Orange colored text describes functional differences in previous 3.x releases

...

When enabled, emails that are sent to users to recover access to Confluence will always be sent unencrypted. Use this if your users should be able to reset their password in Confluence. Note that this might not be useful if user credentials are managed outside of Confluence.

When enabled, the following types of emails are exempt

• initial user invite
• request to reset the password

Prior to version 3.6, this option was not available.

...

This section allows you to configure how to handle email signatures.

Image RemovedImage Added

Sign emails

When selected, S/Notify will attempt to sign all outgoing emails using an appropriate PGP key or S/MIME certificate retrieved from the key store(s) provided in Server Key Management. The PGP key or S/MIME certificate must be issued for signing purposes as well as for the sender email address. This is the email address configured under Mail Servers.

...

Prior to version 3.1, intermediate certificates were not included.

Opaque S/MIME signatures

When selected, S/Notify uses so-called opaque S/MIME signatures instead of detached or clear-text signatures. With opaque signatures, the message contents is encoded and cannot be read in email clients that do not support opaque signatures.Therefore, we recommend not to use opaque signatures unless necessary.

Some email servers, especially MS Outlook servers, are known to reformat emails. This will break detached signatures, because the receiving email client will (rightly) complain about the message having been tampered with. This problem can only be avoided by the use of opaque signatures.

Prior to version 4.0, opaque signatures could only be enabled via the Advanced Settings dialog.

Advanced Settings

On the top right, there is a button that takes you to Advanced Settings. Our customer service might ask you to enter specific values here for special customizing or trouble shooting purposes. 

...