Djigzo Open Source Email Encryption - Email Encryption Gateway

DJIGZO Email Encryption Gateway

Our flagship product is the DJIGZO Email Encryption Gateway. This product can be integrated with your existing email infrastructure, or it can be used as a stand-alone email server.

DJIGZO Email Encryption Gateway currently supports two encryption standards: S/MIME and PDF encrypted email. S/MIME provides authentication, message integrity and non-repudiation (using X.509 certificates) and protection against message interception. S/MIME uses public key encryption (PKI) for encryption and signing. PDF encryption can be used as a lightweight alternative to S/MIME encryption. PDF allows you to decrypt and read encrypted PDF documents. PDF documents can even contain attachments embedded within the encrypted PDF. The password for the PDF can be manually set per recipient or a password can be randomly generated. The generated password can then be automatically delivered to the recipient via an SMS Text message or, the password can be sent back to the sender of the message.

DJIGZO Email Encryption Gateway has a built-in CA which can be used to issue X.509 certificates for internal and external users. The external users can use the certificates with any S/MIME capable email client like Outlook, Outlook express, Lotus Notes, Thunderbird, Gmail etc.

The built-in Data Leak Prevention (DLP) module can be used to prevent certain information to leave the organization via email.

DJIGZO can be installed on most Linux and Unix based systems. Installation packages are available for Ubuntu, Debian, Red Hat and CentOS. A ready to run virtual appliance for VMware and Hyper-V is available.

General features

Web based interface.
Supports virtually unlimited number of users and certificates.
Sender notification after email encryption.
Settings can be specified at gateway, domain and user level.
Automatic backup to remote share at set intervals.
Separate back-(encryption engine) and front-end (SOAP API).
Java, Spring based. Services can be easily replaced and/or extended.
Ready to run Virtual Appliance for VMware and Hyper-V available.
Installation packages for Ubuntu, Debian, RedHat/CentOS.
TAR distribution for other systems that support Java and Postfix.
AGPLv3 licensed (closed source licensing available on request).

S/MIME features

S/MIME 3.1 (X.509, RFC 3280).
Built-in CA which can be used to issue certificates for internal and external users.
Automatic and manual certificate selection.
Domain certificates (encryption to certain domains with just one certificate).
Certificates are automatically extracted from incoming email.
Support for multiple certificates per sender/recipient.
Incoming email is automatically decrypted.
Immune against 'corruption' by non S/MIME aware disclaimer services.
Certificate revocation lists (CRLs) are automatically downloaded (LDAP and HTTP).
Certificate trust lists (CTLs) can be used to black or white-list certificates.
Compatible with existing S/MIME implementations (Outlook, Lotus Notes, Thunderbird etc.).
S/MIME support for Blackberry BIS users with optional Blackberry add-on.
Can interface with external CA servers.
Can automatically provide Comodo email encryption certificates by interfacing with Comodo's managed PKI portal (EPKI).
Optional support for Hardware Security Modules (HSM)1.

PDF email encryption features

Email is automatically converted to an encrypted PDF (including all attachments).
PDF is encrypted with AES-128.
PDF passwords can be automatically generated per user and sent by SMS.
The recipient can reply with the built-in secure portal.

DLP features

Outgoing email can be scanned on keywords and regular expressions.
Keywords and regular expressions can be specified at gateway, domain and user level.
Messages can be blocked or quarantined when a rule is violated.
Email encryption can be forced when a rule matches.
DLP managers will be notified when a rule is violated.
DLP managers can release quarantined email.
If allowed, users can manage their own quarantined email.
Email bodies, attachments and nested attachments of type text, html, xml and other text-based formats are supported (support for pdf, doc, xls, zip etc. will be added to future versions of DJIGZO).

Please contact us.