How do we score?
SSL Labs: A+
We score the max A+ rating
European Union email assessment: 5.0 out of 5
We score full points in the MESCA email test
Internet.nl Email test 100%
How do we protect your privacy?
We use encrypted connections *always*
We never send email over unencrypted connections (between you and us, and not between us and mailservers of people you email, especially this last part is important)
We remove unnecessary private info from your emails
We remove your personal ip address from the headers of your email, nobody needs to know your location when you send an email
We don't read/process your email
We get paid by you, not by advertisers, so we do not read your email for any purpose (except automated spam prevention). As privacy is a core principle of Soverin we will never use advertising as a source of income and we will never sell Soverin to a company that does.
Hosted in Europe on encrypted discs
We host everything in Europe with secured infrastructure and disc-encryption in case our hardware is ever confiscated. We select our hosting providers based on our privacy requirements
Deleting actually means deleting
When you delete an email, folder or entire mailbox (also from the trashcan) it is really gone, we do not keep your deleted email
Backups encrypted with customer key
Your mail is backed-up every night, encrypted with an individual key. If you leave us we will remove the key which makes the backup useless.
We use a European certificate provider
We have chosen GlobalSign as our certificate provider. GlobalSign is based in Europe with a very good track record. A green/verified certificate on our website, dashboard and webmail gives you a way to verify which company is behind Soverin (Soverin B.V.). We are working on migrating atleast part of our infrastructure towards LetsEncrypt.
Our domains are secured by DNSSEC
We have chosen a provider for our and our customer domains which provides Domain Name System Security Extensions (DNSSEC) support. This means all domains maintained by Soverin are secured and DNS Spoofing becomes a great deal more difficult.
we publish CAA and TSLA records
We use DNS-based Authentication of Named Entities (TLSA) and DNS Certification Authority Authorization to tell mailservers and browsers about our certificates. This allows browsers and mailservers to verify they are talking to Soverin by verifying the fingerprints of our certificates and the provider of our certificates.
We send HSTS headers for all our websites
HTTP Strict Transport Security (HSTS) means we send headers to your browser telling it to always communicate securely with Soverin. If your connection is hijacked and some other site pretends to be Soverin this will fail because your browser will force https. We use this for all our websites including webmail
We support DKIM for our own and customer domains
DomainKeys Identified Mail (DKIM) signs your emails telling the receiver that your email was actually sent by a system you trust and that it was not modified in anyway during transport.
We use SPF & DMARC
Domain-based Message Authentication, Reporting and Conformance (DMARC) and Sender Policy Framework (SPF) are used to tell other mail servers who is allowed to send email for our and our customer domains. It also instructs other email servers what to do with email they receive from other (unauthorized) systems.
How many email addresses?
Your main chosen email address
You chose an email address when you join, this address is yours and you can use it to send and receive email.
Unlimited virtual email addresses by using the plus-notation
If your email is email@example.com we also accept email on firstname.lastname@example.org. Or any other word behind the plus, messages sent to these addresses are delivered to your normal mailbox.
Unlimited virtual email addresses by using the domain-notation
If your email is email@example.com we also accept email on firstname.lastname@example.org. Note the lisa. behind the @. Anything thats before the @ will be delivered to your normal mailbox. This works even for aliasses so if you have an alias email@example.com anything sent to firstname.lastname@example.org will also be delivered to your email box.
A private alias
Most email addresses have some part that relate to your name, on your own domain this is even more the case. However sometimes you just dont want to share this information. Thats why you get a free randomly generated alias for your mailbox on our @sinenomine.email domain that can not be tracked back to your real email address. It does however deliver emails sent to it in your mailbox.
Unlimited aliasses on your own domain
If you have (or buy with us) your own domain, you can add as many aliasses as you'd like, free of charge. You can also buy extra mailboxes for 6 euro per year each. A mailbox is a place that stores email with its own login, an alias is simply a different name for an existing mailbox.