Sign in
< Back to Top

Partner Mailbox Endpoint

A Partner Mailbox Endpoint allows CIC to act as an FTP or SFTP server. Your trading partners can connect to a Partner Mailbox as an FTP or SFTP client or as a Cleo Portal client. See Connecting to a Partner Mailbox.

A Partner Mailbox Endpoint can be used in multiple Data Flows, but it depends on whether it is a source or destination endpoint and the mailbox folder you choose. If used as a source endpoint, a folder with Upload permissions can only be used once. If used as a target endpoint, a folder with Download permissions can be used more than once. See Using Mailbox Folders for more details.

Partner Mailbox attributes

The Partner Mailbox Endpoint has the following attributes:

Attribute Description
Allowed Connections

Select one or all of the following: FTP, SFTP, and Cleo Portal. 

If you select FTP, you can also choose to require a secure connection. 

See Connecting to a Partner Mailbox for more information.
Allowed File Types

Restrict what kinds of files are permitted to be processed by this Endpoint. Choose from the following: 

All No restriction. Allow any kind of file. 
Allow upload of ONLY the following types  Specify a comma- or semi-colon-separated list of filename patterns allowed to be processed by this Endpoint. You can use wildcards and regular expressions. See Using Wildcards and Regular Expressions in CIC
Authentication Type

This section is displayed whenever you select SFTP in the Allowed Connections section. 

Choose from the following: 

Password

Use username/password authentication only.

Available whenever you select SFTP in the Allowed Connections section.
Key Authentication

Use key authentication only.

Available when you select only SFTP in the Allowed Connections section. 

Requires that you paste a key value into the Key Authentication field. 

 
Password or Key

Allow use of username/password or key authentication.

Available whenever you select SFTP in the Allowed Connections section. 

Requires that you paste a key value into the Key Authentication field. 
Password and Key

Use both username/password and key authentication.

Available when you select only SFTP in the Allowed Connections section. 

Requires that you paste a key value into the Key Authentication field.
Username Required. Specify the username to be used with the password below for authentication when you log in to the Cleo Portal to upload and download from this partner mailbox.
Password 
Confirm Password		 Required. Specify the password to be used with the username for authentication. 
Passwords must be at least 8 characters long and include:
  • 1 uppercase
  • 1 lowercase
  • 1 number
  • 1 special character.
Key Authentication

Specify one or more keys to be used for authentication.

CIC supports multiple authentication keys. To specify multiple keys, paste the keys into the Key Authentication text area each on separate lines.  The user can authenticate using any one of the keys specified.

The following keys are supported in the OpenSSH format:

  • RSA
  • DSA
  • ECDSA
  • ED25519
Email Optional. Specify the email address where you want to receive password reset requests.
Mailbox Folders This tab allows you to configure folders from which you can send and receive files. See Using Mailbox Folders for details about how to configure folders.
OpenPGP
Inbound  
Verify Signed Payloads Select to ensure that when a signed payload is received, the signature matches the payload that was sent. 
When you select this check box, you are prompted to select the trading partner's signing certificate. This field is prefilled with the outbound encryption certificate as the same certificate is commonly used for both. See Selecting a certificate.
Accept Encrypted Payloads Select to accept encrypted inbound payloads. 
When you select this check box, you are prompted to select your decryption certificate. This field is prefilled with the outbound signing certificate as the same certificate is commonly used for both. See Selecting a certificate.
Outbound  
Sign Sign messages sent from this Endpoint. 
When you select Sign, you are prompted to select your signing certificate. This field is prefilled with the inbound decryption certificate as the same certificate is commonly used for both. See Selecting a certificate.
Encrypt Apply encryption to messages sent from this Endpoint. 
When you select Encrypt, you are prompted to select the trading partner's encryption certificate. This field is prefilled with the inbound signing certificate as the same certificate is commonly used for both. See Selecting a certificate.
Compress Apply ZLIB compression to messages sent from this Endpoint. Choose this option for large files to conserve bandwidth and improve efficiency and security.
Text Output (ASCII armor) Encase encrypted messages in ASCII for ease of sending using standard messaging formats.
Advanced
OpenPGP Algorithms  
Hash Algorithm Choose the signing method used when OpenPGP packaging (with signing) is requested from the following:
  • MD2
  • MD5
  • RIPE-MD-160
  • SHA-1
  • SHA-256
  • SHA-384
  • SHA-512
V3 Signature Select this check box to sign messages with Version 3 signatures.
Encryption Algorithm Choose the algorithm you want to use to encrypt messages. The remote host receiving the message must be able to decrypt the message using the algorithm you choose. Choose from the following:
  • DES
  • 3DES
  • AES/128
  • AES/192
  • AES/256
  • CASTS
  • TWOFISH
  • BLOWFISH
Compression Algorithm

Choose the algorithm you want to use to compress messages. The remote host receiving the message must be able to decrypt the message using the algorithm you choose.

Choose either ZIP or ZLIB.
General  
Password Expiration Select to allow passwords to expire. 
Expire password after  Select a period after which passwords expire. 
Default value is 6 months.
Subdomain

If you have more than one subdomain, select the one you want to use for this Endpoint. 

Note: This field appears only when you have more than one subdomain.
Connections and Transfers

 
Inbound IP Whitelisting

Specifies the IP addresses allowed to connect to this Endpoint.

IP addresses can be a single address or a range of addresses.

Enter addresses or address ranges one per row or separate them using commas.

Note: Inbound IP Whitelisting is not available on Endpoints using Cleo's Limited Primary/Failover IP Network. See Limited Primary/Failover IP Network for more information.

The following are examples of valid IP addresses:

IP Address Description
* All IP addresses
10.11.12.13 Single IPv4 address matching 10.11.12.13
10.* IPv4 addresses in the range 10.0.0.0-10.255.255.255
10.11.* IPv4 addresses in the range 10.11.0.0-10.11.255.255
10.11.12.50-10.11.12.70 IPv4 addresses in the range 10.11.12.50-10.11.12.70
10.11.12.0/24 IPv4 addresses in the range 10.11.12.0-10.11.12.255

Connecting to a Partner Mailbox

Once you have configured a Partner Mailbox, you can access it via FTP, FTPS, SFTP, and the Cleo Portal. Connection information is generated when Cleo configures your system for you.  It is possible for you to have multiple subdomains configured. Contact your system administrator for more information about your specific configuration.

Your connection information is displayed on the Partner Mailbox Endpoint page.

mceclip0.png

Using Mailbox Folders

By default, CIC provides two folders to use with your Partner Mailbox, Upload and Download, within your "home" folder. This section describes adding folders (directly under your home folder) and subfolders (under a folder other than home), deleting folders, editing folders, and some considerations for using folders in Data Flows.

Adding Folders and Subfolders

To add a folder directly under the home folder:

  1. Without an existing folder selected, click the Add Folder button.
    mceclip0.png
  2. Give the folder a name, select permissions (see Understanding Folder Permissions), and click Add. 
  3. The new folder is added to your list of Mailbox Folders.

To add a subfolder:

  1. Select the folder you want to contain the subfolder and click the Add Folder button.
  2. Give the folder a name, select permissions (see Understanding Folder Permissions), and click Add.
  3. A subfolder is added in the selected folder.

Deleting Folders

Select a folder and click the Delete Folder button.

When you delete a folder that contains subfolders, CIC deletes the folder and its subfolders.

If the folder you select to delete has download permissions and there is data in that folder, you must choose whether to move data to another folder or archive the data.

When you delete a folder and then save the Endpoint, CIC displays this warning and provides an opportunity to confirm the operation:

Renaming Folders and Editing User Permissions

Select a folder, click the Edit Folder button, and edit folder properties as necessary. See Understanding Folder Permissions for details.

When you attempt to change permissions for a folder with Download permissions that contains data, you must choose whether to move the data to another folder or archive the data. 

Understanding Folder Permissions

Folder permissions affect how they can be used in a Data Flow. Folders can have any of the following permissions.

Permission Description
View Folder cannot be used in a Data Flow. However, subfolders with other permissions still can be added as a subfolder.
Download Only Folder is only available when the Endpoint is a destination for a Data Flow. When used in a target endpoint, a folder with Download Only permissions can be used more than once.
Upload Only

Folder is only available when the Endpoint is a source for a Data Flow. When used in a source endpoint, a folder with Upload Only permissions can only be used once.
Download & Upload

Folder is available as either a source or destination for a Data Flow. 

 

Related articles

Comments

0 comments

Please sign in to leave a comment.