• Link to Rss this site
  • Link to LinkedIn
  • Link to Youtube
  • Link to X
  • Link to Instagram
  • English English English en
  • Deutsch Deutsch German de
Sales: +49 5251 304-800 | Support: +49 5251 304-636
NoSpamProxy
  • PRODUCT
    • NoSpamProxy Cloud
    • NoSpamProxy Protection
    • NoSpamProxy Encryption
    • NoSpamProxy Large Files
    • NoSpamProxy Disclaimer
  • SOLUTIONS
    • M365 Mail Security
    • Managed Certificates
    • 32Guards
    • AS4
  • RESOURCES
    • Documentation
    • Forum
    • Webcast Training
    • Training Courses
    • Support
    • Software Download
  • PARTNERS
    • Finding Resellers
    • Becoming Reseller
    • Partner Portal
    • NFR Licenses
  • COMPANY
    • Contact
    • Testimonials
    • Team
    • Career
    • Events
    • Awards
  • PRICES
  • BLOG
    • Blog
    • Newsletter Subscription
  • FREE TRIAL VERSION
    • Price Request
    • Free Trial Version
  • English
    • Deutsch
  • Click to open the search input field Click to open the search input field Search
  • Menu Menu
  • E-Mail-Verschluesselung mit der Arbeitsagentur

Email encryption with the Bundesagentur für Arbeit

Sören Beiler | Senior Presales System Engineer
Author: Sören BeilerSenior Presales System Engineer

With email encryption, you can protect your company’s communications and prevent sensitive data from being illegally tapped. The General Data Protection Regulation (GDPR) requires companies to encrypt emails containing personal data. Encrypting the mails ensures the confidentiality of the data sent. Only the intended recipient of the mail may read the contents. Of course, this also applies to emails containing personal data that are exchanged with the Bundesagentur für Arbeit (BA, German Federal Employment Agency) or job centers (gE). In particular, public institutions such as municipalities, cities, and human resources departments from the free trade sector communicate regularly with the Bundesagentur für Arbeit. In this blog article, we describe how to automatically encrypt emails to the Bundesagentur.

26.07.2023|Last edited:19.08.2024

What do I need for email encryption?

In addition to a certificate and the corresponding private key for your own mail address, you need the public key of your communication partner for encrypted sending to the BA. You can get your own certificate from a trust center such as D-Trust, DigiCert, GlobalSign or SwissSign. But how do you get the public key of the employee or the group mailbox of the Bundesagentur für Arbeit?

How do I get the S/MIME certificate of the recipient of the Bundesagentur für Arbeit?

There are two manual ways to obtain the certificate of your contact person or group mailbox. Each of these requires several steps to obtain the required certificate.

1. Use the certificate search of the Bundesagentur für Arbeit

The Bundesagentur für Arbeit offers a certificate search on its website at https://cert-download.arbeitsagentur.de. There you can manually enter the email address of the recipient and search for the certificate. You can then download and install the certificate and the corresponding issuer certificates in various formats. You must then ask the contact person at the BA to send you an invitation for email encryption so that the BA employee can send you encrypted mails. You will then receive a link and the option to enter your contact details as well as upload your own certificate.

2. Set up access to LDAP directory service

Another way to access the BA’s certificates is to set up access to the LDAP directory service. You have to request the access. Afterwards, the LDAP access data will be transmitted via encrypted mail. Before that, however, you must again request an invitation for email encryption. Detailed information on this can be found in the corresponding documentation on E-Mail-Verschlüsselung für externe Kommunikationspartner der BA (email encryption for external communication partners of the BA) under Automatisierter Abruf der Verschlüsselungszertifikate der Bundesagentur für Arbeit per LDAP.

Encrypting emails to the Bundesagentur, with automated certificate management

With Open Keys you can use the LDAP server of the Bundesagentur für Arbeit without additional steps. Open Keys is the central source for obtaining public certificates. Open Keys follows the open source approach and is directly integrated into NoSpamProxy Server and NoSpamProxy Cloud, if you have licensed NoSpamProxy Encryption. Open Keys establishes a connection to BA’s LDAP directory service and automatically retrieves the certificates for email encryption. You can communicate with your communication partner immediately in encrypted form without having to exchange signed emails beforehand.

How to enable Open Keys in NoSpamProxy Server

In the NoSpamProxy Command Center, under Identities > Public Key Servers, select the Use Open Keys (recommended) checkbox.

How to enable OpenKeys in NoSpamProxy Server

Non-NoSpamProxy customers can also use the free service and search for public keys automatically at www.openkeys.de via LDAP or Web API.

NoSpamProxy Cloud

In NoSpamProxy Cloud, the Open Keys service is also available and automatically enabled.

Automatically encrypt emails to the Bundesagentur für Arbeit

NoSpamProxy Server

In the other settings in the NoSpamProxy Server rule set, you can also configure a central security setting so that all emails sent to domains such as “arbeitsagentur.de” or domains of the regional job centers, for example, are automatically encrypted. This way you include all email addresses of the defined domain and ensure that no emails sent to this domain are sent unencrypted.

Automatically encrypt emails to the Arbeitsagentur: Specifying the scope
Automatically encrypt emails to the Arbeitsagentur: Configuring the action

Non-NoSpamProxy customers can also use the free service and search for certificates automatically at www.openkeys.de via LDAP or Web API.

NoSpamProxy Cloud

Similar to NoSpamProxy Server, in NoSpamProxy Cloud you can also specify domains or recipient addresses in the rules to which emails are to be sent encrypted by default.

NoSpamProxy Cloud Rule Scope Outbound Emails
NoSpamProxy Cloud Rule Scope Details Outbound Emails

Advantages of the automated encryption of mails to the employment office

With the Open Keys feature enabled, your employees do not need to worry about email encryption or certificate management. They can concentrate fully on their core tasks. The automated encryption and signature of emails ensures data protection in email communication – and you meet the requirements of the General Data Protection Regulation (GDPR) in email communication.

Advantages at a glance:

  • Automated certificate management and encryption

  • No effort for your employees

  • Time-saving for Bundesagentur für Arbeit

  • Compliance with GDPR requirements

Receiving encrypted emails from the Bundesagentur für Arbeit

Of course you can receive encrypted emails from the Bundesagentur with NoSpamProxy. Thereby NoSpamProxy checks the signatures and decrypts the emails.

NoSpamProxy Server

In your NoSpamProxy server installation you only need to add the intermediate and root certificates of the employment agency once for this, so that the certificate chain can be checked for validity. These are also offered in the results of the certificate search described above at https://cert-download.arbeitsagentur.de.

In addition, you must provide the BA with your own certificates in advance. On request, NoSpamProxy will automatically publish your certificates in Open Keys, from which the BA can retrieve the current status by using freely available interfaces. If a certificate is updated, it is immediately published in Open Keys in real time.

To enable the BA to set up the query to Open Keys for your email domain, please send an email to IT-Systemhaus.Vertrauensdienste@arbeitsagentur.de requesting the connection to Open Keys for

  • Your domain(s) and
  • your technical contacts.

Detailed information on this can be found in the corresponding documentation on E-Mail-Verschlüsselung für externe Kommunikationspartner der BA (email encryption for external communication partners of the BA) under LDAP-Verzeichnis.

If you want to use a domain certificate, please send the details to IT-Systemhaus.Vertrauensdienste@arbeitsagentur.de. Detailed information on this can be found in the corresponding documentation on E-Mail-Verschlüsselung für externe Kommunikationspartner der BA (email encryption for external communication partners of the BA) under Domänenzertifikat (Verschlüsselungsgateway).

NoSpamProxy Cloud

In NoSpamProxy Cloud, you do not need to manually add the Bundesagentur’s intermediate and root certificates. They are automatically included and immediately used for receiving emails.

NoSpamProxy Encryption & Open Keys: The perfect combination

With the encryption solution NoSpamProxy Encryption and the free service for obtaining certificates, Open Keys, you rely on a strong duo for secure email communication. Activate the Open Keys function in NoSpamProxy Server now or use the directly integrated service in NoSpamProxy Cloud to automatically receive public keys – for example from the Bundesagentur für Arbeit – and communicate in encrypted form. You do not have NoSpamProxy in use yet? Request your free trial version now!

Get your free NoSpamProxy trial now!
  • share 
  • share 
  • share 
  • email 

SEARCH

PRODUCT

  • All Topics
  • NoSpamProxy Cloud
  • NoSpamProxy Protection
  • NoSpamProxy Encryption
  • NospamProxy Large Files

You need support?

You can find more information about NoSpamProxy in our documentation and forum.

CATEGORY

  • All Topics
  • News
  • Product
  • Tech & Support
  • Events

NoSpamProxy Newsletter

Subscribe to Newsletter
RSS Feed Logo RSS Feed Logo Subscribeto RSS Feed

NoSpamProxy

  • NoSpamProxy Cloud
  • NoSpamProxy Encryption
  • NoSpamProxy Large Files
  • NoSpamProxy Disclaimer
  • Price request
  • Team
  • Career
  • General terms and conditions
  • Data Protection Information for Business Partners and Applicants
  • Cybersecurity (PSIRT)

Partners

  • Becoming a reseller
  • Partners
  • Order Certificates
  • Newsletter

Categories

  • All topics
  • News
  • Support
  • Updates
  • Order certificates

Latest News

  • Warum Sie ARC in NoSpamProxy jetzt aktivieren sollten Preview
    Why you should activate ARC in NoSpamProxy now11.07.2025 - 12:08
  • SVG files in email attachments: Danger by malicious code preview
    Attached SVG file: Danger from malicious code04.07.2025 - 10:00
  • NoSpamProxy Update
    NoSpamProxy Cloud June update: Rollout started30.06.2025 - 06:00
IMPRINT • EULA • Privacy Policy • • © 2025 Net at Work GmbH
  • Link to Rss this site
  • Link to LinkedIn
  • Link to Youtube
  • Link to X
  • Link to Instagram
Link to: 32Guards receives government funding Link to: 32Guards receives government funding 32Guards receives government fundingBSFZ-Siegel Link to: Ransomware-as-a-Service (RaaS): Full service for criminals Link to: Ransomware-as-a-Service (RaaS): Full service for criminals Ramsomware-as-a-Service RaaS PreviewRansomware-as-a-Service (RaaS): Full service for criminals
Scroll to top Scroll to top Scroll to top