Outbound Direct Delivery

Introduction

A Zivver message sent to a recipient without a Zivver account is delivered as a notification email. This means that the content and attachments of the message remain encrypted on the Zivver platform, while the recipient’s inbox receives a notification email to open the secure message on the Zivver platform. In some cases this can be problematic, for instance when there is an automated process to handle incoming messages.

Solution

With Outbound Direct Delivery (ODD), Zivver messages to specified domains are delivered directly to the inbox. A prerequisite for ODD is that the receiving mail server adheres to certain security measures, such as TLS 1.2 or higher and a certificate from a trusted authority (PKIX certificate). If the receiving mail server fails these security checks, Zivver will fall back to sending a notification message.

Enable Outbound Direct Delivery

You need Administrator rights in Zivver (Full admin or Policy admin roles if RBAC is enabled for your organization) in order to enable this feature.

In your Zivver administrator console, go to Policies > Outbound Direct Delivery. There are two ways to add domains which will activate ODD for these domains:

  1. Type or paste the domains in the text field under Add domains manually. After saving, the feature will be activated.
  2. Click under Add domains via external text files. This allows you to enter a URL to an online file that contains the domains you want to enable ODD for. This method is mainly intended to facilitate easy management of domains that are hosted and maintained by a 3rd-party supplier.
Warning

Important impact

Direct delivery affects important functionality:

  • Revoking a directly delivered message is not possible; similarly, an expiry date will not work for directly delivered messages.
  • The read indicator will show the message as opened immediately after sending, since Zivver cannot register when the message is opened within the recipient’s mailbox.

Please note

  • Only entire domains can be set up for direct delivery, not individual recipients.
  • The minimum security level for the receiving mail server is TLS 1.2 or higher, and it must have a certificate from a trusted authority (PKIX certificate).
  • The content of external files hosting domains is read by Zivver once every 24 hours. Only add links to sites that are trusted.
  • If a link to an external file is unavailable or its content cannot be read, a previously successfully retrieved version of this domain list will be used for up to 7 days in case of consecutive failures. After 7 days of consecutive failures, Outbound Direct Delivery will no longer work for these domains (removal of a list is instantaneous).