To enable an iOS MDM device user to work with email, add the user's email account to the list of accounts on the iOS MDM device.
By default, the email account is added with the following settings:
Email protocol – IMAP.
The user can move email messages between the user's accounts and synchronize account addresses.
The user can use any email clients (other than Mail) to use email.
The SSL connection is not used during transmission of messages.
You can edit the specified settings when adding the account.
To add an email account of the iOS MDM device user:
In the console tree, in the Managed devices folder, select the administration group to which the iOS MDM devices belong.
In the workspace of the group, select the Policies tab.
Open the policy properties window by double-clicking any column.
Complete the following steps within 15 minutes. Otherwise, you may face an error when saving changes to the policy.
In the policy Properties window, select the Email.
Click the Add button in the Email account section.
The Email account window opens.
In the Description field, enter a description of the user's email account.
Select the email protocol:
POP
IMAP
If necessary, specify the IMAP path prefix in the IMAP path prefix field.
The IMAP path prefix must be entered using upper-case letters (for example: GMAIL for Google Mail). This field is available if the IMAP account protocol is selected.
In the User name as displayed in messages field, enter the user name to be displayed in the From: field for all outgoing messages.
In the Email address field, specify the email address of the iOS MDM device user.
Configure Additional Settings of the email account:
To allow the user to move email messages between the user's accounts, select the Allow movement of messages between accounts check box.
To allow the email addresses used to be synchronized among user accounts, select the Allow sync of recent addresses check box.
To allow a user to use the Mail Drop service to forward large-sized attachments, select the Allow Mail Drop check box.
To allow the user to use only the standard iOS mail client, select the Allow use of only Mail app check box.
Configure the settings for using the S/MIME protocol in the Mail app. S/MIME is a protocol for transmitting digitally signed encrypted messages.
To use the S/MIME protocol to sign outgoing mail, select the Sign messages check box and select a certificate for the signature. A digital signature confirms the authenticity of the sender and indicates that the contents of the message have not been modified during transmission to the recipient. A message signature is available on devices running iOS version 10.3 or later.
To use the S/MIME protocol to encrypt outgoing mail, select the Encrypt messages by default check box and select a certificate for encryption (public key). Message encryption is available on devices running iOS version 10.3 or later.
To enable a user to encrypt individual messages, select the Show toggle button for encrypting messages check box. To send encrypted messages, the user must click the icon in the Mail app in the To field.
In the Inbound mail server and Outbound mail server sections, click the Settings button to configure the server connection settings:
Server address and port: Names of hosts or IP addresses of inbound mail servers and outbound mail servers and server port numbers.
Account name: Name of the user's account for inbound and outbound mail server authorization.
Authentication type: Type of user's email account authentication on inbound mail servers and outbound mail servers.
Password: Account password for authentication on the inbound and outbound mail server protected using the selected authentication method.
Use one password for incoming and outgoing mail servers: use one password for user authentication on incoming and outgoing mail servers.
Use SSL connection: usage of the SSL (Secure Sockets Layer) data transport protocol that uses encryption and certificate-based authentication to secure data transmission.
Click OK.
The new email account appears in the list.
Click the Apply button to save the changes you have made.
As a result, once the policy is applied, email accounts from the compiled list will be added on the user's mobile device.