Product Documentation

Citrix Secure Mail

Nov 21, 2017

Citrix Secure Mail lets users manage their email, calendars and contacts on their mobile phones and tablets. To maintain continuity from Microsoft Outlook or IBM Notes accounts, Secure Mail syncs with Microsoft Exchange Server and IBM Notes Traveler Server.

As part of the Citrix suite of apps, Secure Mail benefits from single sign-on (SSO) compatibility with Citrix Secure Hub. After users sign on to Secure Hub, they can move seamlessly into Secure Mail without having to reenter their user names and passwords. You can configure Secure Mail to be pushed to users' devices automatically when the devices enroll in Secure Hub, or users can add the app from the Store.

Important

The MDX Toolkit 10.7.10 is the final release that supports the wrapping of XenMobile Apps. Users access XenMobile Apps versions 10.7.5 and later from the public app stores. For table listing the XenMobile Apps enterprise versions that you can wrap with the MDX Toolkit 10.7.10, see the Enterprise delivery of XenMobile Apps section in XenMobile Apps administration and delivery.

To begin, download Secure Mail and other XenMobile components from XenMobile Downloads

For Secure Mail and other XenMobile App system requirements, see System requirements for XenMobile Apps

Deploying Secure Mail as an enterprise app

The MDX Toolkit 10.7.10 is the final release that supports the wrapping of XenMobile Apps. Users access XenMobile Apps versions 10.7.5 and later from the public app stores. For table listing the XenMobile Apps enterprise versions that you can wrap with the MDX Toolkit 10.7.10, see the Enterprise delivery of XenMobile Apps section in XenMobile Apps administration and delivery.

Citrix will support both enterprise distribution and public app store distribution until December 31, 2017. After that, only public app store distribution will be supported. The MDX Toolkit will continue to support enterprise wrapping for app developers.

To deploy Secure Mail with XenMobile as an enterprise app, follow these general steps:

  1. You can integrate Secure Mail with an Exchange Server or IBM Notes Traveler Server to keep Secure Mail in sync with Microsoft Exchange or IBM Notes. If you use IBM Notes, configure the IBM Notes Traveler server. The configuration uses Active Directory credentials to authenticate to Exchange or the IBM Notes Traveler server. For details, see Integrating Exchange Server or IBM Notes Traveler Server.
  2. You can optionally enable SSO from Secure Hub. To do so, you configure ShareFile account information in XenMobile to enable XenMobile as a SAML identity provider for ShareFile. The configuration uses Active Directory credentials to authenticate to ShareFile.

    Configuring the ShareFile account information in XenMobile is a one-time setup used for all Citrix clients, ShareFile clients, and non-MDX ShareFile clients. For details, see To configure ShareFile account information in XenMobile for SSO.

  3. Download Secure Mail from the Citrix Downloads site and then wrap Secure Mail. For details, see About the MDX Toolkit.

Add Secure Mail to XenMobile and configure MDX policies. For details, see Add an MDX app. For details about Secure Mail policies, see the articles under MDX Policies at a Glance.

Note: As of Secure Mail version 10.6.5, you can configure a new MDX analytics policy for Secure Mail for iOS and Android. Citrix collects analytics data to improve product quality.T he Google Analytics level of detail policy allows you to specify whether the data collected can be associated with your company domain or collected anonymously. Selecting Anonymous opts users out of including the company domain with the data that is collected. This new policy replaces an earlier Google analytics policy. 

When the policy is set to anonymous, we collect the following types of data. We have absolutely no way to link this data to an individual user or company because we do not request user identifiable information. No personally identifiable information is sent to Google.

  • Device statistics, such as the operating system version, app version, and device model
  • Platform information, such as ActiveSync version and Secure Mail server version
  • Failure points for product quality like APNs registrations, mail sync failures, mail send failures, attachment download failures, calendar sync failures, and so on

Note that other than company domain, no other identifiable information is collected when the policy is set to Complete. Default is Complete.

Quick links to sections in this article

Microsoft IRM support

Secure Mail for Android and Secure Mail for iOS support messages protected with Microsoft Information Rights Management (IRM), subject to the configured IRM policy.

This feature allows organizations use IRM to apply persistent protection to messaging content and allows mobile device users to be able to create and consume IRM-protected content. By default IRM support is Off. To enable IRM support, set the Information Rights Management policy to On.

Secure Mail supports the following template attributes:

Important: Attachments are not included in IRM support.

Attribute Label in Secure Mail Description
ContentExpiryDate No expiration

or the expiration date

Allows you to purge the body and attachments of the email message when the ContentExpiryDate has passed. Additionally, Secure Mail provides the ability to fetch the content again from the server.
EditAllowed Edit Content Specifies whether the user can modify the email message when the user forwards, replies, or replies all to the message.
ExportAllowed   Specifies whether the user can remove the IRM protection on the email message.
ExtractAllowed Copy Content Specifies whether the user can copy content out of the email messages.
ForwardAllowed Forward Specifies whether the user is allowed to forward the email message.
ModifyRecipientsAllowed Modify Recipients Specifies whether the user can modify the recipient list when the user forwards or replies to the email message.
ProgrammaticAccessAllowed Send to Other Apps Specifies whether the contents of the email message can be accessed programmatically by third-party applications.
ReplyAllAllowed Reply All Specifies whether the user can reply to all of the recipients of the original email message.
ReplyAllowed Reply Specifies whether the user is allowed to reply to the email message.


Users see the following Restrictions screen.

Secure Mail IRM Restrictions screen

Some organizations may require strict adherence to their IRM policy. Users with access to Secure Mail may attempt to bypass the IRM policy by tampering with Secure Mail, the operating system, or even the hardware platform.

Although XenMobile can detect certain attacks, you may want to consider the following precautionary measures to increase security:

  • Review the security guidance supplied by the device vendor.
  • Configure devices accordingly, using XenMobile capabilities or otherwise.
  • Provide guidance to your users for the appropriate use of IRM features, including Secure Mail.
  • Deploy additional third-party security software to resist this type of attack.

Email security classifications

Secure Mail for iOS and Android supports email classification markings, enabling users to specify security (SEC) and dissemination limiting markers (DLM) when sending emails. SEC markings include Protected, Confidential, and Secret. DLM includes Sensitive, Legal or Personal. When composing an email, a Secure Mail user can select a marking to indicate the classification level of the email, as shown in the following images.

Security classification link in Secure Mail

Security classification list in Secure Mail

Recipients can view the classification marking in the email subject. For example:

Subject: Planning [SEC = PROTECTED, DLM = Sensitive]
Subject: Planning [DLM = Sensitive]
Subject: Planning [SEC = UNCLASSIFIED]

Email headers include classification markings as an Internet Message Header Extension, shown in bold in this example:

Date: Fri, 01 May 2015 12:34:50 +530
Subject: Planning [SEC = PROTECTED, DLM = Sensitive]
Priority: normal
X-Priority: normal X-Protective-Marking: VER-2012.3, NS=gov.au,SEC = PROTECTED, DLM = Sensitive,ORIGIN=operations@example.com
From: operations@example.com

To: Team <mylist@example.com>
MIME-Version: 1.0 Content-Type: multipart/ alternative;boundary="_com.example.email_6428E5E4-9DB3-4133-9F48-155913E39A980"

Secure Mail only displays classification markings. The app does not take any actions based on those markings.

When a user replies to or forwards an email that has classification markings, the SEC and DLM values default to those of the original email. The user can choose a different marking. Secure Mail does not validate such changes in relation to the original email.

You configure email classification markings through the following MDX policies.

Email classification
If On, Secure Mail supports email classification markings for SEC and DLM. Classification markings appear in email headers as "X-Protective-Marking" values. Be sure to configure the related email classification policies. Default value is Off.

Email classification namespace
Specifies the classification namespace that is required in the email header by the classification standard used. For example, the namespace "gov.au" appears in the header as "NS=gov.au". Default value is empty.

Email classification version
Specifies the classification version that is required in the email header by the classification standard used. For example, the version "2012.3" appears in the header as "VER=2012.3". Default value is empty.

Default email classification
Specifies the protective marking that Secure Mail applies to an email if a user does not choose a marking. This value must be in the list for the Email classification markings policy. Default value is UNOFFICIAL.

Email classification markings
Specifies the classification markings to be made available to users. If the list is empty, Secure Mail does not include a list of protective markings. The markings list contains value pairs that are separated by semicolons. Each pair includes the list value that appears in Secure Mail and the marking value that is the text appended to the email subject and header in Secure Mail. For example, in the marking pair"UNOFFICIAL,SEC=UNOFFICIAL;", the list value is "UNOFFICIAL" and the marking value is "SEC=UNOFFICIAL".

Default value is a list of classification markings that you can modify. The following markings are provided with Secure Mail.

UNOFFICIAL,SEC=UNOFFICIAL
UNCLASSIFIED,SEC=UNCLASSIFIED
For Official Use Only,DLM=For-Official-Use-Only
Sensitive,DLM=Sensitive
Sensitive:Legal,DLM=Sensitive:Legal
Sensitive:Personal,DLM=Sensitive:Personal
PROTECTED,SEC=PROTECTED
PROTECTED+Sensitive,SEC=PROTECTED
PROTECTED+Sensitive:Legal,SEC=PROTECTED,DLM=Sensitive:Legal
PROTECTED+Sensitive:Personal,SEC=PROTECTED,DLM=Sensitive:Personal
PROTECTED+Sensitive:Cabinet,SEC=PROTECTED,DLM=Sensitive:Cabinet
CONFIDENTIAL,SEC=CONFIDENTIAL
CONFIDENTIAL+Sensitive,SEC=CONFIDENTIAL,DLM=Sensitive
CONFIDENTIAL+Sensitive:Legal,SEC=CONFIDENTIAL,DLM=Sensitive:Legal
CONFIDENTIAL+Sensitive:Personal,SEC=CONFIDENTIAL,DLM=Sensitive:Personal
CONFIDENTIAL+Sensitive:Cabinet,SEC=CONFIDENTIAL,DLM=Sensitive:Cabinet
SECRET,SEC=SECRET
SECRET+Sensitive,SEC=SECRET,DLM=Sensitive
SECRET+Sensitive:Legal,SEC=SECRET,DLM=Sensitive:Legal
SECRET+Sensitive:Personal,SEC=SECRET,DLM=Sensitive:Personal
SECRET+Sensitive:Cabinet,SEC=SECRET,DLM=Sensitive:Cabinet
TOP-SECRET,SEC=TOP-SECRET
TOP-SECRET+Sensitive,SEC=TOP-SECRET,DLM=Sensitive
TOP-SECRET+Sensitive:Legal,SEC=TOP-SECRET,DLM=Sensitive:Legal
TOP-SECRET+Sensitive:Personal,SEC=TOP-SECRET,DLM=Sensitive:Personal
TOP-SECRET+Sensitive:Cabinet,SEC=TOP-SECRET,DLM=Sensitive:Cabinet

Australian Signals Directorate Data Protection

Secure Mail supports Australian Signals Directorate data protection for those enterprises that must meet ASD computer security requirements. By default, the Enable iOS data protection policy is Off and Secure Mail provides Class C data protection or uses the data protection set in the provisioning profile.

If the policy is On, Secure Mail specifies the protection level when creating and opening files in the app sandbox. Secure Mail sets Class A data protection on:

  • Outbox items
  • Photos from the camera or camera roll
  • Images pasted from other apps
  • Downloaded file attachments

Secure Mail sets Class B data protection on:

  • Stored mail
  • Calendar items
  • Contacts
  • ActiveSync policy files

Class B protection enables a locked device to sync and enables downloads to complete if a device is locked after the download starts.

With data protection enabled, queued outbox items are not sent when a device is locked because the files cannot be opened. And, if the device terminates and then restarts Secure Mail when a device is locked, Secure Mail is unable to sync until the device is unlocked and Secure Mail starts.

Citrix recommends that, if you enable this policy, you enable Secure Mail logging only when needed to avoid the creation of log files with Class C data protection.

Secure Mail for iOS background app refresh

If Secure Mail for iOS is configured to provide notifications through iOS background app refresh (and not APNs), Secure Mail email refresh works in the following ways:

  • When user enable Background App Refresh on the device (Settings > General > Background App Refresh) and Secure Mail is running in the background, mail is synced with the server. The sync frequency depends on a variety of factors.
  • If the user disables Background App Refresh, the app never receives email while running in the background.
  • When users move Secure Mail to the background, the app continues to run within a grace period before the app is suspended.
  • While running in the foreground, Secure Mail shows real-time email activity, regardless of the Background App Refresh setting.

Secure Mail and ActiveSync

Secure Mail syncs with Exchange Server via the ActiveSync messaging protocol to give users real-time access to their Outlook mail, contacts, calendar events, automatically generated mailboxes, and user-created folders.

Note: ActiveSync doesn't support the synchronization of Exchange public folders. In Exchange Server 2013, ActiveSync doesn't sync the Drafts folder.

To sync user-created folders, follow these steps:

iOS:

  1. Go to Settings > Auto Refresh.
  2. Set Auto Refresh to On.
  3. Tap On. A list of all mailboxes appears.
  4. Tap the folders you want to sync.

Android:

  1. Go to the Mailboxes list.
  2. Tap the mailbox you want to sync.
  3. Tap the More icon in the lower-right corner.
  4. Tap Sync options.
  5. Under Check frequency, select how often you want the folder to sync.

Exporting contacts in Secure Mail

Secure Mail users can continuously sync their contacts with the phone address book, do a one-time export of an individual contact to the phone address book, or share a contact as a vCard attachment.

To allow these features, set the Export Contacts policy for Secure Mail in the XenMobile console to ON.

When the policy is ON, the following options are enabled in Secure Mail:

  • Sync with Local Contacts in Settings
  • Exporting individual contacts
  • Share contacts as vCard attachments

When the Export Contacts policy is OFF, those options do not appear in the app.

Once the policy is enabled, to continuously sync contacts from the mail server to the phone address book, users need to set Sync with Local Contacts to ON. As long as Sync with Local Contacts is ON, any updates to contacts in Exchange or Secure Mail triggers an update to local contacts.

Due to Android limitations, if any Exchange or Hotmail account is already set to sync with local contacts, Secure Mail is unable to sync contacts.

On iOS, Secure Mail contacts can be exported and synced with the phone contacts even if a Hotmail or Exchange account is set up on the device. You configure this feature in XenMobile through the Override Native Contacts Check policy for Secure Mail. This policy determines if Secure Mail should override the check for contacts from an Exchange/Hotmail Account configured in the native Contacts app. If On, the app syncs contacts to the device even if the native Contacts app is configured with Exchange/Hotmail Account. If Off, the app continues to block contacts sync. Default is On.

Secure Mail notifications

The following table summarizes how notifications are handled for supported mobile devices when Secure Mail is running in the foreground or background.

With Secure Mail running in the: Notifications are handled as follows:

iOS

Android

Foreground

Secure Mail maintains a persistent ActiveSync connection to sync email and calendar activity.

Secure Mail maintains a persistent ActiveSync connection to sync email and calendar activity.

Background (or terminated)

Secure Mail receives notifications through the iOS background app refresh functionality or, if configured, APNs.

For configuration details, see Push Notifications for Secure Mail for iOS.

Secure Mail maintains a persistent ActiveSync connection.

Secure Mail features

Secure Mail interactivity with other XenMobile Apps and ShareFile lets users access, edit, share, and save documents seamlessly, without leaving the secure environment set by your organization's policies. For example, tapping a link in Secure Mail opens the site in Secure Web. Users can open and edit attachments with Citrix QuickEdit for XenMobile, and they can select text from one or multiple emails and then add the information to Secure Notes. Attachments are downloaded into the user's Citrix ShareFile for XenMobile space.

Other security-enhancing features include the ability to control which contact fields a user can export and which mail and calendar notifications pop up on a locked screen.

For a full list of Secure Mail features for each platform, see XenMobile Apps Features by Platform.

The following two figures show what users see when first opening Secure Mail, as well as the various options within the app. For the PDF version of the figures, download the Secure Mail Quick Reference Guide.

localized image
localized image

Spellcheck feature for iOS

Secure Mail spellcheck interacts with the device Auto-Capitalization and Check Spelling settings under General > Keyboard in the following ways:

Auto-Correction on Device Check Spelling on Device Check Spelling in Secure Mail Behavior

ON

ON

ON

Red underline shows. When tapped, the word is highlighted in pink and a suggestion appears.

OFF

OFF

ON

Red line shows. When tapped, no suggestion appears.

ON

ON

OFF

No red underline shows. When tapped, the word is highlighted in pink and a suggestion appears

OFF

OFF

OFF

No red underline, highlighting, or suggestion appear.

ON

OFF

ON

Red underline shows. When tapped, the word is highlighted in pink and a suggestion appears.

OFF

ON

ON

Red underline shows. When tapped, the word is highlighted in pink and a suggestion appears.

ON

OFF

OFF

No red underline shows. When tapped, the word is highlighted in pink and a suggestion appears.

OFF

ON

OFF

No red underline shows. When tapped, the word is highlighted in pink and a suggestion appears.

Attaching files in Android

In Secure Mail/WorxMail versions 10.3.5 and later, Android users can't attach images directly from the Gallery app when the Inbound document exchange (Open-in) policy is set to Restricted. If you want to keep this policy set to Restricted but still allow users to add photos from the Gallery, follow these configuration steps in the XenMobile console.

1. Set Block gallery to Off.

2. Get the Gallery package ID for devices. Some examples:

  • LG Nexus 5:
    com.google.android.gallery3d, com.google.android.apps.photos
  • Samsung Galaxy Note 3:
    com.sec.android.gallery3d, com.sec.android.gallery3d.panorama360view, com.google.android.apps.photos
  • Sony Expire:
    com.sonyericsson.album, com.google.android.apps.photos
  • HTC:
    com.google.android.apps.photos, com.htc.album
  • Huawei:
    com.android.gallery3d, com.google.android.apps.photos

3. Make the hidden policy InboundDocumentExchangeWhitelist visible:

  • Download the WorxMail APK file and wrap the file with the MDX Toolkit.
  • Find the .mdx file on your computer and change the file suffix to .zip.
  • Open the .zip file and find the policy_metadata.xml file
  • Search for and change InboundDocumentExchangeWhitelist from <PolicyHidden>true</PolicyHidden> to <PolicyHidden>false</PolicyHidden>.
  • Save the policy_metadata.xml file.
  • Select all the files in that folder and compress to create the .zip file.
    Note: Don't zip the outer folder. Select all files inside the folder and compress the selected files.
  • Click on the resulting compressed file.
  • Choose Get Info and change the file suffix back to .mdx

4. Upload the modified .mdx file to the XenMobile console and add the list of Gallery package IDs to the now-visible Inbound document exchange whitelist policy.

localized image

Ensure that the package IDs are comma-separated:

com.sec.android.gallery3d, com.sec.android.gallery3d.panorama360view, com.google.android.apps.photos

5. Save and deploy Secure Mail.

Android users can now attach an image from the Gallery app.

Supported file formats

An X indicates a file format that can be attached, viewed, and opened in Secure Mail.

 

iOS

Android

VIDEO*

H.263 AMR NB codec_Mp4

 

X

H.263 AMR NB codec_3gp

 

X

H.264 AAC codec_3gp

X

X

H.264 AAC codec_mp4

X

X

H.264 Acclc codec_mp4

X

X

GTM recorded_wmv

 

X

AVI

 

X

FLV

 

X

WAV

X

X

MP4

X

X

3GP

X

X

Flac

 

X

AAC

X

X

M4A

X

X

3GP(AMR-NB)

X

X

MP3

X

X

WAV

X

X

WMA

 

X

OGG

 

X

ICO

X

X

JPEG

X

X

PNG

X

X

TIF (single-page only)

X

 

BMP

X

X

GIF

X

X

WebP

 

X

.dot

X

X

PDF

X

X

PPT

X

X

PPTX

X

X

DOC

X

X

DOCX

X

X

XLS

X

X

XLSM

X

X

XLSX

X

X

TXT

X

X

POT

X

X

HTM

X

X

HTML

X

X

ZIP

X

X

EML

X

X

Joining meetings from Calendar

In Secure Mail, users can join meetings directly from invitations in Calendar. The following tables list which meeting types and phone number formats are supported, and dial-in requirements for each.

Supported Meeting Types

Meeting type Identification requirements Action after tapping Join Meeting

GoToMeeting (GTM)

One of the following in the meeting content:

1. This type of URL: https://www1.gotomeeting.com/join/1234567892. GTM access code in any of these formats:

2. GTM: 123456789

3. GTM – 123456789

4. G2M – 123456789

5. G2M: 123456789

If the GTM app is installed, the app opens and user joins meeting.

If the app is not installed, the user sees an option to go the app store to install GTM.

For GTMs in the gotomeet.me/username format, the app opens and the user joins the meeting.

WebEx

This type of URL anywhere in the meeting content: https://companyname.webex.com/...

Citrix Secure Web opens and opens the unwrapped WebEx app, if installed on the device.

WebEx must be added as an exception in the Secure Web Restricted Open-in exception list on Android and in the Allowed URLs policy on iOS.

Lync

Join Meeting is not supported for Lync meetings. Only dial-in is supported. For details, see the dial-in specifications later in this article.

Users can click a link that opens in Secure Web, which then opens the unwrapped Lync app if installed on the device.

Add the Lync app as an exception in the Secure Web Restricted Open-In exception list policy on Android. Add the exception in the Allowed URLs policy on iOS.

Configuring the following table of policies allows users to tap a meeting link to open the relevant app.

Meeting type iOS - "Allow URLs" Policy Android - "Open-in Exclusions" Policy

Webex (Unwrapped app)

+^wbx:

Eg. Policy string :

^http:,^https:,^mailto:=ctxmail:,+^citrixreceiver:,+^telprompt:,+^tel:,+^col-g2m-2:,+^col-g2w-2:,+^wbx:,+^maps:ios_addr:

{action=android.intent.action.VIEW scheme=wbx package=com.cisco.webex.meetings}

Lync of Skype for Business

+^lync:

{action=android.intent.action.VIEW scheme=lync package=com.microsoft.office.lync15}

Skype

+^skype:

{action=android.intent.action.VIEW scheme=skype package=com.skype.raider}

Dial-In Specifications

Meeting type Supported phone number formats Supported conference code formats

GoToMeeting (GTM)

1. Any phone number in GTM formats.

Examples:

India (toll-free): 000 800 100 7855

United States (toll-free): 1 877 309 2073

2. Any phone number that satisfies RFC 3966 format standards. (http://www.ietf.org/rfc/rfc3966.txt)

The conference code is picked up from any of the following formats in the meeting body:

  • URL 
(*.gotomeeting.com/join/123456789)
  • URL (gotomeet.me/username format)
  •  "GTM" formats such as "GTM:123456789"
  • "G2M" formats such as "G2M:123456789"
  • Formats such as "Access Code: 123456789"

WebEx

Any phone number in WebEx Call-in formats.

Examples (both Verizon and U.S.):

1-866-652-5088

1-517-466-3109

2. Any phone number in WebEx Audio Connection formats.

Example:

1-650-479-3207 (US toll)

3. Any phone number that satisfies RFC 3966 format standards.

The meeting content must contain one of these formats:

1. Meeting number: 123 456 789

2. Access code: 123 456 789

Note: For conference codes that are nine digits or fewer, the # key is added automatically to dial in to the meeting.

Lync

Any phone number in RFC 3966 formats (http://www.ietf.org/rfc/rfc3966.txt).

The meeting body contains this text:

"Conference ID: 123456789"

Note: The # key is added automatically for Lync meetings.

Generic audio conference information

Any phone number in RFC 3966 formats (http://www.ietf.org/rfc/rfc3966.txt).

Examples:

5555555555

(555) 555-5555

555-555-5555

555-555-555-5555 (in case of country code)

1-555-555-5555

+1-555-555-5555

Note: Use a single separator between digits in the phone number. For example, “) –“ can cause the number not to be recognized.

Recommended format:

"(phone number)","(code)"

You can specify up to four commas and provide the # key if necessary. See the table later in this document for a list of supported formats.

For an audio conference, the following formats let users tap Dial In. If they tap the phone number from the body of the calendar meeting, however, they can dial into the meeting. They must then type conference codes manually. The following phone number and conference code formats are supported.

Supported phone number formats Conference code separator Example

Any phone number in RFC 3966 formats

Examples:

5555555555

(555) 555-5555

555-555-5555

555-555-555-5555 (in case of country code)

1-555-555-5555

+1-555-555-5555

Participant Code

1-888-999-9999 Participant Code: 9999999

Participant PIN

1-888-999-9999 Participant PIN: 99999999

Guest Code

1-888-999-9999 Guest Code: 99999999

Guest PIN

1-888-999-9999 Guest PIN:99999999

Participant/Guest Code

1-888-999-9999 Participant/Guest Code:99999999

Chair Code

1-888-999-9999 Chair Code:99999999

Chair PIN

1-888-999-9999 Chair PIN:99999999

Chairperson Code

1-888-999-9999 Chairperson Code:99999999

Chairperson PIN

1-888-999-9999 Chairperson PIN:99999999

Host PIN

1-888-999-9999 Host PIN:99999999

PIN

1-888-999-9999 PIN:99999999

Access Code

1-888-999-9999 Access Code:99999999

Code

1-888-999-9999 Code:99999999

Conference Code

1-888-999-9999 Conference Code:99999999

Conference ID

1-888-999-9999 Conference ID:99999999

,

+1 (631) 992-3240,958209234#

,,

+1 (631) 992-3240,,958209234#

,,,

+1 (631) 992-3240,,,958209234#

,,,,

+1 (631) 992-3240,,,,958209234#

passcode

+1 (631) 992-3240 passcode 958209234#

ext:

+1 (631) 992-3240 ext:958209234#

ext.

+1 (631) 992-3240 ext. 958209234#

;ext=

+1 (631) 992-3240; ext. 958209234#

extn

+1 (631) 992-3240 extn 958209234#

HC

+1 (631) 992-3240 HC 958209234#

xtn

+1 (631) 992-3240 xtn 958209234#

xt

+1 (631) 992-3240 xt 958209234#

x

+1 (631) 992-3240 x 958209234#

PC

+1 (631) 992-3240 PC 958209234#

pc

+1 (631) 992-3240 pc 958209234#

Personal calendar overlay

On iOS and Android devices, you can import your personal calendar from the native calendar app and view your personal events in Secure Mail. Enable this feature by going to Secure Mail settings and then turning On Personal Calendar. Select a color for your personal events that you want to display in Secure Mail. This is a read-only view that is only visible to users. The personal calendar information does not sync back to the Exchange or Lotus Notes mail server.

You enable the personal calendar overlay either from the pop up notification or from Secure Mail settings.

The first set of figures show the feature on an iOS device. The subsequent set of figures show the feature on an Android device. 

localized image
localized image
localized image

Once you have enabled the feature, you can select a color for your personal mail items.

localized image
localized image
localized image

You can select which personal calendars appear from the settings screen.

localized image

The following figures show the feature on an Android device.

localized image

Secure Mail  also displays the following details about a personal calendar event:
• Account name of the sender
• Invitees
• Meeting notes

localized image

Secure Mail for Android, displays any conflicts with your personal calendar event while creating or rescheduling an Exchange account calendar event.

localized image
localized image

Below is a video demonstrating the Personal Calendar overlay feature.

Insert an inline image

To attach an inline image to your email, long press in the mail body. From the options that appear, tap Insert Picture.

localized image

Secure Mail may prompt you for access to your Photos. The Photos gallery appears. Navigate to the gallery and tap picture you want to insert.

localized image

The mail now contains the image you selected.

localized image

Multiple Exchange accounts for iOS

From Settings within Secure Mail, you can now add multiple Exchange email accounts and switch between them. This feature allows you to monitor all your mails, contacts, and calendars in one place.

Prerequisites

A user name and password is required to configure additional accounts. Automatic enrollment or credential store configurations applies only to the first account setup in the app. Type the user name and password for all additional accounts.

  • To allow additional accounts to connect to a domain or Exchange Server in an external network, you must set split tunneling to ON in Citrix NetScaler.
  • Secure Mail for iOS supports Exchange and Office 365 mail servers only.

To add an Exchange email account for iOS

1. Open Secure Mail and then tap Settings.
2. Under ACCOUNTS, tap + Add Exchange Account.
3. In the Exchange screen, type the credentials for the new account.
 

localized image
localized image

Optionally, you can set values for the following parameters:

  • Sync Mail Period – Tap to select a value for the sync mail period. The value you set specifies the number of mail days for Secure Mail to synchronize. Your administrator sets the default value. 
  • Make this my default account – Tap to set the new account as your default account. The value is set to OFF by default.

4. Tap Sign On to create the account.

You can view the new account in the Settings screen under the ACCOUNTS menu.

localized image

Note: The default or primary account uses certificate-based authentication because Secure Mail can only receive a single user certificate from XenMobile Server. Additional accounts must use authentication based on Active Directory.

Note: Citrix recommends that you do not configure multiple accounts on shared devices.

To edit an account

You can edit the password and description of email account.

1.      Open Secure Mail and then tap Settings.

2.      Under ACCOUNTS, tap the account you want to edit.

3.      In the Account screen, edit the fields.

4.      Tap Save to confirm your action or tap Cancel to return to the Settings screen.

localized image
localized image
localized image

To delete an account

  1. Open Secure Mail and then tap Settings.
  2. Under ACCOUNTS, tap the account you want to delete.
  3. In the Account screen, tap Delete Account at the bottom of the screen or tap Cancel to return to the Settings screen.
  4. Tap Delete to confirm your action.
localized image
localized image

Note: If you delete the default account, the next account will become the default account.

To set a default account

Secure Mail uses the default account in the following scenarios:

  • Composing emails. The From: field auto-populates with the email ID of the default account.
  • Creating calendar events.The Organizer field auto-populates with the email ID of the default account.
  • App badge count. Indicates the unread mail count of the default account.

When you add one or more email accounts, the first account you create is the default account. To change the default account, navigate to Settings General Default.

In the Default Email screen, tap the account you want to set as default.

Alternatively, you can navigate to Settings ACCOUNTS and then tap the account you want to set as default. In the Account screen, enable the Make this my default account feature.

Settings

If you have configured multiple Exchange accounts, some of the Secure Mail settings are available to each of these accounts individually, whereas other settings are global. The following settings are account-specific:

  • Default
  • Notifications
  • Auto Refresh
  • Out of Office
  • Sync Mail Period
  • S/MIME
  • Offline Files
  • Signature
  • Sync with Local Contacts
  • Export Settings

These settings appear with the > icon. Tap the > icon to view the accounts on your device.

To apply the setting to a specific account, expand a setting item by tapping > and then select the email account.

Note: You can only import the previously exported Secure Mail settings to the default or primary account.

Mail

The Mailboxes screen displays all the accounts you have configured and has the following views:

  • All Accounts. Contains emails from all Exchange accounts that you have configured.
  • Individual accounts. Contains emails and folders of an individual account. These accounts appear as a list that you can expand to view the subfolders.
localized image

The All Accounts mailbox is the global view by default. This view contains attachments and emails from all Exchange accounts that you have configured on your device.

The All Accounts mailbox has the following menu items:

  • All attachments
  • Inbox
    • Unread
    • Flagged
  • Drafts
  • Sent Items
  • Outbox
  • Deleted Items
localized image

 Although the All Accounts view displays your emails from multiple accounts collectively, the following actions use the email address of the default or primary account:

  • New message
  • New event

To change the email address of the sender while composing a new mail from the All Accounts view, tap the default address in the From: field and select a different account from the mail accounts that appear.

localized image
localized image

Note: Composing an email from the conversation view auto-populates the From: field with the email address that conversation is addressed to.

localized image

Individual accounts

All the accounts you have configured appear as a list below All Accounts. The default or the primary account always appears first followed by the other accounts in alphabetical order .

The individual accounts display any subfolders you might have created. You can view the subfolders folders by tapping the V icon next to the folder.
 

localized image

The following actions are limited to individual accounts only:

  • Moving items.
  • Composing emails from conversation view.
  • Importing vCard.
  • Saving contacts.

Contacts

To view your contacts, tap CONTACTS from the slide-out menu and then tap the hamburger icon on the top left. The Contacts screen displays the following items:

  • All Contacts. Displays all contacts from multiple email accounts.
  • Individual accounts. Displays contacts pertaining to the individual accounts that you have configured.
     
localized image

You can synchronize contacts pertaining to an individual account to your local contacts.

To sync with local contacts:

  1. Navigate to Settings > Contacts > Sync with Local Contacts and then tap > to expand the menu.
  2. In the Sync Local Contacts screen, enable the account whose contacts you want to sync.
  3. Tap OK.
  4. When prompted to allow Secure Mail to access your contacts, tap OK.
     
localized image

You have now successfully exported contacts for the account.
To undo this action, go to Settings Contacts > Sync with Local Contacts and then tap on the switch next to the account to disable this feature. Tap Yes, Delete to confirm your action.
 

localized image

If you have created folders or subfolders for your contacts using Microsoft Outlook, you can view them in Secure Mail.

To view the contact folders:

  1. Tap Contacts form the slide-out menu.
    The Contacts folders and subfolders pertaining to the individual accounts are displayed.
  2. Tap an account to view all the contacts associated with that account.
localized image
localized image

3.  To view contacts from a folder or subfolder, tap the respective folder or subfolder.
     The contacts associated with that folder are displayed.

localized image

Calendar

The calendar displays all events pertaining to the multiple accounts on your device. You can set colors to individual accounts to differentiate calendars events pertaining to individual accounts.

localized image

To set colors to calendar events

  1. Select CALENDAR from menu.
  2. Tap the hamburger icon on the top left.
    The Calendars screen is displays all the accounts you have configured.
  3. Tap on the default color displayed on the right of an Exchange account.
    The Colors screen displays the available colors for that account.
  4. Select a color of your choice and then tap Save.
  5. To return to the previous screen, tap Cancel.
    The selected color is set for all calendar events pertaining to that Exchange account.
     
localized image
localized image
localized image

When you are creating a calendar invitation or event, the Organizer field auto-populates with the email address of the default account. To change the mail account, tap this email address and select another account.

localized image
localized image

Note: When you exit and then launch Secure Mail, the app restores the last configured calendar settings on your device.

Search
You can perform a global search from the All Accounts or the All Contacts view. This action displays the appropriate results after searching all the accounts in the app.
All searches from within an individual account displays results pertaining to that account only.
 

Swipe to delete

On iOS and Android devices, you perform the following actions by swiping an email either left or right.
• More
• Flag
• Delete
• Mark

The following table captures the actions available on swipe gestures in various folders:

Folders Left swipe Long left swipe Right swipe

Inbox/Sent/Delete

  • Delete
  • Flag/Unflag
  • More

Delete

Read/Unread

Drafts

  • Delete
  • Flag/Unflag

Delete

Read/Unread

Outbox

  • Delete
  • Resend/Cancel

Delete

No Action

Server Results

  • Forward
  • Reply/Reply All

Reply/Reply All

No Action

Tap on one of the menu items to perform further actions.

localized image

You swipe right to perform the Mark action. 

The following sections provide more information about each menu item.

The More menu displays the following options:

  • Reply
  • Reply All
  • Forward
  • Move
  • Cancel
localized image

The Flag option allows you to mark the email for faster reference. You can also use this option to clear the status of a previously flagged email.

The Delete option allows you to delete the selected email.

localized image

You can also delete an email by long swiping the email item toward the left.

localized image

In both delete scenarios, the Undo button appears for a few seconds so you can reverse the action.

localized image

You can delete multiple emails by long pressing an email item and then selecting the emails that you want to delete.

The Mark option allows you to mark an email as read or unread. This swipe gesture lets you toggle among the two Mark as states - Read and Unread.

localized image

Multiple Exchange accounts for Android

From Settings within Secure Mail, you can now add multiple Exchange email accounts and switch between them. This feature allows you to monitor all your mails, contacts, and calendars in one place.

Prerequisites

A user name and password is required to configure additional accounts. Automatic enrollment or credential store configurations applies only to the first account setup in the app. Type the user name and password for all additional accounts.

  • If the first account you create is certificate-based, you cannot add further certificate-based accounts.
  • To allow additional accounts to connect to a domain or Exchange Server in an external network, you must set split tunneling to ON in Citrix NetScaler.
  • Secure Mail for iOS supports Exchange and Office 365 mail servers only.

To add an Exchange email account for Android

1. Open Secure Mail and then tap Settings.
2. Under ACCOUNTS, tap + Add account.
3. In the Add account screen, type the credentials for the new account.
 

localized image
localized image

Optionally, you can set values for the following parameters:

  • Sync mail period – Tap to select a value for the sync mail period. The value you set specifies the number of mail days for Secure Mail to synchronize. Your administrator sets the default value. 
  • Make this my default account – Tap to set the new account as your default account. The value is set to OFF by default.

4. Tap Sign In to create the account.

You can view the new account in the Settings screen under the ACCOUNTS menu.

localized image
localized image

Note

Additional accounts must use authentication based on Active Directory. Secure Mail does not support certificate-based authentication when configuring multiple accounts.

To edit an account

You can edit the password and description of email account.

1.      Open Secure Mail and then tap Settings.

2.      Under ACCOUNTS, tap the account you want to edit.

3.      In the Account details screen, edit the fields.

4.      Tap Save to confirm your action or tap Cancel to return to the Settings screen.

localized image
localized image
localized image

To delete an account

  1. Open Secure Mail and then tap Settings.
  2. Under ACCOUNTS, tap the account you want to delete.
  3. In the Account details screen, tap Delete account at the bottom of the screen or tap Cancel to return to the Settings screen.
  4. Tap Delete to confirm your action.
localized image
localized image

Note

If you delete the default account, the next account will become the default account.

To set a default account

Secure Mail uses the default account in the following scenarios:

  • Composing emails. The From: field auto-populates with the email ID of the default account.
  • Creating calendar events.The Organizer field auto-populates with the email ID of the default account.

When you add one or more email accounts, the first account you create is the default account. To change the default account, navigate to Settings and then tap Default under General.

In the Default account screen, tap the account you want to set as default.

Settings

If you have configured multiple Exchange accounts, some of the Secure Mail settings are available to each of these accounts individually, whereas other settings are global. The following settings are account-specific:

  • Default
  • Notifications
  •  Out of Office
  • Sync inbox frequency
  • Sync mail period
  • Sync email
  •  S/MIME
  • Offline Files
  • Signature
  • Quick responses
  • Sync calendar
  • Sync contacts
  • Sync with local contacts
  •  Export Settings

These settings appear with the > icon. Tap the > icon to view the accounts on your device.

To apply the setting to a specific account, expand a setting item by tapping > and then select the email account.

Mail

The Mailboxes screen displays all the accounts you have configured and has the following views:

  • All Accounts. Contains emails from all Exchange accounts that you have configured.
  • Individual accounts. Contains emails and folders of an individual account. These accounts appear as a list that you can expand to view the subfolders.

To view your mailboxes, select Mail from the slide-out menu. In the Mailboxes screen, tap the account to expand the options.

localized image

The All Accounts mailbox is the global view by default. This view contains attachments and emails from all Exchange accounts that you have configured on your device.

localized image

 Although the All Accounts view displays your emails from multiple accounts collectively, the following actions use the email address of the default or primary account:

  • New message
  • New event

To change the email address of the sender while composing a new mail from the All Accounts view, tap the default address in the From: field and select a different account from the mail accounts that appear.

localized image
localized image

Note

Composing an email from the conversation view auto-populates the From: field with the email address that conversation is addressed to.

localized image

Individual accounts

The default or the primary account always appears first followed by the other accounts in alphabetical order .

The individual accounts display any subfolders you might have created.
 

localized image

The following actions are limited to individual accounts only:

  • Moving items.
  • Composing emails from conversation view.
  • Saving contacts.

Contacts

To view your contacts, tap CONTACTS from the slide-out menu and then tap the hamburger icon on the top left. The Contacts screen displays the following items:

  • All Contacts. Displays all contacts from multiple email accounts.
  • Individual accounts. Displays contacts pertaining to the individual accounts that you have configured.
  • Categories. Displays any contact categories that you may have created.
     
localized image

You can synchronize contacts pertaining to an individual account to your local contacts.

To sync with local contacts:

  1. Navigate to Settings and then tap Sync with local contacts listed under Contacts to expand the menu.
  2. In the Sync with local contacts screen, enable the account whose contacts you want to sync.
  3. Tap OK.
  4. When prompted to allow Secure Mail to access your contacts, tap OK.
     
localized image

You have now successfully exported contacts for the account.
To undo this action, go to Settings Contacts > Sync with Local Contacts and then tap on the switch next to the account to disable this feature. Tap OK to confirm your action.
 

localized image

Calendar

The calendar displays all events pertaining to the multiple accounts on your device. You can set colors to individual accounts to differentiate calendars events pertaining to individual accounts.

Note

The Personal calendar feature will always be associated with your primary or default account if enabled.

localized image

To set colors to calendar events

  1. Select CALENDAR from menu.
  2. Tap on the default color displayed on the right of an Exchange account.
    The Colors screen displays the available colors for that account.
  3. Select a color of your choice and then tap Save. To return to the previous screen, tap Cancel.
    The selected color is set for all calendar events pertaining to that Exchange account.
     
localized image
localized image
localized image

When you are creating a calendar invitation or event, the Organizer field auto-populates with the email address of the default account. To change the mail account, tap this email address and select another account.

localized image
localized image

Search
You can perform a global search from the All Accounts or the All Contacts view. This action displays the appropriate results after searching all the accounts in the app.
All searches from within an individual account displays results pertaining to that account only.
 

Join Skype for Business meetings on iOS and Android

You can join Skype for Business meetings seamlessly through Secure Mail. This feature requires the Skype for Business app to be installed on your device.

To join a Skype for Business meeting

  1. Tap on the Skype for Business meeting reminder or calendar event.
  2. In the Event Details screen, tap the Skype Join Meeting. The Skype for Business meeting starts in a new window.

If you have not installed Skype for Business on your device, tap Install Skype to install the app.

localized image
localized image
localized image
localized image

Print emails, calendar events, or inline images on iOS

You can now print emails, calendar events, or inline images from your iOS device.

Prerequisites:

Before you begin, ensure that the following requirements are met:

  1. The Block AirPrint option is set to OFF.
  2. The Allow viewers to print option is disabled in IRM.

By default, the print feature is enabled in Secure Mail for iOS. The printing feature might be controlled by your administrator through administrative policies via Apple AirPrint or Microsoft Information Rights Management (IRM). In these scenarios, printing an email, calendar event, or inline image will not work and an error message might appear.

To print emails

  1. Open the email item you want to print.
  2. Tap the Reply/Forward icon.
    The following options appear:
    • Reply
    • Forward
    • Print
localized image

3. Tap Print.
    The Printer Options screen appears.

localized image

4. To select a printer, tap Select Printer.
    The Printer screen appears.

localized image

5. Select the printer you want to print to.

localized image

6. Tap or + to decrease or increase the number of copies you want to print.

localized image

7. To print a specific page or a range of pages, tap Range.
    The Page Range screen appears. By default, All Pages is selected.

localized image

8. To change the page selection, swipe the page numbers up or down.

localized image

9. Tap Printer Options to go back to the Printer Options screen.

localized image

10. To print in black and white, tap the Black & White button.
       By default, Secure Mail prints in color.

localized image

11. Tap Print on the top right to print the email.
12. To cancel the print job, tap Cancel on the top left.
 

To print a calendar event

1. Navigate to calendar and select an event.

localized image

2. Tap the Reply/Forward icon.
    The following options appear:

  • Reply
  • Reply All
  • Forward
  • Print
  • Cancel
localized image

3. Tap Print and follow the same instructions as mentioned in the section To print emails above.

To print inline images:

1. Open the email item with the inline image.
2. Long press the image.
    The following options appear:

  • Reply
  • Forward
  • Print
localized image

3. Tap Print and follow the instructions as mentioned in the section To print emails above.

localized image