Skip to main content
BusinessPrivate
LoginRegister now

Answers for companies

The Business Knowledge Base is already largely up to date. A few individual articles are currently being revised and adapted. We thank you for your understanding and look forward to providing you with up-to-date information on using mailbox.

Please note: The knowledge base has changed slightly. Categories have been adapted and URLs stored in the old knowledge base may no longer be valid.

Introduction to mailbox Guard

Wonderful News – the mailbox Guard

With our mailbox Guard, we have developed the first PGP implementation in a web client that combines security, convenience, and ease of use in a way that allows anyone to use it seamlessly and from anywhere. This ends the era when encryption failed for the masses due to complicated setup, cumbersome console commands, or a lack of support for webmail and Drive systems. The mailbox Guard is not a replacement, but a complement to OpenPGP: it is 100% compatible with OpenPGP and can extend existing end-to-end encryption in a local mail client.
The Guard is a front end within our web client.

The Occasion

Encrypted communication through plug-ins or add-ons such as Mailvelope typically fails with mail attachments, when using Drive storage, or in untrusted environments (for example, in internet cafés or while traveling). Furthermore, crypto experts have always doubted whether cryptography can be implemented securely in a JavaScript environment at all.

Our Solution

The mailbox Guard is a server-side PGP implementation. This means that encryption and decryption are performed on our servers. Every user (even without prior knowledge) can generate a key pair directly in the Guard. Technically experienced users can also upload their own keys to the Guard and use them alongside a local PGP installation. This way, you always have secure access to your encrypted communication, even on untrusted computers while on the move.

Your keys are managed in a secure environment on our servers, administered by professional IT specialists. The keys are protected by a password known only to you, which means they are inaccessible even to us. Only when a mailbox user has logged in can the private key (protected by password entry) be decrypted for use. Numerous additional safeguards prevent these PGP keys from being stored in plaintext in server memory, ensuring that neither we nor anyone else can access them on the server, even during an active user session.

Of course, one should still critically consider handing over the private key to external servers. We do not wish to conceal this and explicitly emphasize this problem. However, one might reasonably ask whether these (still password-protected) keys are not, in fact, much safer on our servers than, for example, on your smartphone.

Security experts such as M. Cardwell explicitly warn against using private (OpenPGP) keys on extremely insecure devices such as smartphones. The mailbox Guard offers you full access to your encrypted mail via browser without requiring a key stored on your phone.

Since encryption and decryption take place on the server, the mailbox Guard does not provide true end-to-end encryption. The Guard’s goal is to provide “adequate security” combined with convenient usability. This level of security is not sufficient for, for example, whistleblowers or users with extremely high security requirements!

In any case, the mailbox Guard is a service for those who wish to use it in everyday life. Users with higher requirements can and should continue to rely on their local PGP installations in their mail clients.

Encrypted Mail for People Without Prior Knowledge

Even if your communication partners are not mailbox customers and cannot provide PGP keys, the Guard enables secure communication: we create temporary mailboxes on one of our servers for external users. In these mailboxes, the recipient can read and reply to encrypted messages addressed to them. Our high standards for mail security and privacy protection result in a unique service: the temporary mailbox, secured by an encrypted connection between user and server using state-of-the-art technology, server-side encryption, and individual login credentials.

Summary

Advantages

  • mailbox Guard is 100% compatible with the established OpenPGP standard
  • Even people completely new to encryption need only a few clicks to activate it
  • Intuitive usability in the browser, also while traveling
  • Server-side PGP implementation, ensuring that PGP keys are never exposed to a potentially unsafe browser environment
  • Enables unrestricted reading and writing of PGP-encrypted mail on smartphones via browser
  • Temporary mailboxes for secure, worldwide communication with people without encryption knowledge
  • Business accounts in a group setup at mailbox can rely on a shared key management

Disadvantages

  • Encryption and decryption take place on the server, therefore no full end-to-end encryption
  • Storage of private PGP keys on external servers (as a fundamental concern)
  • mailbox Guard offers “adequate security”, but not “absolute security”
  • LinkedIn icon
  • Mastodon icon
  • Bluesky icon
  • RSS icon

Heinlein Gruppe