Hexamail Secure module provides a centralized automatic email security solution. It enables signing, verification, encryption, decryption using PKI X509 certificates and also Domain Keys Identified Mail (DKIM) functions on outbound email. PKI certificates are easily managed and multiple security policy rules can be setup to dictate which email is signed, encrypted, decrypted and verified. Email security failures can be quarantined for administrator inspection. DKIM is used to sign email from your domain so that the recipient knows that they have not been spoofed. Hexamail helps you manage your DKIM signing public/private key pairs and the required DNS entries for DKIM.

Anti Spoofing

Removes the ability of malicious parties to spoof email from your domain using Domain Keys Identified Mail (DKIM)

Better Delivery

DKIM ensures improved delivery rates of email to many domains such as Yahoo, Gmail, AOL

End-2-End Encryption

Email encryption with PKI (SMIME) allows for end to end email security on Blackberry, Android and iPhone devices and desktop email clients. This prevents email interception


All incoming email can automatically be verified ensuring your users can have peace of mind when receiving signed email

Simple to deploy

Enable the secure module, install any required email certificates and the deployment is complete!

Easy to use

Removes the complexity of encrypted and signed email from the users and allows the company to specify central security policies


PKI SMIME signing allows all your outbound email to be securely signed using PKI email signing certificates (X509)


PKI SMIME verification allows you to configure central policies for email signature verification for inbound email Automatically quarantine email that fails verification, as it may be spoofed.


PKI SMIME encryption allows you to encrypt outbound email using centrally managed policies and certificates


PKI SMIME decryption allows you to configure a single central policy to automatically decrypt inbound email

Domain Keys Identified Mail

DKIM signing allows Domain Keys Identified Mail signatures to be automatically added to all outbound email from your server. These signatures guarantee to the next server that the email has not been tampered with and when combined with Author Domain Signing Practices guarantees that the message originates from your email domains

Automatic Key Creation

Hexamail automatically creates the required crytopgraphic public/private key pairs required for DKIM signing. The private key is held securely on your server

DKIM Selector Management

DKIM allows for multiple different selectors (or key pairs) to be used for signing. Hexamail manages these and automatically signs email with the appropriate selector

DNS Entry Generation

The Secure module automatically generates the DNS entries required for the DKIM signature verification process, allowing recipient servers to verify your email signatures. Simply cut and paste the generated DKIM DNS entries into your DNS management interface as a TXT record

ADSP support

Author Domain Signing Practices ensure that only signed email from your domain be accepted by recipient servers, allowing them to reject spoofed or modified email