In a ticket the owner has to get information like a password for login or login data for a new colleague. In our Zammad the ticket owner gets an e-mail when a new public entry has been made. And this mail also includes the text of the entry (“you have news - login to Zammad” is not enough in our company).
If the ticket owner is not at work at that moment he/she normally has the Out-of-Office-function in Outlook activated and also a forwarding rule will be activated. So the mail with possible login credentials could be seen by other people.
A mail marked as private will not be forwarded. So if the ticket owner is not at work normally I would send the infos for example with a password via an private mail in Outlook and would mention this in the ticket. But I 1st have to check if the owner is online or not.
It would be great if there is a selection under the note input field to activate “private mail” for this note. Zammad would have to flag the e-mail originated from this note with the “private” flag. (To send every mail from Zammad as “private” would also be not okay, cause there are tickets were it is totally okay that a mail with the infos will be forwarded)
It was not clear to me that this is Microsoft specific I have to admit.
We found it by accident that a “private” message was not forwarded via Out-of-Office. And I sent a testmail from a webmail address to an internal mailaddress with activated OOF. And this also did not get forwarded.
I seams that it is the sensitivity-entry in mail-headers. Found this on MSFAQ.de - site is in german:
Sensitivity:
The sensitivity header, if present, indicates the requested privacy level. The case-insensitive values “Personal” and “Private” are specified. If no privacy is requested, this field is omitted. If a sensitivity header is present in the message, a conformant system MUST prohibit the recipient from forwarding this message to any other User. If the receiving system does not support privacy and the sensitivity is one of “Personal” or “Private”, the message MUST be returned to the sender with an appropriate error code indicating that privacy could not be assured and that the message was not delivered.
Quelle: RFC1911 Voice Profile für Internet Mail
It is mentioned that this header is only found in “experimental RFC”.
Encrypted mails internal will not work for us. We use a gateway solution for mail encryption with external recipients. Internal mails are not encrypted.
Would it be possible to get a 3rd state for a note? Now there is “public” and “internal”. If I use “public” the owner will get the e-mail incl. the text from the note. This will be okay in 90% of the time. Would it be possible to add a 3rd possibility and if this is somehow activated from the agent the owner will only receive the mail with “new information was added to your ticket. Please log in to Zammad to get the newest information” (something like that).
Agent-Notifications should be sent from a noreply-Address. Even Microsoft (hopefully?!) should be capable of NOT responding to noreply-Aliases…? I’m sure these Forward-Rules can also rule something like that out if one would want it?