Welcome, Guest Login

Support Centre

Account Settings Reference

Last Updated: Sep 06, 2013 05:12PM BST
This article is a reference to all available options in the <accountSettings> section of the mkryptor.exe.config file.

The <accountSettings> section has the following functions:
  1. To specify which email addresses/domains are permitted to use mkryptor.
  2. To specify whether outbound messages should be delivered directly to the recipient mail server or via an SMTP relay/smart-host.
  3. To specify any authentication requirements for connection to an SMTP relay/smart-host.
  4. To specify if a ‘known facts’ database is to be used

The accountSettings section may consist of one or more <accountSetting> elements. For example,

      <accountSetting email="*@company.com" host="" port="25" authType="None" encryption="None"
            username="" password="" databaseId="2direction="external" />
      <accountSetting email="*@company.comhost="mail1.company.comport="25authType="Auto"
            databaseId="2direction="internal" />
Example <accountSettings> section in configuration file

Config Manager

The <AccountSettings> can also be configured using the mkryptor configuration manager GUI. All relevant settings can be found on the Mail Out tab:


Attribute name Description
authType [Optional]
If a ‘host’ has been specified then you can set the authentication method required to connect to the host.
Available options are:
Value Description
Auto mkryptor will negotiate with the ‘host’ to determine the strongest authentication method available. This is the best choice if a specific authentication method is not known
CRAMMD5 A more secure method of authentication, which uses a one-time challenge/response key to encode the password
LOGIN Supply Base64 encoded login credentials.
MSN Not widely used.
None [default]
No authentication
NTLM Offers a more secure authentication method when connecting to Microsoft Windows SMTP servers, such as IIS or Exchange.
PLAIN Sends login credentials as plain text.
databaseid [Optional]
Specifies which Known Facts database to use for the matching ‘email’ sender address(es)..
Must match a valid Database ID from the DatabaseSettings Section.
If blank, no database will be used and all known facts must be specified inline or attached to the email.
Direction [Optional]
It is possible to have different host settings depending on if the email is going to an external recipient or an internal recipient. This is useful in combination with the ‘trusted’ attribute (above), to ensure that replies get passed directly to an internal host, over a secure network.
Available values are:
Value Description
both [default] The specified account settings are for messages going in either direction
external The specified account settings are for external messages only
internal The specified account settings are for internal messages only
domain [Optional]
If an ‘authType’ of “NTLM” has been specified then you will need to supply a windows Domain here.
This attribute is not used for any other authTypes.
email Serves to limit which senders can use mKryptor. Specified as an email address. Any messages received by mkryptor from a sender that does not match at least 1 ‘email’ attribute will be rejected;
Business and Enterprise editions accept both * and ? wildcards before the @ symbol. This allows an entire domain to be specified at once. E.g:
Note:wildcards after the @ are not allowed. E.g., *@*.domain.comwould be invalid.
Personal edition does not allow wildcards. This means that exact addresses must be specified. Up to 5 full addresses are allowed in Personal edition. This is because people often have accounts with multiple email providers. E.g:
Only 1 email address/domain can be specified per accountSetting element. All settings specified in the other attributes of the same accountSetting element will apply to this address only.
It is possible to have one setting for a whole domain, but override the settings for specific users of the domain. To do this you would specify 2 (or more) accountSetting elements and specify the email address(es) that each element refers to.
The best reason for this would be if you had one special user that required their own known facts database. As an example let’s say company.com uses mkryptor for all their staff and has a known facts database that all staff use, except the accounting department, who wish to use a different known facts database with extra facts in. In this example you would create 2 accountSettings elements, one for the general users and one for the accounts mailbox. E.g:
<accountSetting email=”*@company.com” databaseid=”1” />
<accountSetting email=”accounts@company.com” databaseid=”2” />
Note: Mkryptor will always use the closest matching setting available, so the sender ‘accounts@company.com’ would match the accountSetting element for email=”accounts@company.com” and ignore the settings for email=”*@company.com”.
encryption [Optional]
If a ‘host’ has been specified then you can use this attribute to specify the level of encryption that should be used to connect to the ‘host’.
Valid options are:
Value Description
Blank [default]
Ignore. The connection will not be encrypted. Please ensure that other security measures have been taken.
SSL Explicitly use Secure Sockets Layer to encrypt the connection to ‘host’. This will often require ‘port’ to be set to 465
TLS [recommended]
Negotiate a Transport Layer Security connection with ‘host’
Host [Optional]
IP address or FQDN of an SMTP relay
Specifies that all messages for the matching ‘email’ should be sent to the specified SMTP relay for onwards delivery.
If left blank, messages will be delivered directly to the recipients’ mail server (using DNS)
password [Optional]
If an ‘authType’ other than “None” has been specified then you will need to supply a password here
Port [Optional]
If a ‘host’ has been specified, then you can set which TCP port to connect over. Default is port 25 if left blank.
Popular ports are:
Trusted [Optional – default “false”]
This setting is only relevant for secure replies.
If set to “true”, mkryptor will treat your internal network as a secure network, and will automatically decrypt replies for you. The replies will turn up in the sender’s mailbox as a standard email message.
If set to “false”, mkryptor will encrypt replies into a secure PDF. The sender will have to use their ‘ReplyPassword’ to open and read the reply.
username [Optional]
If an ‘authType’ other than “None” has been specified then you will need to supply a username here
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
Invalid characters found