Seald: documentation

English

Français

English

Français

Smart assistant

Seald Smart assistant is a DLP (Data Loss Protection) engine, allowing to implement a rule system to detect sensitive emails and prevent their sending without protection.

How it works for the user

When the user sends an e-mail, it will be analyzed by the script mentioned below to offer the user several choices depending on the case:

Rules can be configured to propose or force the user to encrypt attachments only or the body of mail and attachments. The user can exceed the recommended rules. Forced rules block sending without proper encryption.

Rules deployment

The smart assistant uses a rules file, written in javascript. The script must be named rules.js, and placed at the root of the Seald configuration folder, at the following path:

  • Windows: %APPDATA%\Seald\
  • macOS : ~/Library/Application Support/Seald/
  • Linux: ~/.config/Seald/

Once the rule file is installed, it is necessary to restart the application for the modification to be taken into account.

Enabling the feature

The smart assistant can be enabled/disabled from the extension's options menu. It can also be configured programmatically by modifying the extension configuration.

Coding the script

Script example

A script example can be downloaded here and can be used directly here.

How it works

The script is in Javascript format (the standard library of Node.JS 12 is available) and communicates with the desktop application by IPC. Here is the skeleton that must be followed to customize the script:

javascript
const CLEARTEXT = 0
const ENCRYPTED_ATTACHMENTS_ONLY = 1
const ENCRYPTED_BODY_AND_ATTACHMENTS = 2

process.on('message', ({ to = [], cc = [], cci = [], subject = '', body = '', attachments = [] }) => {
  try {
    // Write here the steps to determine the sensitivity of the shipment to the format:
    const result = {
      // This is the minimum forced level.
      // If it is at ENCRYPTED_ATTACHMENTS_ONLY then the user will be required to encrypt at least the attachments.
      // If it is at ENCRYPTED_BODY_AND_ATTACHMENTS then the user will be required to encrypt mail body and attachments.
      levelForced: CLEARTEXT,

      // This is the minimum recommended level.
      // If it is at ENCRYPTED_ATTACHMENTS_ONLY then the user will be offered to encrypt at least the attachments.
      // If it is at ENCRYPTED_BODY_AND_ATTACHMENTS then the user will be offered to encrypt mail bodies and
      // attachments.
      levelRecommended: ENCRYPTED_BODY_AND_ATTACHMENTS,

      // This is the list of information to be retranscribed to the user in the window that will be displayed. This is
      // not used to trigger the window display.
      matches: [{
        levelRecommended: ENCRYPTED_BODY_AND_ATTACHMENTS,
        message: 'It seems that your message contains confidential information.'
      }]
    }
    process.send({ code: 0, data: result })
    process.exit(0)
  } catch (error) {
    process.send({ code: 1, data: error.stack })
    process.exit(1)
  }
})
const CLEARTEXT = 0
const ENCRYPTED_ATTACHMENTS_ONLY = 1
const ENCRYPTED_BODY_AND_ATTACHMENTS = 2

process.on('message', ({ to = [], cc = [], cci = [], subject = '', body = '', attachments = [] }) => {
  try {
    // Write here the steps to determine the sensitivity of the shipment to the format:
    const result = {
      // This is the minimum forced level.
      // If it is at ENCRYPTED_ATTACHMENTS_ONLY then the user will be required to encrypt at least the attachments.
      // If it is at ENCRYPTED_BODY_AND_ATTACHMENTS then the user will be required to encrypt mail body and attachments.
      levelForced: CLEARTEXT,

      // This is the minimum recommended level.
      // If it is at ENCRYPTED_ATTACHMENTS_ONLY then the user will be offered to encrypt at least the attachments.
      // If it is at ENCRYPTED_BODY_AND_ATTACHMENTS then the user will be offered to encrypt mail bodies and
      // attachments.
      levelRecommended: ENCRYPTED_BODY_AND_ATTACHMENTS,

      // This is the list of information to be retranscribed to the user in the window that will be displayed. This is
      // not used to trigger the window display.
      matches: [{
        levelRecommended: ENCRYPTED_BODY_AND_ATTACHMENTS,
        message: 'It seems that your message contains confidential information.'
      }]
    }
    process.send({ code: 0, data: result })
    process.exit(0)
  } catch (error) {
    process.send({ code: 1, data: error.stack })
    process.exit(1)
  }
})