Djigzo Email Encryption Gateway

screenshots | release notes

Our flagship product is the Djigzo Email Encryption Gateway. This product can be integrated with your existing email infrastructure, or it can be used as a stand-alone email server. It is based on reliable and proven open source technology like Java, Tomcat, PostgreSQL, Postfix, Linux and Bouncy Castle.

Djigzo Email Encryption Gateway currently supports two encryption standards: S/MIME and PDF encrypted email. S/MIME provides authentication, message integrity and non-repudiation (using X.509 certificates) and protection against message interception. S/MIME uses public key encryption (PKI) for encryption and signing. PDF encryption can be used as a lightweight alternative to S/MIME encryption. PDF allows you to decrypt and read encrypted PDF documents. PDF documents can even contain attachments embedded within the encrypted PDF. The password for the PDF can be manually set per recipient or a password can be randomly generated and sent to the recipient via a SMS Text message.

Djigzo Email Encryption Gateway has a built-in CA which you can use to issue X.509 certificates for internal and external users. The external user can use the certificate with any S/MIME capable email client like Outlook, Outlook express, Lotus Notes, Thunderbird, Gmail etc.

Djigzo Email Encryption Gateway can be installed on a dedicated system or, the provided ready to run VMware Virtual Appliance can be used .

General features

• Virtually unlimited number of users and certificates.
• Sender notification after email encryption.
• Settings can set at global, domain or user level.
• Automatic backup to remote share at set intervals.
• Web based interface.
• Separate back-(encryption engine) and front-end (SOAP API).
• Tightly integrates with Postfix (MTA).
• Java, Spring based. Services can be easily replaced and/or extended.
• Can be installed stand-alone or as a Virtual appliance.
• AGPLv3 licensed (commercial licensing available).
• Packages available for Ubuntu, Debian, RedHat/Centos.
• TAR distribution available for other systems that support Java and Postfix.

S/MIME features

• S/MIME 3.1 (X.509, RFC 3280).
• Built-in CA which can be used to issue certificate for internal and external users.
• Automatic and manual certificate selection.
• Domain certificates (encryption to certain domains with just one certificate).
• Certificates are automatically extracted from incoming email.
• Support for multiple certificates per sender/recipient.
• Incoming email is automatically decrypted.
• Immune against 'corruption' by non S/MIME aware disclaimer services.
• Certificate revocation lists (CRLs) are automatically downloaded (LDAP and HTTP).
• Certificate trust lists (CTLs) can be used to black or white-list certificates.
• Compatible with existing S/MIME implementations (Outlook, Lotus Notes, Thunderbird etc.).
• S/MIME support for Blackberry BIS users with optional Blackberry add-on.
• Can interface with external CA servers.
• Can automatically provide Comodo email encryption certificates by interfacing with Comodo's managed PKI portal (EPKI).
• Optional support for Hardware Security Modules (HSM)1.

PDF email encryption features

• Email is automatically converted to an encrypted PDF (including all attachments).
• PDF is encrypted with AES-128.
• PDF passwords can be automatically generated per user and sent by SMS.
• The recipient can reply with the built-in secure portal.

1. Please contact us.