The approaches described in this section could be pursued, but are not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated herein, the approaches described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section.
Existing email gateway decryption systems that process decrypted messages typically focus on enabling secure communications of messages between sites or gateways using a pre-arranged encryption and decryption key, or using an asymmetric pair of a public key and a private key. These systems do not enable an organization to identify and facilitate the decryption of messages that are encrypted for individuals and received by the email gateway. It is becoming increasingly common for organizations to receive inbound messages that are encrypted for individual recipients in their domain. These systems also do not enable an organization to monitor, enforce, or process outbound encrypted messages. As a result, enterprises lack complete control over what is leaving their networks when the content is encrypted.
The risk of potentially dangerous software, such as viruses or malware, to be delivered via email is high, which is why organizations generally screen their inbound email to block messages that are suspected of containing malicious software. If a message is encrypted for an individual, this type of screening is not possible because the content of the message is encrypted and the screening software cannot apply analytical methods to the content. Since the encrypted message could contain dangerous software, representing a security threat to the organization, some organizations will not allow encrypted content to be delivered to their users. Another troublesome aspect of receiving encrypted messages/documents is that it makes it difficult to enable effective email archive content searching. E-discovery and other regulatory compliance requirements are hindered when encrypted messages are cannot be decrypted for archival or compliance purposes. Finally, in environments that need to monitor outbound content for data leakage prevention purposes, encrypted messages prevent the monitoring or enforcement systems to perform their functions. This is problematic, since many business communications must be encrypted to comply with certain laws.