Assure Data Privacy

“Every Email, Every Address, Every Time!”

EmailSentry™: Email Security Inside Outlook (Brochure)

EmailSentry guards your email privacy and complies with GDPR, HIPAA, PCI, CCPA. It protects against several common email threats. In addition, it solves two email efficiency killers: rework due to failed delivery and dis-joint communications.

Have Microsoft Outlook:


Unlike when a website has a security problem, email security problems can lie hidden for months. A simple "Man in the Middle" (MitM) attack on a website shows up as a problem on modern browsers: the little "lock" on the address bar is open or turns red. The same error in email does not show on either the sender or the receiver's screens. Unless you are using EmailSentry.

Many mailers do not validate certificates when encrypting (TLS) email. This means the email is encrypted, but could be intercepted or delivered to the wrong place. It does not help to safely deliver your information to an interloper. EmailSentry does check certificates.

Deal with emails that are going to be a problem before they are a problem. Know before you send an email that one or more recipients will not get the message. This prevents:

Try EmailSentry For Free
Sign up for a free 30 day Trial License to see how it works and if it is a fit for your organization.

Purchase EmailSentry

Volume pricing is as low as $1 per PC per year.
Enter your license information.
Send Us the CUSTCODE and CUSTPASS that you entered and we will create the license and supporting webpages for you.
EmailSentry has a money back guarantee if you are not satisfied with the product. Sign up for a Full License to begin using EmailSentry to protect all your email, or just to run a trial with multiple users.
Contact Us with any questions.


"From my point of view the solution is just brilliant. GDPR is horrible when it comes to convenience towards everyday work but now I have a solution my users barely see. I have scheduled a conference call with our legal department and when they agree this solution is GDPR-compliant I will definitely order more licenses."

"The new MSI installation is very much appreciated it really makes managing the Addin a lot easier for us. I already installed some and didn’t noticed any problems."

"Our primary usage for this addon is for our international team. Every now and then they have to send emails to international partner companies where personal information might be included. Due to GDPR it's necessary to ensure that this information is transport level encrypted. This add-in will save them a lot of time and effort for this purpose - as well as making our compliance officer happy."

What EmailSentry Does

When you click Send in Outlook, a small window pops up on top of Outlook that shows EmailSentry is working:

checking popup

As long as all of the addresses are secure, the popup disappears and the email is sent.

But, if one or more addresses are not secure, the popup stays visible, stopping the email from sending. It erases the good addresses shows just the insecure addresses:

failure popup

You choose what to do with this email, now that you know that one or more recipients is not secure.

Safe and Secure

EmailSentry protects your information and is very safe to install. It does not send email addresses, and it runs inside a Microsoft ClickOnce "sandbox" on your PC.

Puts A Person In Control

If there is a security problem, EmailSentry stops the email from going to anyone and it lets you decide what to do. You can make the email safe by removing the problem email recipients or removing the confidential information. Or you can choose to not send the message at all, or you can decide to take the risk and send the message anyway.

You make the decision what to do with email security problems immediately, while the email is fresh in your mind, not later when a bounce comes back.

No More Dis-Joint Emails

If you have ever replied-all to a group message, only to have a bounce or two come back, you know what this means. When you get a reply-all bounce, you realize that the original message also bounced, so some people never got the original message. The same is true for in-line encryption devices and services. They return a copy of the original email for each addressee that is not secure, and they do nothing to inform the rest of the group that someone(s) did not receive the email.

With EmailSentry there are no bounces. You remove the insecure address or remove the confidential information and eliminate the problem before it happens.

Nearly Transparent

The pop-up window is a constant reminder to your users to be aware of email security, but it doesn't get in the way. We can test most email servers in just a few seconds: 80% in less than 3 seconds and 90% in less than 4 seconds. Emails to multiple recipients test in parallel, so even large email lists still take just seconds.

Email Privacy Compliance

The Sender is Responsible for Encryption

When you send an email, you are responsible for making sure that email is secure as it goes over the Internet.

Email uses TLS encryption to make sure no one can read email on the Internet. Yet email is designed to "get the mail through" no matter what, so your email will switch to plain text if encryption fails for any reason. (You can check that your email will "get the mail through" at //email/testMandatoryFrom:.)

So no matter how good your email system is, the other side can cause your emails to be out on the Internet in plain text.

You can use our //email/testTo: to check the other side, but just because it is secure today does not mean your email tomorrow will be safe.

Email Security Compliance

EmailSentry can satisfy HIPAA, PCI, GDPR, etc. requirements. It is immediate, at-the-source, email security compliance.

Email Security Compliance Reporting

EmailSentry clients can lookup the security of any sent email. Historical emails can be found by by recipient, by date range, by user, or by combinations thereof: Query.

Clients can compare user's security usage period over period to verify user compliance with company policies: Report.

My Company Needs Strict Compliance

We can customize EmailSentry to meet the strictest email policies.

It can remove the option to Send Anyway, so users cannot send to insecure email address.

It can log all insecure sends, including the email content, allowing you to review all exceptions.

It can route email addressed to insecure domains through another email service, for example requiring the recipient to login to a portal to retrieve their secure message.

Is It Really HIPAA/GDPR Compliance?

Compliance requires that protected information is not readable by anyone but the intended recipient.

For email, an acceptable way to do that is to use TLS encryption during transport. For modern email systems, that means making sure that both sides (send and receive) have TLS properly setup and enabled.

Since you have control over your email, and you (should!) know when it changes, you only need to verify that you send email using TLS once, and then every time you make a change. Our //email/testFrom: is a fast and easy way to verify that you use TLS to send email.

Since you have no control over everyone else's email, use EmailSentry to check the receive side each time you email something.

When you know that both sides use TLS, you know that your email will be encrypted, and you are compliant with your email transport security requirements.

And since this site focuses on testing, we also suggest you test both how you send (//email/testFrom:) and how you receive (//email/testTo:) email regularly, because no matter how sophisticated your email security device(s) are, if they fail they can silently fall back to plain text email and you may never notice.

A final note on security: For organizations with strict security requirements beyond just "TLS, yes or no", such as the acceptable version(s) of TLS and ciphers, the tests on this site, and EmailSentry, can enforce those as well.

Comparison to Other Solutions

Possible Solutions

There are several solutions for assuring you send email securely:

In-line Security Devices
These are network devices that are attached between your email server and your Internet connection. All of your email goes through the device, which makes sure it is encrypted when it goes onto the Internet.
Cloud Security Services
These are Internet services that go between your email server and the Internet. All of your email is "tunneled" to the service, which makes sure it is encrypted when it goes onto the Internet.
End-to-end Encryption
This is extra software you put on every device that can send email, for example user's computers, phones, etc. Your customers also have to put the extra software on their devices to read your email. It encrypts the email right on your device and only un-encrypts it on the reader's device.
End-to-end encryption can allow data leakage because it only encrypts the message body, leaving headers like the To: and Subject: unprotected. An eavesdropper can see who your email is to and what it is about.
Email Outsource
This is a service like G Suite that moves all your email to the cloud.
Mandatory TLS
This is a feature of every modern email server. All you have to do is turn it on. Similar to a security device, this forces every email connection you make to be encrypted. It also means you cannot send email to anyone who does not use encryption.
This checks right before you send an email if it can be sent securely, and gives you options for what to do if not. See the rest of this page for more information.
Test and Audit
This uses services available from CheckTLS to make sure email security is working. See Compliance for more information.
How They Compare (higher is better)

Higher numbers are better, Features are listed in order of importance.

Feature Mandatory Audit EmailSentry Device Service Outsource End2End
TOTALS 68 57 55 45 39 36 29
Effectiveness 7 1 2 6 3 5 4
Functionality 2 6 7 3 4 5 1
Affordable 7 6 5 1 3 2 4
Ease of Operation 7 2 3 6 4 5 1
Foreign Data Issues 7 7 7 7 1 1 7
Can See Your Email 7 7 7 1 1 1 1
Customer Affecting 7 7 7 7 7 7 1
Adds Point of Failure 6 7 5 1 3 2 4
Ease of Setup 7 6 4 3 5 2 1
Ease of Maintenance 4 2 3 7 6 5 1
Security Risk 7 6 5 3 2 1 4
Comparison Table Explanation

Most of the rows of the table are a stack ranking of each option with respect to that issue. The last few are yes/no, so are scored as 7 or 1.

How effective the option is at guaranteeing email will be sent securely. All options can meet your security requirements, but some are better than others.
How well the option handles success and failure. For example, asking what to do with the entire email is better than returning just one recipient to the sender.
The cost of each option.
Ease of Operation
Does it make it harder for your users to send an email.
Foreign Data Issues
Does or could any of your data be stored or transported out of your country.
Can See Your Email
Does it get a complete copy of your email.
Customer Affecting
Do your customers (the people you send email to) also have to do something to use the option.
Adds Point of Failure
Is there something extra that could fail and take down your email.
Ease of Setup
How hard is it to install and configure the option, and if required, to move all your email to it.
Ease of Maintenance
How hard is it to keep the option in compliance, for example do you have to add new domains to it every time you email someone new.
Security Risk
Does it increase the chances of a breach, say by adding another device or supplier that could be hacked.

We welcome feedback on this analysis!

For More Information