The MyMail Secure Email Solution (cont'd)

Chapter 2: Applications

How MyMail^SM Improves Email Efficiency

MyMail^SM includes a mail handling module called NetSafe^SMSM (formerly “MailGuard”) which effectively eliminates spam through white, black and gray list support, custom filtering and image code challenge and verification (shown below).

MyMail^SM features allow users to quickly get the email messages they need and eliminate junk mail. NetSafe^SM allows each email recipient to control who they receive mail from by either adding the sender’s email address to a whitelist or by making senders authenticate themselves through a challenge-and-response protocol. The challenge-and-response protocol is configurable to automatically add a sender’s email address to the recipient’s whitelist if desired. When NetSafe^SM is enabled, the only email messages delivered to a recipient’s inbox are those sent by authenticated senders, i.e. those who have successfully authenticated themselves through the challenge-and-response protocol.

All other messages are held in a non-authenticated graylist storage space of each recipient’s mail box until one of the following events occurs:

1. the message sender authenticates himself
2. the intended mail recipient accepts or rejects the message
3. the message is deleted by the system after a period of aging (the system default is 15 days)
4. the user’s mail box space is full and deleting older un-authenticated messages would allow delivery of authenticated senders’ messages or
5. the sender fails to authenticate themselves through a challenge-and-respond protocol after several (system default is nine) attempts.

It is important to note, that although the sender may have failed to timely respond or incorrectly failed the challenge-and-response protocol, the sender is not “blacklisted” which is another NetSafe^SM feature. Blacklisting immediately terminates mail from an undesired source on a permanent basis. Because of the finality of blacklisting, the MyMail^SM requires recipients to manually add the email address they want blacklisted from their account, which prevents the loss of possibly valid email messages.

In addition to NetSafe^SM, MyMail^SM includes many other configurable options such as: vacation reply, mail forwarding, custom signature, mailbox status notifications and automated message filtering.

How MyMail^SM Reduces Email Privacy and Security Threats

Eliminates Eavesdropping:

Standard email solutions operate by letting personal, private and confidential information, and email identities (usernames and passwords, a.k.a. credentials) travel through the internet in plain text. MyMail^SM protects this information by using its patented and patent pending technologies and encrypts the plain text messages prior to their internet journey to a server running MyMail's SES.

Reduces Identity Theft:

MyMail uses a Secure Socket Protocol to ensure privacy across the internet by transforming email credentials (username and password) and email messages into a type gibberish, that only your computer and the MyMail Server understand, as they travel across the internet. MyMail then further encrypts and securely stores all email messages using security keys that only the legitimate credentials (held by the intended email recipient) can open. Standard email solutions do not provide the necessary security to secure credentials or store email messages, which makes it easy for hackers and snoopers to obtain credentials. With the credentials in hand, hackers and snoopers can read, download, delete and even send fraudulent email messages.

Inhibits Privacy Loss:

• Maintaining a minimal amount of information in plain text.
  Other than short-lived file logs (see #8 below) all information is securely encrypted and stored using security keys that only authorized credentials (username and password) can access.
  
  
• Masking internet protocol (IP) addresses in message headers.
  By doing so, the MyMail^SM protects personal private information such as, which city and state someone is located in, and preventing potential predators from discovering key personal information.
  
  
• Ensuring all email messages are encrypted for storage, and encrypted for transmission.
  Whether using MyMail^SM’s Webmail interface or an email client such as Microsoft Outlook to send and receive email messages, MyMail^SM protects privacy, and keeps email safe and secure.
  

Eliminates unauthorized message manipulation

MyMail^SM can be configured to eliminate administrative access to users’ passwords, which prevents unauthorized access to mail messages and mail boxes. Further, since all email messages are encrypted and securely stored using dynamic security keys no message manipulation is possible. Any modification or attempted modification of an encrypted email message would render it unreadable since that would result in a decrypted message of gibberish rather than the restoration of the original message contents. The email messages sent are the email messages received.

Reduces False Emails Appearing Real

It is very easy to construct email messages that appear have been sent by someone else. MyMail^SM employs several proprietary and published techniques – including Reverse DNS lookup, Finger and special credential validation – to identify and validate that an email message that is being sent from a particular email server and host name are legitimate and that the sender’s email address is correspondingly valid. Further, MyMail^SM ensures that all messages sent through its servers contain valid MyMail^SM header information.

Overcomes Lack of Evidentiary Standing

Because the MyMail^SM encrypts and securely stores each email message using unique security keys specific to each users credentials, no one else can forge or manipulate the contents of the email messages. This guarantees the accuracy of every email message, which is the basis for legal evidentiary standing to enforce and authenticate contracts, business communications, electronic commerce, and medical related communications.

Eliminates Need for Archiving

MyMail^SM is designed to use RAID 5 or RAID 6 disk arrays for redundant/fault tolerant email message storage, which eliminates the need for archiving the secure email message store. By default, MyMail^SM is configured to maintain a redundant/fault tolerant copy of the secure email storage on each secure email server, rather than archiving the data via some asynchronous mechanism. MyMail^SM does this for the following reasons:

Archived data is not synchronized with current data. As a result, email messages that are believed deleted could possibly reappear causing unexpected consequences; because MyMail^SM supports the use of POP3 Email programs (clients), such as Microsoft Outlook or Mozilla Thunderbird, each user can download their own email messages to their personal computer systems and manage their own email message archives.

Does Not Retain Traditional Log Files

Traditional log files are text files written in plain text, which are used to assist in diagnosing problems and spotting potential security breaches. However, they often contain various forms of information such as IP address, email address and other potentially private and confidential information. To prevent such log files from becoming security breaches themselves, MyMail^SM, by security policy, does not retain any log files for more than 72 hours. Even those particular files are kept securely with only the minimal amount information necessary to perform standard diagnostic functions.

Eliminates Inside Email Snooping and Theft

Most of today’s email solutions allow system administrators complete access to email accounts and credentials (username and password), which allows the possibility for them to read, edit and delete someone’s email messages without their knowledge. This access also allows system administrators to send email messages as though they were from someone else. MyMail^SM is designed to prevent system administrators from gaining access to email accounts by simply resetting and restoring passwords.

MyMail^SM provides a variety of configuration options including password management which for security reasons are only configurable at system installation time. Various password management scenarios include:

1. The ability to allow a system administrator to set or reset individual passwords as they please;
2. The ability to reset an account password based upon a universal reset password;
3. Disallowing a system administrator to set, reset or recover user account passwords.

Although options 1 and 2 provide detailed audit trails for password changes made by system administrators, option 3 provides the ultimate security by only allowing an account holder to change and modify passwords; thereby eliminating a system administrator’s ability to gain unauthorized access to email messages.

If at installation time the universal reset password is set and enabled, the system administrator is allowed to reset a user’s email account to the preset universal password. However, they would not be able to restore the user’s password back to its original password. This prevents a system administrator from accessing someone’s account without their knowledge. In addition MyMail tracks password reset and reactivation (with a new password) in a twofold manner. First by entering the password reset or reactivation dates and times into a secure table that each user can inspect, and second by sending email notifications to the email account holder and their secret designees notifying them of the dates and times the user’s email account was reset and reactivated. These password and account access control mechanisms thwart the threat of inside snooping, which has cost many businesses millions of dollars.