Corporate Integration

Secure Messaging is designed to work integrated in the usual email clients as Outlook, Lotus etc.  Thus, users are able to mail out of the normal mail environment securely and confidential. Depending on the situation and size of the organization or company several integration options are available. Like ‘normal’ emails "Secure Messages" appear in the normal inbox and can be managed and edited as usual.

For regular use of secure messaging for corporates or administrations, server-side integration is recommended. There must be a mail architecture that covers the protection of the messages within the corporate network. The mail flows within the company will not change.

For small organizations or individual workstations, it makes sense to implementthe integration in the mail client.
see "Send and receive from your mail program (e.g. Outlook)

Depending on the email infrastructure a policy-based routing is recommended on the mail server, or if available, on a mail gateway system (such as BorderWare, IronPort, Sophos, postfix, ...).

PrivaSphere™: Domain-Integration with PrivaSphere™ Signature Service- & Policy Service

PrivaSphere offers as an alternative to the control mechanism on the client infrastructure side the PrivaSphere Signature and Policy Management & Routing Service.

The users differ from senders of spam and phishing e-mails by the digital signature on every email. PrivaSphere Signature Service signs each mail with an individual or company certificate. Recipients are able to see if the content has been changed and will be sure about the origin of the mail.


  • Direct domain integration using SMTP (with TLS)  or certificate based authentication
  • Automatic differentiation between 'normal', a ‘signed’ or ‘confidential’ email
  • Comfortable control by PrivaSphere Secure Messaging Outlook AddIn
  • Centralized signature service with individual or company signatures
  • Integrity check: Changes of the email content is clearly visible
  • Proof of origin of your emails
  • Increased evidential value in court
  • No investment in hardware, no license fees, no upgrade fees, no maintenance required
  • Can be activated for individual senders, eg Accounting, Management
  • Individual advanced certificate per domain or sender



No change of the existing infrastructure (preserve mail server and e-mail software, etc., minimal configuration change)


The main features at a glance

  • Differentiation of business mail against spam and phishing e-mails
  • Can be configured for electronically signed shipping of offers or invoices
  • Preserving the integrity of sent e-mails (signature becomes invalid as soon as the content of the message is changed)

With the Policy Manager the outgoing flow of information at the domain level can be controlled automatically in detail (per recipient or recipient domain and per sender or sender domain) - for example:

  • Mandatory confidentiality for individual receivers / domains through secure messaging (confidentiality)
  • Mandatory confidentiality for individual sender via secure messaging (confidentiality)
  • Mandatory identification of recipients using MUC for individual recipient / domains (increased misrouting protection)
  • Permanent relationship confidentiality
  • Content-based routing of messages (rejection / confidentiality / registered / etc.)
  • Advanced routing features related to secure messaging and the Outlook AddIn.



Convenient control with the Outlook AddIn

Several third-party developers have built an AddIn for mail clients to enhance the comfort of PrivaSphere services. For a small onetime fee you can download and use of PrivaSphere AddIn. Details can be found here.

With the domain integration more customizations for your secure email presence are available.

Please contact PrivaSphere:


see also:

With PrivaSphere™ Secure Messaging, applications can connect directly for sending and receiving secure messages.
On the basis of SOAP, PrivaSphere™ provides a web service interface as used e.g. by several court workflow solutions.
For simpler form letters and other needs a https form post interface is implemented, for example to be operated with perl scripts without actual application programming.

For the application interface there is actually no support (exept with "Platinum"-support contract).
For more information, please contact us.


see also:

To transmit content in a secure way to a recipient, there are two possibilities:

Encrypted payload:

This has the advantage, that there is a lot less need for a central platform to be available at the time of reading than with the method of encrypted tunnel.

There are two ways to encrypt a payload:

Encrypted tunnel (e.g. pull):

With PrivaSphere Secure Messaging it is easily possible to administer groups and archive the entire eMail traffic within the group for e.g. regulatory purposes.

In this quick-reference guide you will learn how to set up a group of PrivaSphere users and how to add archival functions to your group.

The main advantages are:

Group functions:

  • Communicate securely with your project group or your office staff
  • Make the administration of trust relationship easier within your group
  • If the administrator of a group has a trusted relationship to a member of the group, all other group members automatically have a trusted relationship to the respective member (centralized trust management).

 Archival functions:

  • Meet regulatory requirements to archive your business relevant correspondence for e.g. ten years
  • Have evidence of all the eMail traffic within the group

 Principle of group trust management

Within the group, all members with a trusted relationship to the Group Administrator, are trusted among themselves.


If a new user joins the group, the Group Administrator initiates a trusted relationship with this member and invites him to join the group. This extends the trust relationship between the Group Administrator to all other group members.

Setup a PrivaSphere Group

To add members to your group all of them need to be registered as PrivaSphere users. It doesn’t matter what kind of account they have (business / subscription).

If you intend to add members to a group, send them a secure message via the PrivaSphere Secure Messaging System and authenticate them by sending a Message Unlock Code (MUC) out-of-band. After reading the first message, new users need to quick-register in order to become a system member and choose an own password.

Once you have a trusted relationship with all the group participants, you are ready to invite them into your group.

Open your PrivaSphere Secure Messaging account ( by logging in with your email address and password.

In the menu bar of your Inbox choose ‘My Contacts’ – ‘Groups’.

In the ‘My Contacts’ window click on ‘Create new Group’.


Open a new group: type in the group name in the field ‘Group name’ and press ‘Save’.

Invite all new group members by adding them with the email address. To inform the invited users, add an ‘Invitation Text’ which will be sent to the participant.

Now you will see your group in the list of administered groups.


To add members to your group, choose ‘edit’.


Enter the eMail address of a person you want to invite in the field ‘New member Email’ and write an invitation text in the field ‘Invitation Text’. Then press ‘Add new Member’. Now, the new member will receive an eMail with the request to join the group.


After the new member has accepted, you receive an eMail. You will see the status in the list of group members as ‘active’.

The pending registration of the new member can be seen in the group administration.



Your new member receives a notification message with the request to join the group. He needs to accept to be a member of the group.


After the new member has accepted, you receive an eMail. You will see the status in the list of group members as ‘active’.


To add more users to your group reiterate the same procedure.



Each user can leave a group at any time s/he pleases.

When doing so, the trust relations obtained due to the group membership persist.

The user can individually remove them by going to the contact tab and change/recall the status on a per counter-part basis.

Simple group archive function

If you have activated the group archive function, then all in- and outgoing eMails are sent to an archive eMail address.

For best and automated integration set up a valid archive eMail account within your organization, create a digital encryption certificate for this account and upload the public key into the profile of the archive account (in the PrivaSphere webmail). (For further details see the online help on

An encrypted blind carbon copy (bcc:) of all eMails sent or received by your group members will then be forwarded to the archive account.

Alternatively, you may set up your archive account to receive the eMails via secure POP3 into your archive mail box.


Add a new PrivaSphere account with the archive eMail address (e.g., see online help on


To use this account, just add the archive eMail address in the field ‘New archive Email’.

All group members will be polled for acceptance prior to be included into the archive.

Usage Hints:

For the group administrator role, use an eMail address that is not used for other purposes. E.g. in your plaintext eMail System (e.g. MS-Exchange) create an alias address “”.

  • This way, the group will not be affected by group-admin’s other secure messaging activities unrelated to the group-admin purpose
  • A long, very strong platform password for this group can be put into your bank-safe (no “forgot-password” possible!)
  • The group admin function is not tied to an individual, it can be passed on without major migration activities once a person no longer is in that function

See also:

If the recipient domain either does not specify the allowed size for receiving e-mails or your e-mail is larger than the specified size of the recipient domain, you should reduce the mail size. Compress the attachments in a ZIP archive or split them into several mails.

see also: