Background

From Encryption Settings, you can switch to Advanced Settings from the top right button for some specific configuration options. These are options that did not make it into the user interface yet for different reasons. Most of them are too specific, so they make sense only in special scenarios, and we did not want to clutter the user interface with options that are useless for the vast majority of users.

Below we describe those we consider useful for more than just one client.

Usage

Advanced Settings are configured with simple key/value properties. You enter the key and a value as explained below and save them, then the option will become effective.

If you delete the key, the default behavior will become effective again.

Customize Problem Report

If encryption is not possible and you have set the Encryption Fallback behavior to Do not allow unencrypted notifications - send problem report instead, then there are currently two options available to customize that problem report.

Key reportAdditionalText

Purpose

This property allows you to add your own text to the built-in problem report. Your custom contents will be added at the end of the email.

Value

The value must be a path and filename of a file as seen from the Jira or Confluence instance.

The file must contains the text that you want to add to the error report. It can include HTML tags, and we recommend to escape special characters using their respective HTML entities. The contents will be included within the HTML body of the email.

Default

The default is to append nothing to the problem report.

Key reportReplaceText

Introduced in Jira and Confluence release 3.6, as well as Bitbucket release 1.1

Purpose

This property allows you to completely replace the built-in problem report by your own contents. Note that, if you have configured Include links to the Jira issue or Confluence page resp., these links will also be replaced by your custom contents.

Value

The value must be a path and filename of a file as seen from the Jira or Confluence instance.

The file must contain the full contents of your custom error report in HTML format. We recommend to escape special characters using their respective HTML entities. The contents will be used as the HTML body of the email.

Default

The default is to use the built-in problem report.

Exempt From Encryption By Contents

Key skipEncryptionRegex

Purpose

This property allows you exempt emails from encryption when they contain a specific text pattern.

If you have special requirements that cannot be met using Per-project or Per-space Encryption and/or the Exemption Whitelist, then this property allows you to specify a RegEx pattern that is applied to each outgoing email. When the pattern matches, then encryption is skipped for this email. If the email has been quoted-printable (MIME) encoded, it is automatically decoded before applying the pattern to it.

The pattern is applied using multiline matching. We recommend https://regex101.com for testing your RegEx patterns.

Value

As the value, enter the RegEx pattern. The pattern length may not exceed 255 characters as of now.

Default

The default is not to skip encryption.

Alternate S/MIME Signature Method

Key smimeOpaqueSign

Purpose

This property allows you to change the way outgoing emails are signed when using S/MIME. By default, S/Notify creates cleartext signatures (Content-type: multipart/signed). Usually, these are the preferred type of signature because the contents remains readable even for clients that do not support signatures like many webmail clients (unless the email is also encrypted, of course).

However, it is known that some mail server products (Microsoft Exchange Server might be only one of them) reformat email contents which leads to a (correct) error message at the receiving client that the message has been tampered with. Note that this issue can occur only when the email is not also encrypted.

That is where opaque signatures are helpful (Content-type: application/pkcs7-mime with SignedData). With opaque signatures, the contents is encoded within the signature which effectively prevents reformatting.

Value

This is a boolean property. So the value must be either one of

• true - opaque signatures are used

• false - cleartext signatures are used

Default

The default value is false.

Support Incoming PGP/Inline

Introduced in S/Notify for Jira release 3.6

Key pgpInlineSupport

Purpose

There are two formats for PGP encrypted emails: PGP/MIME and PGP/Inline. Because there are several problems with PGP/Inline (see https://savignano.atlassian.net/wiki/spaces/SNOTIFY/pages/1356005377/PGP#PGP%2Finline-vs.-PGP%2FMIME for details), S/Notify usually only supports PGP/MIME.

However, sometimes incoming email is in PGP/Inline format, and there may be reasons why it is not possible to switch to PGP/MIME. This property enables support for PGP/Inline in incoming emails to Jira, so they can be decrypted.

If you have configured S/Notify under Encryptions Settings > Incoming Emails to Add indicators to descriptions and comments created from incoming emails, you should be aware that PGP/Inline emails may be only partly encrypted or partly signed. In theses case, they will be appear marked encrypted or signed resp. with no way to tell the difference.

Value

This is a boolean property. So the value must be either one of

• true - PGP/Inline emails will be decrypted and/or signatures checked

• false - PGP/Inline are not processed (i.e. passed on unchanged)

Default

The default value is false.