Frequently Asked Questions
Secure Web Mail eMail Justification:
The Personal Information Protection Act, which went into effect on July 1, 2009, has resulted in changes to the way the State of Alaska conducts business with agency partners, contractors and the public. Though the Act doesn’t indicate encryption is required, it’s essentially the only appropriate way to guarantee information is secure while in transit and is a prudent measure in ensuring the un-tampered with delivery of Personal Identifiable Information and Electronic Protected Health Information.
Why did I receive a Secure Web Mail eMail with SecureMessage.html as an attachment from the State of Alaska?
The sender has sent you content which has been identified by the State of Alaska to require encryption when leaving the Alaska.gov address space and your receiving Email service isn’t configured to require communications be passed using TLS or other encrypted tunnel technology exclusively.
The data I received doesn’t appear to contain any SSN’s or Credit Card numbers. Why did this message encrypt?
There are several reasons your email may have encrypted even though it didn’t appear to contain any Personal Identifiable Information. Reasons we’ve seen range from html coded coordinates within the stationary of the message which may be perceived as a credit card number to Excel cells being merged and considered a single string of text. If a cell has a 3 digit number (123) followed by another cell with 2 digits (45) and the next cell contains 4 digits (6789), then together this looks like 123 45 6789 and that string matches a pattern defined for the scanning engine. If you’d like the specific reason, please contact the message originator and have them initiate a ticket asking for a justification for the encryption action.
It appears I received a Secure eMail from the State of Alaska but rather than SecureMessage.html my attachment contains a .att extension.
This is due to your mail domain restricting .html attachments. You can either contact your organizations mail administrators to have them enable the receiving of .html attachments globally or at least from the Alaska.gov domain, or you can contact the sender and attempt to find another means of transporting the data.
As it’s noted on the bottom of your notification message, if you’d prefer to receive these communications un-encrypted please contact the State of Alaska Service Center and request “that a TLS connection be configured for your email domain.” You’ll need to provide the Service Center with the domain information for which you receive email, such as firstname.lastname@example.org.
What is a Secure Envelope / Message / Email?
The State of Alaska uses email encryption to safely transmit the email’s content across the Internet. Email encryption is similar to a letter being placed into an envelope and sealed. We scramble the information inside the email (including attachments) and send it. The recipient has a software encryption key (their password) that allows them to open (unseal) the message.
Do I need any special software to view Secure Web Mail eMails sent by the State of Alaska?
No. The system utilizes a combination of email and html. Therefore, if you have email of any kind and are able to access the Internet, you have everything you need to use the McAfee Email Secure Web Delivery Service.
Do I need a Username and Password to open Secure Web Mail eMail?
Yes. Your username is your Email address and is created when you register with the Cisco Registered Envelope Service upon receiving your first Secure email. You determine your password, taking into account the complexity requirements displayed on the screen, when you register.
Why, when I click on the attachment to open it, does my text editor open and display code?
Your computer is configured to open .html files in an editor by default. Within Windows Explorer under Tools | Folder Options, select the File Types tab and scroll through the Registered file types list until you get to HTML and click the change button. Select Internet Explorer or Firefox under Recommended Programs, or click Browse to navigate to your preferred browser. Alternatively, you can save and drag the attachment into a browser window if you’d prefer to leave your file associations as they are.
I can’t remember the password I used to register with the McAfee Email Secure Web Delivery Service.
When attempting to open a Secure Web Mail eMail, directly under the password field, you have a “Forgotten your password?” link. Click the link and follow the on screen instructions. Note that you must have already registered to have forgotten a previously configured password. Without first registering, Secure Web Mail eMail can’t determine where to send your temporary password, which would be valid for a limited time.
Even though I’ve registered with the McAfee Email Secure Web Service and know my password, I can’t retrieve my Secure Web Mail eMail.
Re-execute the attachment from the locally saved location. You should have a “Password:” field to enter your password with a “Sign In” button to click once your password is entered.
Do I have to create an account (register) with Secure Web Mail eMail for every email account I receive Secure Web Mail eMails to?
Yes. If your secure envelope doesn’t contain a password field and “Sign In” button, you’ll most likely be presented with a WELCOME message with an “Activate your personal account” button. This is an indication that you haven’t registered with Secure Web Mail email from the address in the To: field of the secure envelope.
What if I want to change my password?
Navigate to the interface via the link or SecureMessage.html attachment included with your Secure Web Mail eMail notification email and log in. Click on the “Account” gear icon on the upper right. Under the “Password Reset”, enter your old password in the “Old password” field and your new password in the “Create password” field and “Confirm password”. At the bottom click the “Save” button.
Can I send a Secure eMail to the State of Alaska?
Yes and No. You can only access the Secure Web Mail eMail interface and log in via the link or SecureMessage.html attachment included when you initially received a Secure Web Mail eMail. If you’ve never received a Secure Web Mail eMail and don’t have an account you’ll need to first receive one. Ask your SOA contact to send you a Secure WebMail eMail so you can either reply securely, or initiate Secure Web Mail eMails from interface. The reason the email is secure is because the URL is within the State of Alaska WAN. You’re composing the message contents through an AES 256bit encrypted SSL established connection to the interface. The actual message and content, since it’s within the SOA environment is not encrypted, though the transmission through the Internet to the Secure Web Mail eMail system is. In summary, though the message is not encrypted, its transmission is and this configuration meets the need for secure transmission.
Can I reply back to the original sender of the Secure Web Mail eMail in a secure manner?
Yes. Once you’ve opened a Secure Web Mail eMail, simply hit the “Reply” button and provide your correspondence within the field provided. You may not add additional recipients to a reply unless they’re within the Alaska.gov domain.
Why can’t I specify additional addresses to my Secure Reply All?
This configuration has been decided against in an effort to mitigate personal information dissemination and State of Alaska resource abuse. The ability to specify additional recipients at Alaska.gov shouldn’t be infringed.
Why can’t I forward a Secure eMail except to Alaska.gov recipients?
This configuration has been decided against in an effort to mitigate personal information dissemination and State of Alaska resource abuse. The ability to forward the message to recipients at Alaska.gov shouldn’t be infringed.
Can I send/receive attachments through the Secure Web Mail eMail Interface?
Yes. The body of the email and all attachments are encrypted when you log in and generate a Secure Web Mail eMail through the URL linked within the email received. The maximum message size with attachments is 20mb.
What is the largest attachment I can send through the Secure Web Mail eMail Interface?
When you initiate a Secure Web Mail eMail via the Secure Web Mail eMail URL linked within the email received, each attachment is limited to 20mb with total message size limited to 20mb. Remember, although these size restrictions are specific to the Secure Web Mail eMail (State of Alaska) side of the email equation, the recipient domain may have more restrictive limitations for overall message size and respond with a 552 NDR (Non Delivery Report) in accordance with RFC2821.
What type and level of Email encryption is used in Secure Web Mail eMail Center Emails?
AES 256bit encryption.
Will I be able to save an attachment to my computer?
Yes. Once you’ve created an account and authenticated with the McAfee Email Secure Web Delivery Service you can retrieve and save your attachments to your computer’s hard drive. Those documents will not require a password to open. However, the Secure Web Mail eMail will always remain encrypted and require you to enter your password each time you open it.
When I click on the link embedded in the notification message from McAfee Email Gateway, I get a browser not supported message, with a click button to proceed. How do I fix that?
Unfortunately, McAfee Email Gateway Secure Web Mail is currently not supported with Internet Explorer Version 11. The Email Gateway Secure Web Mail site will allow you proceed with the configuration; however there may not be available functions once you continue. The current workaround is to add "alaska.gov" to your Internet Explorer Version 11 "Compatibility View settings" located under the gear symbol located (by default) on the right side of your IE 11 browser. Once you add "alaska.gov" you should close the current open window displaying the warning and re-launch from the link embedded in the original notification message.
The Secure Web Mail notification messages gets caught by SPAM filters for recipients.
Some recipient email client or domain SPAM filters could identify the notification email from Secure Web Mail as SPAM. This can be solved by adding the sender "email@example.com" as an approved sender for your mail client and/or mail provider domain. The reasons the Secure Web Mail notifications are identified as SPAM are numerous, likely causes are that the notification email looks like it is from the original sender but is actually sent from email address "firstname.lastname@example.org" thus it could be considered a 'spoofed' email, or the recipient mail domain SPAM filter might identify messages with embedded links as SPAM.