Show the world you mean business
A Professional E-mail only service, designed for those who do not need a website, but are marketing and promoting their business.
Keep your inbox safe against viruses, spam and fraud, plus your e-mail is advertising-free!
At Evolving Media, our service provides you with:
- Your very own Domain Name (@yourcompany), register a (.com, .info, .biz, .net), when you purchase your plan for $14.99 per year. A .ca domain name can be purchased for $24.99 per year.
- Promote your brand and not someone else’s; (.bellnet, .google.com, yahoo.ca, outlook.com), see our point!
- Webmail portal to access your email from any smart device,
- Add up to ten email addresses (example@yourcompany),
- No third-party advertising,
- Free basic Domain level SSL Security Certificate,
- Access to cPanel to manage your service,
- Access to our Client Care Portal to manage your account
Our professional e-mail only service includes a simple splash page or address card to provide your company name, address and contact information to help promote your business. A feature not available on other e-mail only services.
For an Investment of $60 per year or $6 per month.
*Your domain name renews every year for the duration of the service, currently $14.99 for a .com and $24.99 for a .ca. The service includes WHOIS privacy to protect your personal information. Prices subject to change without notice. **Other domains are available. You can select to add another domain, look for a .info, .biz for example, or contact us directly. An Invoice is issued 30 days before the service expires. Contact us if your business address is different from your registration address for your public page, similar to a web page.
Encrypting Emails vs. Encrypting Mail Servers
– What’s the Difference?
The most straightforward answer is no. Let us explain.
When you host your site or your email service with EvolvingMedia.com, we provide a free Basic Level Domain Name SSL Certificate to safeguard your hosting account and your website. This security protects your email and sFTP access too.
If you do not want a certificate on the mail server:
- There is no way of guaranteeing that you’re connecting to the correct mail server.
- Any emails sent between your browser or email client and the server are not encrypted,
- Your email is sent as plain text,
- Your email can be read by anyone who gains access to the server,
- Your email can be intercepted with a man-in-the-middle (MITM) attack,
However, while an SSL Certificate will protect your emails in transit to and from your server, it does nothing to protect your emails as they pass through other servers, which may not have SSL. Additionally, securing your mail server doesn’t protect the emails at rest. For example, a hack where attackers gain access to email systems, like the famously large one at Sony in late 2014, would not be prevented by a server certificate.
For starters, I’m talking about S/MIME (Secure/Multipurpose Internet Mail Extensions) encryption here, though I’ll cover some other options in a future post. Similar to the server encryption discussed above, S/MIME is based on a public key, or asymmetric, cryptography and uses pairs of keys to encrypt and decrypt content (unlike symmetric cryptography which uses the same key for both). The key pair consists of a public key, which is meant to be shared and is used to encrypt and a private key, which is kept secret and used to decrypt.
The cryptography technology underlying S/MIME means that only the intended recipient of your email can read it. How? Well, it comes back to that key pair – your public key is used to encrypt the email, and ONLY the corresponding private key can decrypt it. Assuming your private key isn’t compromised, you are the only one who can decrypt and read the email.
If you decide to use S/MIME when sending email, hackers wouldn’t be able to read your emails even if they got access to your corporate email systems because they wouldn’t have your private key to decrypt them. Or if you didn’t have a certificate on your mail server, your emails were intercepted in transit; they’d still be safe. The same applies for any other unprotected servers they may pass through – because you’re encrypting the emails themselves, they’d stay safe from prying eyes.
In addition to encryption, S/MIME enables you to add digital signatures to your emails, thus protecting your emails from falling into the wrong hands. Plus it will prove that your email came from you (i.e. is not a spoof or phishing email) – the digital signature is applied with your private key and verified with your public key, which is unique to you. Your identifying information is included in the signature, which most email clients display prominently.
Prevent changes to your email after being sent – when a digital signature is verified (in this case, when a recipient opens your email), a process takes place behind the scenes that compare the email contents at that moment to when the signature was applied. If the content doesn’t match, an error will display, so your recipient knows something is wrong and not to trust the contents of the email.
At Evolving Media, we think most would agree that SSL on your mail server is a best practice – why leave yourself vulnerable to MITM when there’s an easy solution – but if you’re really concerned about your emails being intercepted, both at rest and as they bounce around the wild Internet, you should consider encrypting them as well.
What do you think?