Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Security at Purelymail

            Created by Alice Joynson-Ellis, Modified on Wed, 22 Apr at 6:45 PM by Curtis Hammock

            Security at Purelymail: Protecting Your Data

            At Purelymail, our philosophy is simple: Your data belongs to you. We believe in total privacy and robust security, ensuring that no one, not even our team, can access your personal information without your permission.

            Below is an overview of the measures we take to keep your account and your emails safe.

            How We Protect Your Account

            • Encryption at Rest: All data stored on our permanent servers is encrypted. While data is briefly unencrypted in RAM or cache during active use, it is locked down the moment it hits the disk.

            • Password Protected Email: Your email content is encrypted using your own password. If you disable the password reset feature, even Purelymail staff cannot read your messages.

              Note: Partial content may be indexed for search functionality. If you prefer maximum privacy, you can disable search indexing in your user settings.

            • Encrypted Traffic (SSL and TLS): Connections between your devices and our servers, whether you use Webmail, the Purelymail Account Admin portal, or third party apps via IMAP, SMTP, or POP3, is secured with encryption. This prevents anyone from listening in on your network.

            • TLS Delivery Enforcement: We always try to use the highest possible encryption for sending or receiving mail. You can find a setting in your account to reject mail if it does not meet minimum encryption requirements. We recommend requiring at least TLS 1.2 for this. Please note that requiring TLS 1.3 may cause a significant amount of mail to be rejected since many servers do not support it yet.

            • Brute Force Protection: Our system automatically blocks IP addresses with too many failed login attempts. This helps prevent attackers from attempting to guess your password.

            • Secure Password Hashing: We never store passwords in plain text. We use separate, high security hashes for authentication and encryption, making them extremely difficult for hackers to crack.

            • Two Factor Authentication (2FA): We strongly support 2FA. By adding a rotating app code or a physical security key like a YubiKey, you ensure that even if someone steals your password, they still cannot access your account.

            Our Infrastructure and Privacy Standards

            • Physical Security via AWS: Our infrastructure is hosted on Amazon Web Services (AWS), utilizing their world class physical data center security.

            • Minimal Data Collection: We only ask for the information we absolutely need. We cannot lose what we do not have.

            • Secure Payments: All billing is handled by Stripe. Purelymail never sees or stores your credit card or bank details.

            • No Data Monetization: Because we are a paid service, you are the customer, not the product. We will never sell your data or display ads.

            • Best Practices: Our team maintains a minimal attack surface by blocking unnecessary ports, isolating resources, and applying security patches the moment they become available.

            Data Retention and Deletion

            • System Backups: We retain backups of deleted messages including undelivered ones for one month before they are permanently purged. These backups are strictly for recovering from a system wide mistake or accident on our part. We do not offer individual backups or recovery services if you choose to delete your own messages.

            • System Logs: We delete all system logs after one month. These logs are used by our support team for debugging and troubleshooting purposes.

            Future Security Goals

            We are constantly working to improve. Our roadmap includes:

            • OAuth Support: We plan to implement OAuth for more secure, token based authorization with third party applications.

            • Encrypted Webmail Settings: Moving contacts and settings behind your password based encryption.

            • Protocol Workarounds: Developing new ways to handle IMAP and SMTP limitations to reduce the time your password or data spends unencrypted in server memory.

            • S/MIME Support: Implementing optional digital signatures and encryption that allow you to encrypt mail entirely on your own device. You can learn more about S/MIME here.

            Reporting a Concern

            If you believe you have found a security vulnerability, we want to hear about it immediately. Please open a support ticket with [Security Concern] in the subject line or email us directly at support@purelymail.com.

            Legal Information

            For more details on how we handle your information and your responsibilities as a user, please review our Privacy Policy and Terms of Service.


            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0