Securing email content can be done by sending the email in a closed network setup, directly to the receiving email server or by encrypting the content of the email. If you require the content to be really confidential you should go all the way and authenticate the sender by signing the email with a private certificate from the sender and encrypt the same email with the public certificate of the receiver.
This opens up a couple of failure points since certificates expire.
The following Gist handles both the signing and the encrypting but also takes care of notifying when the certificates have or are going to expire, and handles when they are expired.
No comments: