We believe email is great. So let us tell you more about our technology and how we build the product. If you’re in tech, please bear with us. This may go slow, but we want everybody to understand.
You just need a phone number to sign up at Soverin. That’s all we need to know. It’s only used to reset your password. We will continue to make an effort to store as little personal data about you as possible.
- Technical infrastructure is fully owned by Soverin
- Servers are located in a secured datacentre in Germany
- The racks that hold our servers are private and locked
- Built on open-source software
- Backup data is encrypted with mailbox specific keys
- Mailbox data is encrypted at rest
In digital communication there is always a sending and a receiving side. This goes for email as well. Our product has been built on open source technology. This has many benefits, but most of all, there is a large community of enthusiasts improving the technology every day. This is because anybody with technical skills can improve the source code. We use the following tools to provide you with a great e-mail service that is based on secure industry standards.
Soverin uses something called IMAP. This is a protocol that has been used for many years and is very reliable. A communication protocol is a set of rules that allow two or more entities (computers) to communicate with each other. In other words, it enables you to send information in a way that both sender and receiver can understand.
For sending email, we use a protocol called SMTP. To secure the connection between your computer and our servers we use a cryptographic protocol called TLS. This is used to encrypt your messages and data flowing between the computers over the network. It allows for message confidentiality, message authentication codes for message integrity and message authentication.
Our infrastructure is built with tools such as Postfix as a mail transfer agent (MTA) that routes and delivers electronic mail, Dovecot as a IMAP server written primarily with security in mind and RoundCube as a basis for our webmail interface on mail.soverin.net. This enables you to use your Soverin email anywhere in a web-browser. We also made step-by-step guides to setup email apps on your phone, tablet or computer .
We believe in choice. So we don’t encrypt inboxes by default, but we encourage you to do so yourself. If you feel the need to. To be really sure your data cannot be accessed, we advise you to encrypt your e-mails by using
PGP. But please be aware. You and only you hold the key to decrypt the messages you send. If something goes wrong, not even our technical staff can help you out. It’s that good. So don’t lose the private key.
To set up encryption, you can use these tools: For the Apple Mail client on Mac OSX – GPGSuite, for the Mozilla Thunderbird client on Mac or Windows – Enigmail. The international organisation Electronic Frontier Foundation EFF) and the Dutch organisation Bits of Freedom (BOF) both have good tutorials about how to use these tools for all systems and devices. Again please read them well and take care.
We own and control our entire server infrastructure down to the hardware. This is a deliberate choice to be sure we can give you complete control over your data. We select our hardware for the best performance but we also take on energy usage into account. This may cost more, but sustainability is important to us.
The servers we use are rented by Soverin and are operated in a secured datacentre of a German based in Germany. The servers themselves are protected by layers of security and only the necessary services like IMAP and SMTP are internet facing. Servers that don’t need to be accessible from the public internet don’t have a direct connection with the internet. We enforce encrypted connections between the client and server and (where possible) between servers who want to deliver mail to your inbox. The servers are protected by a firewall and are attached to a redundant internet connection. They also have redundant power supplies and we use a raid set-up to protect against data loss.
Mail is being stored on multiple servers to protect against data loss. The data is also being compressed. When it’s being backed up the mail is encrypted (see below). So the ‘operational data’ running your daily email is encrypted at rest, it becomes encrypted again when it enters the backup. Compressing the data makes it even harder to access. All e-mail companies that provide enterprise level security for businesses are using the same standards, protocols and procedures for their operation. We now make them available to you as a regular consumer.
Every night we create a backup of the data on the servers. These backups are encrypted. The backup of the e-mail is encrypted per user, every mailbox has its own unique key. Whenever a mailbox is deleted we also delete this key. In this way there is no way to access the backup anymore. If it’s gone, we mean it’s gone.
Soverin is in the business of private communication between people and a great email service is our first step. There are plenty other forms of communication that could benefit from a fresh perspective. Think big, start small. If you have any further questions, please contact us via firstname.lastname@example.org.