Gateway encryption is a method in which emails are automatically encrypted at the network gateway (e.g., the mail relay) before leaving the organization. The sender does not need to manage keys or certificates.
Unlike end-to-end encryption (S/MIME, PGP), messages are protected only on the transport path between gateways. Within the corporate network, they remain unencrypted. Gateway encryption is easier to administer and requires no user training. It suits organizations that want baseline email encryption without the complexity of client-side certificate management.