Encryption Methods

You can choose from several encryption methods.

The following encryption methods are available:

  • TLS: TLS (Transport Layer Security) encrypts emails between the outgoing server and the incoming server. This encryption method is always activated.
  • EmiG: EmiG (E-Mail made in Germany) is a form of TLS encryption with requirements for the TÜV-certified communication partners, their server security and the certificates used for encryption. EmiG corresponds to a particularly secure TLS encryption in a closed network of certified email providers with increased security guidelines. To use EmiG, you do not need to change any additional settings in the Control Panel.
  • S/MIME: S/MIME (Secure / Multipurpose Internet Mail Extensions) is a standard for encrypting and signing MIME emails, using a hybrid encryption procedure. The certificate authority (CA) assures the validity of the email address and sender’s name.
  • PGP: PGP (Pretty Good Privacy) is an asymmetric encryption standard using public and private keys. The sender encrypts the email with the recipient’s public key. The recipient can decrypt the received email with his private key.
  • Websafe: The Websafe allows you to send encrypted emails to recipients who do not support any other encryption methods. The email is not delivered directly to the recipient, but is forwarded to the Websafe where it is stored for the recipient. The recipient can log into the Websafe with their personal credentials and unlock the Websafe with a PIN that is given to him by the sender. For more information, see Websafe.
  • DANE: DANE (DNS-based Authentication of Named Entities) offers enhanced security for TLS encryption. DANE checks the authenticity of the server by comparing the certificate of the server with the TLSA entry from the DNS zone of the contacted domain. The authenticity check of the server is therefore not only reliant on the trustworthiness of a certificate authority. DANE is not yet supported but is currently in preparation for rollout. Contact support to ensure a quick configuration in the future.

Based on the the encryption methods TLS, S/MIME, PGP and Websafe, you can define rules for encrypting incoming and outgoing emails of your domain (see Adding a Rule).

EmiG is automatically applied if you have activated the encryption method and the communication partner supports the encryption method.