Are Microsoft "Enhanced Filtering for Connectors" supported?
At this time we cannot recommend enabling Enhanced Filtering for Connectors on the Templafy Inbound connector. There are various edge cases and reports from many Microsoft customers of issues involving failed SPF lookups with this feature enabled.
What are the data flows?
Type | Direction | Protocol/port | Encrypted transfer/storage | Storage | |
Data flows |
E-mails | Inbound | SMTP 25 | Yes TLS 1.2 /N/A | None |
Processed E-mails |
Outbound | SMTP 25 | Yes TLS 1.2/N/A | None | |
E-mail signatures | Inbound | HTTPS 443 | Yes/Yes |
Customer Local Storage or Customer Cloud Storage (E.g. Azure Storage on Customer Azure Subscription) |
Comments
0 comments
Article is closed for comments.