Currently, if you need to configure an email sender for external domain (let's say, the Client's domain), the way of doing it is to configure mail.properties with a line like this: mail.host.password=TO_ENCRYPT(plaintextvalue). And then to run task "Encrypt Passwords in Configuration Files". This is not acceptable for many Clients, as they have to comply with many security policies, and it is not secure for them to send the plain text password to Archibus, so Archibus configures mail.properties and then encrypts the password.
There should be a more secure way, for example a form, accessible by the Client's IT team, in which they can enter the email account and then the password in a masked field (i.e. ********) and a background process that encrypts the password in the moment. So the plain text password is never saved in any file or anywhere, and nobody excepts the Client's IT team would have access to the plaintext password.