Browse by Topic: Security & Reliability
Is my incoming email secure when I am logged out?
Last modified on 20 February 2020 03:23 PM

StartMail stores all email messages securely on our mail servers in each user's vault. When you are logged out, your user vault is closed and it is not technically feasible to put anything in or take anything out.

When new mail is received for a closed user vault, StartMail manages the incoming email with the same level of security as when it's open.  Here's how we do it:

Behind the scenes, StartMail generates a secondary PGP key pair for each user, with the purpose of encyrpting mail received in plain text (or unencrypted) when the user's vault is closed.  The public key from this secondary key pair is stored outside the vault. When unencrypted mail arrives to a closed vault, it is encrypted using this secondary public key and stored until the user vault is opened upon user login.

The private key is always kept in the vault. When a user logs in, the user's vault opens and the secondary private key is used to decrypt the stored email, which is then moved to the user's inbox.  When the user logs out, the user vault is closed and the entire inbox is encrypted once again.

In contrast, when encrypted email is sent to a closed user vault, the secondary PGP key is not required to secure this mail because it is already secured with the user's primary PGP key.  (Please note: the secondary PGP key cannot decrypt mail encrypted with the primary PGP key.)  Encrypted mail is moved into the user's inbox when the user vault is opened and can only be decrypted by the user when the PGP passphrase is correctly entered to decrypt the message.

If you would like more information on the your StartMail user vault, consult the following articles:

Personal Data Stored in User Vault

Time Delay After Deletion of Email

(10 vote(s))
This article was helpful
This article was not helpful

Still haven't found the answer to your question? Click here to contact support.