How do we score?
SSL Labs: A+
We score the max A+ rating
European Union email assessment: 5.0 out of 5
We score full points in the MESCA email test
Internet.nl Email test 100%
We score the maximum in the internet.nl email test
How do we protect your privacy?
We use encrypted connections *always*
We never send email over unencrypted connections (between you and us, and not between us and mailservers of people you email, especially this last part is important)
We remove unnecessary private info from your emails
We remove your personal ip address from the headers of your email, nobody needs to know your location when you send an email
We don't read/process your email
We get paid by you, not by advertisers, so we do not read your email for any purpose (except automated spam prevention).
Hosted in Europe with encrypted discs
We host everything in Europe with secured infrastructure and disc-encryption in case our hardware is ever confiscated
Deleting actually means deleting
When you delete an email, folder or entire mailbox (also from the trashcan) it is really gone, we do not keep your deleted email
Backups encrypted with customer key
Your mail is backed-up every night, encrypted with an individual key. If you leave us we will remove the key which makes the backup useless.
We use a European certificate provider
We have chosen GlobalSign as our certificate provider. GlobalSign is based in Europe with a very good track record.
Our domains are secured by DNSSEC
We have chosen a provider for our and our customer domains which provides Domain Name System Security Extensions (DNSSEC) support. This means all domains maintained by Soverin are secured and DNS Spoofing becomes a great deal more difficult.
we publish CAA and TSLA records
We use DNS-based Authentication of Named Entities (TLSA) and DNS Certification Authority Authorization to tell mailservers and browsers about our certificates. This allows browsers and mailservers to verify they are talking to Soverin by verifying the fingerprints of our certificates and the provider of our certificates.
We send HSTS headers for all our websites
HTTP Strict Transport Security (HSTS) means we send headers to your browser telling it to always communicate securely with Soverin. If your connection is hijacked and some other site pretends to be Soverin this will fail because your browser will force https. We use this for all our websites including webmail
We support DKIM for our own and customer domains
DomainKeys Identified Mail (DKIM) signs your emails telling the receiver that your email was actually sent by a system you trust and that it was not modified in anyway during transport.
We use SPF & DMARC
Domain-based Message Authentication, Reporting and Conformance (DMARC) and Sender Policy Framework (SPF) are used to tell other mail servers who is allowed to send email for our and our customer domains. It also instructs other email servers what to do with email they receive from other (unauthorized) systems.