This page is out of date, please use our new website https://surgemail.com
The BankVault encryption mechanism in SurgeMail allows the administrator to setup some rules for encrypting messages. If a message matches the defined rules then the message will be encrypted and the user is sent an encrypted version of the message or a link to the encrytped message. The destination user will be prompted to set a password if this is the first email they have received, then they are shown the decrypted message.
To send an encrypted message you must be sending via a SurgeMail server, you can be receiving the message on any server and the encryption will work! You can then 'reply' to the encrypted message securely from any server, but you cannot 'initiate' a new email to someone else securely if your server does not have a feature like this.
If the message has an attachment open it in your web browser, and then when it prompts for a password and watermark give it both. If you have already set a password in the past then you must use the same one. If your browser fails to decrypt the message click on the 'view online' link to decrypt the message via the 'sending' server.
Very but with some restrictions, it's important that you understand what it does and doesn't protect you from.
In brief, it assures the 'sender' that the message is not intercepted AFTER it leaves the senders mail server. And it also assures the sender that 'only' the recipient can read the message. And it creates a log entry to show that the recipient 'did' read the message.
Here's a more detailed description of that:
AES 256 CBC mode with MD5 hash.