The SurgeVault encryption
mechanism in SurgeMail allows the administrator to setup
some rules for encrypting messages. If a message matches
the defined rules then the message will be encrypted and
the user is sent an encrypted version of the message or
a link to the encrytped message. The destination user
will be prompted to set a password if this is the first
email they have received, then they are shown the
To send an encrypted message
you must be sending via a SurgeMail server, you can be
receiving the message on any server and the encryption
will work! You can then 'reply' to the encrypted message
securely from any server, but you cannot 'initiate' a
new email to someone else securely if your server does
not have a feature like this.
I just got a message, how do I
If the message has an
attachment open it in your web browser, and then when it
prompts for a password and watermark give it both. If
you have already set a password in the past then you
must use the same one. If your browser fails to decrypt
the message click on the 'view online' link to decrypt
the message via the 'sending' server.
How secure is it?
Very but with some
restrictions, it's important that you understand what it
does and doesn't protect you from.
In brief, it assures the
'sender' that the message is not intercepted AFTER it
leaves the senders mail server. And it also assures the
sender that 'only' the recipient can read the message.
And it creates a log entry to show that the recipient
'did' read the message.
Here's a more detailed
description of that: