CipherMail Email Encryption Gateway

The most configurable encryption gateway on the market, available in community open-source and commercial editions.

Request a quote See release notes

how it works

Simplify your email encryption experience

CipherMail Email Encryption Gateway supports all major email encryption standards, including S/MIME, PGP, PDF-encrypted email, and TLS. If an email cannot be encrypted, the system can use the WebMail Messenger fallback option.

S/MIME and PGP use public key encryption (PKI) for encryption and signing. PDF encryption can be used as a lightweight alternative to S/MIME and PGP. The only requirement for the recipient is a PDF reader.

The CipherMail Gateway automatically detects which encryption standard is supported by the recipient. For example, if an email is sent to four recipients and each recipient supports a different encryption method, the email is encrypted with four different methods.

The sender does not have to think about the capabilities of the recipients, the gateway will automatically handle this for you.

Compatible with all email systems

Compatible with any SMTP email service, including on-premises servers such as Microsoft Exchange and cloud services such as Microsoft 365 (Office 365) and Google Workspace.

Flexible policy setup

Settings can be specified at gateway, domain, and user level. The system can be extended to support company-specific security rules.

Digital signing

By signing an email, a recipient can validate the identity of the sender. This helps against email spoofing and phishing. The signature also prevents the email from being modified without detection.

S/MIME

S/MIME is a standard way to protect email. It encrypts your message so only the intended recipient can read it and adds a digital signature to confirm who sent it and that it hasn’t been altered. It is widely used by businesses and government agencies. To use S/MIME, each person needs a digital certificate (sometimes called a personal email certificate), which is typically issued and managed by their organization.

You can configure the CipherMail Email Encryption Gateway to automatically encrypt and sign email messages using S/MIME.

Read the docs for more info

PGP

PGP is a long-standing standard for encrypting and digitally signing email. Like S/MIME, it protects your messages, but it uses a web-of-trust approach, where people verify each other’s keys, instead of certificate authorities.

The gateway supports PGP/MIME and inline PGP.

Read the docs for more info

PDF Messenger

PDF Messenger is a lightweight alternative to S/MIME and PGP.

PDF Messenger converts your entire email, including all attachments, into a password-protected PDF. It then sends this secure PDF to the recipient, who can open it using any standard PDF reader.

Read the docs for more info

Webmail Messenger

Webmail Messenger is a secure webmail portal that works with the CipherMail Email Encryption Gateway to securely send and receive messages to external recipient.

See WebMail Messenger for more information

TLS

TLS protects the connection between mail servers by encrypting the path your message travels, but it does not encrypt the message itself. If an email is stored on a server and only TLS was used, the message is typically stored in plain text. Technologies like S/MIME and PGP encrypt the contents of the email itself, so the message remains protected even when stored. For the best security, use S/MIME or PGP together with TLS.

Read the docs for more info

Packed with useful features

CipherMail email encryption gateway supports all major encryption standards: S/MIME, PGP, PDF encrypted email, and TLS.

Open source design

The open source CipherMail Core modules are shared between the community edition and the commercial edition. The source code can be downloaded from GitLab.com.

More info on GitLab.comremote link

Hardware Security Module

For additional security, private keys can be securely generated and stored on a tamper-proof Hardware Security Module (HSM).

More info

Data Leak Prevention

The built-in data leak prevention module can be configured to filter credit card numbers, bank account numbers, excessive amounts of email addresses, or other personal information from emails.

More info

Easy setup

The Gateway can be installed as a virtual appliance for VMware or Hyper-V. Installation packages are available for Ubuntu, Debian, Red Hat/CentOS, and OpenSUSE.

More info

Certificate Request Handlers

CipherMail Gateway includes a flexible, pluggable system for managing certificate requests. The following handlers are available: Local CA, CMP, CSR, CEMA, GlobalSign EPKI, and SiwssSign

More info

Domain-to-domain encryption

The gateway supports S/MIME and PGP domain-to-domain encryption, making encryption with your business partners completely transparent.

More info