Secure Communication

Encrypted connections

Secure Access From Web or Mobile

Encrypted connections are supported throughout all of Kopano’s components through SSL. Access from web or mobile can be secured by using HTTPS connections to WebApp, CalDAV/CardDAV and Z-Push.

The gateway component of Kopano Groupware Core has support for secure IMAP(S) connections natively built in. When a certificate is obtained through a trusted authority the services will also be recognized as secure by the user’s software.

Kopano secure communication - encrypted storage

Encrypted storage

Storing email securely with Kopano

Kopano works together with standard services to store user data. Attachments are stored on a disk, local or on a network.

Other data, such as email messages and calendar items are stored in a database. Many of these components have support for encrypted storage. Make use of the configuration options available in your storage solutions.

Message exchange

Exchange Email Privately with S/MIME

When it comes to exchanging email in a secure way, end-to-end encryption is the way to go. It prevents unauthorized access when the email is being sent or when it is stored on the server. Support for different standards in email encryption is dependent on the client that is used.

Kopano WebApp has support for end-to-end encryption through the S/MIME plugin. S/MIME uses a public-key based cryptography to do its jobs: encryption to ensure full privacy, or digital signing to ensure authenticity. More on Kopano S/MIME can be found in the blog.

Read S/MIME blog

Transport layer security

Secure Communication Between Kopano and Other Mail Systems

For the communication between Kopano and other mail systems the administration can configure TLS (transport layer security) in the MTA. Postfix supports TLS by default and other MTAs usually offer similar functionality. TLS prevents the message exchange taking place in clear text which is similar to how https connections in the browser work. Using TLS prevents eavesdropping on general e-mail traffic and deals only with email traffic, not storage.