Ciphermail email digital certificate

Set up your own encryption email server with Ciphermail

Ciphermail (formerly DJIGZO) is an open source email gateway to encrypt and decrypt email messages, it works with S/MIME X.509 digital certificates or PDF documents encrypted with AES128-bit, the software can be installed in most Unix servers there are packages for Debian, Ubuntu, Red Hat, CentOS and virtual images for VMWare and Hyper-V (Windows). Ciphermail will work like a normal SMTP server with the main difference being that all messages sent inside the network or to the Internet will be first encrypted and digitally signed.

PDF encryption was added so that the receiving part will not need to have your public decryption key to read email, any computer with a PDF reader can be used to decrypt a password protected PDF document, if you choose this option the software will convert your email message into a PDF document before sending it, the document will contain a reply link that takes the receiver to an online page on Ciphermail server where he can securely get back to you without having encryption installed on their end. There are various ways to encrypt a PDF document, with a predefined password that you have previously transmitted to the the receiver via a secure channel, e.g. verbally, with a random password that is sent via SMS to the receiver’s mobile phone or using a One Time Password algorithm that can be transmitted with an invite mechanism where the recipient has to log onto CipherMail server to read the message, that password will be unique for every single email.

DJIGZO email digitial certificates
Ciphermail email digital certificates

PDF email encryption is not as secure as public key encryption because the password could be compromised somehow but if the people you communicate with do not want or do not know how to use encryption, PDF is the best way to get around that, it would not be different from manually storing a message inside a password protected .rar file with the advantage that Ciphermail does all the encryption process in the server, there are not known vulnerabilities against an encrypted PDF file other than brute force attacks that can be thwarted choosing a long alphanumeric passphrase.

You can configure settings via a webadmin portal, specifying message attachment limit, mailbox size, SMTP helo name (hostname), a few mail transfer agent settings for Postfix, user permissions, digital certificate expiration date and much more, encrypted messages can be sent to a virus scanner for extra security. There is also a Ciphermail Android version compatible with any S/MIME clients like Outlook and Thunderbird, it encrypts HTML email and attachments using a public digital certificate downloadable from any LDAP server, the app has a step by step configuration wizard that guides you setting up an account and importing the encryption keys or generate your own self-signed digital certificate, there is another Ciphermail version for Blackberry.

You can download a very detailed help manual with screenshots guiding you setting up Ciphermail but it still requires advanced Unix knowledge to administer the server, this is a cheap way to secure all of your network emails with open source and minimum work after the initial set up has taken place.

Visit Ciphermail homepage

Leave a Reply

Your email address will not be published. Required fields are marked *