At Netzy Cloud we employ encryption to keep everyone's data safe while being transmitted to and from our servers. This is a two part process and it is important for our users to understand the concepts and how to employ them correctly. We use the Roundcube web client by default, but you can use an alternative web client if you prefer.
Step 1: Server Encryption
We use OpenPGP to encrypt your mailbox's data at rest. It is an open source encryption algorithm and nothing is required from the user to make this work. It happens automatically on the server.
Step 2: User Encryption
This part requires some configuration from the user as well as downloading the "Mailvelope" browser extension to make this work.
How It Works:
Browser Extension: Install "Mailvelope" from the Chrome Web Store, Firefox Add-ons, or Microsoft Edge Add-ons.
Integration with Roundcube: Once installed, Mailvelope detects Roundcube when you access your webmail. To enable it, you must authorize your Roundcube domain in the Mailvelope settings (via the Mailvelope icon in the browser toolbar).
Sending Encrypted Emails:
Compose a message in Roundcube.
Switch the editor to Plain text (encryption only works in plain text mode).
Click the Encrypt button in the Mailvelope toolbar.
Mailvelope opens a secure editor where you type your message and add encrypted attachments (use the Add file button inside the Mailvelope editor).
Enter your private key password to encrypt and send the message.
Receiving Encrypted Emails:
When you open an encrypted message in Roundcube, Mailvelope detects it and prompts you to enter your private key password.
After entering the password, the message is decrypted and displayed in clear text.
Key Points:
End-to-end encryption: Only you and the recipient (with the correct key) can read the message.
No server-side decryption: Roundcube does not see your message content; encryption happens entirely in your browser.
Key Management: You generate or import your own OpenPGP key pair. Mailvelope stores your private key locally on your device.
Supported Versions: Roundcube 1.2.0 and later include built-in support for Mailvelope (released May 2016).
Limitations:
1. Cannot encrypt message headers (sender, recipient, subject).
2. Cannot sign messages in all configurations (some older versions had issues).
3. Attachments must be added via Mailvelope’s interface, not Roundcube’s standard attachment area.
4. The receiver MUST also be registered and using Mailvelope to decrypt the message
Setup Summary:
- Install Mailvelope in your browser.
- Access Roundcube and click the Mailvelope icon → Authorize this domain.
- Generate or import your OpenPGP key pair in Mailvelope.
- Compose messages in Plain text, use the Encrypt button, and send
