Uploaded image for project: 'Jira Server and Data Center'
  1. Jira Server and Data Center
  2. JRASERVER-43585

Enabling encrypted mail notifications



    • 33
    • 6
    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.


      NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.


      Some of my customers are highly concerned about securing JIRA/Confluence. While accesing the tools can be easily secured through SSL a security painpont are the notfication mails. Enabling TLS for the mail server is useless in most scenarios as this only secures the transport to the next hop.

      So how to deal with it. The first strategy is to customize the mail templates and strip all content that is not allowed to be deliverd through insecure networks. There are some tickets in JIRA and confluence about this matter. However customizing the templates is to much administration as this needs to check after each update/upgrade of the tool. In addition the users really love the notifications, and stripping all content is not of much help to them.

      The second strategy applies to a scenario where mails to some domains could be delivered without any concern (e.g. secure internal domain) and some mails to external suppliers needs to be dropped or filtered. In this case I recommend my customers to setup an postfix after queue filter to do the trick - which works pretty well.


      There should be a flag in the notification scheme which says "Send mails to the user only if he or she has provided a valid mail certificate". In the user profile there would be an upload feature, so that the user can upload or update his public mail certificate (as selfservice - so no additional administration efforts in caretaking of certificates). And of course if the flag is set, the mail sent would be encrypted and signed by JIRA/Confluence and if the user has not stored a certificate he gets nothing (or an advice to store a mail certificate in his profile).


        Issue Links



              Unassigned Unassigned
              286d5d3682de Stefan Schubert
              51 Vote for this issue
              35 Start watching this issue