Secure Attachments for Transactional Emails | Community
Skip to main content
robertc66522596
robertc66522596
Level 4
April 26, 2023
Solved

Secure Attachments for Transactional Emails

  • April 26, 2023
  • 2 replies
  • 1856 views

Hello,

 

We are in the midst of implementing Message Center for our V8 Campaign instance. One of our requirements is to attach message specific PDFs to templates -- for instance of invoices.

 

I've found documentation that discusses how to attach a PDF to the email located here: https://experienceleague.adobe.com/docs/campaign-classic/using/transactional-messaging/transactional-email-with-attachments.html?lang=en 

 

It discusses how it is inappropriate to send PII over email, so instead people can send a secure PDF. We agree with that statement, but feels like we're missing something. The process discusses putting the PDF into an FTP or other online disk system and then the transactional messaging event fetches the remote file.


But how is that call to fetch the PDF authenticated?

 

I found another experience league post which suggests to us that the file needs to be publicly accessible on the web -- I'm hoping that I've misunderstood as that undermines the idea of securing this data. Or is it that the process requires that the PDF be password protected or secured in some other means?

 

Please let me know how you've approached this with others, ideally we can authenticate the call to fetch the PDF so that our end users can access the attachment from the email without needing to take additional action on the PDF and without it being accessible on the open web.

 

Thanks!

Robbie

 

Best answer by Marcel_Szimonisz

Hello @robertc66522596 ,

we are solving similar problem. And here are the options:

 

  • SFTP file has to be uploaded prior the transactional call is made. This could work also where you set to send transactional email after the attachment is uploaded successfully. Where in the rt event you will provide file name so it can be easily calculated.
  • "Public url"  should be accessible to Adobe Campaign only so during the attachment calculation the file can be picked up.

Marcel

2 replies

Marcel_Szimonisz
Community Advisor
Marcel_SzimoniszCommunity AdvisorAccepted solution
Community Advisor
April 27, 2023

Hello @robertc66522596 ,

we are solving similar problem. And here are the options:

 

  • SFTP file has to be uploaded prior the transactional call is made. This could work also where you set to send transactional email after the attachment is uploaded successfully. Where in the rt event you will provide file name so it can be easily calculated.
  • "Public url"  should be accessible to Adobe Campaign only so during the attachment calculation the file can be picked up.

Marcel

    robertc66522596
    robertc66522596Author
    Level 4
    April 27, 2023

    Hi @marcel_szimonisz ,

     

    Thank you for the quick response and providing these options! I don't think the first will work for us, but the second seems like it can work.

     

    How are we able to identify that Adobe Campaign is reaching for the file? Does that come from the same IPs of the RT instance so we can whitelist? Or are you accomplishing it another way?

     

    Thanks again!

    Marcel_Szimonisz
    Community Advisor
    Marcel_SzimoniszCommunity Advisor
    Community Advisor
    April 28, 2023

    Hello @robertc66522596 ,

    You can build worklfow and test it if it works or not. I do not know your setup but normally rt execution instance runs on another AC instance.


    - if you have access to the rt instance you can set up technical workflow to pick up files, and save them to local dedicated folder.

    - if the application instance can push files to rt instance on file sytem level you can set up sftp loading technical workflow on the application instance.

     

    Marcel

      robertc66522596
      robertc66522596Author
      Level 4
      June 6, 2023

      FYI following up here.

       

      Adobe product confirmed for us that they will be fetching the documents from the same IP address that will be sending, so we are planning on whitelisting that IP in order to access the document securely and attach it. I will update here if that does not work. THanks!

       

      The back-up plan is to use a One-Time link that we create and host right before triggering the transactional email.

      D
      DebTr
      Level 6
      February 27, 2025

      Hi @robertc66522596 ,

      Hope you are doing well.

      Did you date the SFTP approach or uploaded the file to an RT instance directory directly or via a workflow?

      I am using the SFTP approach and the idea is RT instance will pick up the attachment file from SFTP when an event is triggered with the path. May I know how the dynamic file path on your SOAP event payload looks like?

      We have the connectivity between SFTP and RT instance established in terms of IP and credentials, but when we are triggering an SOAP event to RT with full path of a SFTP file it is looking for the same in "/usr/local/neolane/" location.

       

      Thanks,

      Deb

      robertc66522596
      robertc66522596Author
      Level 4
      February 27, 2025

      Hi Deb,

       

      Unfortunately, I'm unable to help you with this. We ended up tabling the attachment process because the number of attachments we need to send is variable and Adobe does not play well with multiple attachments...

       

      That's interesting it seems to be looking for the relative link in addition to the full path youve provided.. i know when trying different URL based markers i had to play with the values sent via the event (without http or https), maybe the full URL link is confusing it somehow. I wonder if @marcel_szimonisz can give you some advice?

       

      Good luck!

      Robbie

       

       

      Terms & ConditionsAccessibility statement

      Loading footer...