ZSentry Mail Click to print

Decrypt ZMAIL - Help

SUMMARY

ZMAIL integrates email, security and message access control functions such as message release and expiration. All ZMAIL messages, including headers and attachments, are copyright-, access- and copy-protected under the US Digital Millennium Copyright Act as well as other US and international laws. By using ZMAIL, the sender limits the right to read the message to its expiration time and original recipient(s).

Reading ZMAIL is done in two steps:
1. You receive ZMAIL as a standard email message at your current email address, using your current software, such as Outlook, or webmail.
2. To read a ZMAIL, you can log in directly using the message or copy and paste the message into ZMAIL's Input Box, after you log in.

After the ZMAIL is read (decrypted), the page "Read ZMAIL" is shown to the recipient with the decrypted message and its message access control functions. The recipient may export the ZMAIL message, including attachment, to Outlook and other email agents, in plaintext; may download or open attachments directly; and may use ZMAIL to reply, forward or send a new message using the received message.

Every message is verified for authenticity before it can be read by the recipient. Messages from PREMIUM users are identified by the PREMIUM Seal, which the recipient can click on to confirm the sender's identity. If requested by the sender, a return receipt may be sent back to the sender when the ZMAIL is decrypted.

Email address information for each contact is saved in the Address Book and is directly available. ZMAIL also manages the encryption and authentication keys for each email address you use, with automatic key expiration and roll-over, and protects your login data and keys by not storing them online or anywhere else.

TERMS USED

"Locally" or "Local" refer to any storage device that your computer can access, working with any Media including your local disk, removable media (e.g., USB Drives) and over a network.

EML format is a standards-based text file format used by ZMAIL. EML is compatible with Outlook and other email applications; you can also open it with any text editor.

"Plaintext" means "without encryption", for data that can be read without using ZMAIL. Usually, plaintext is secure when stored locally. ZMAIL can also be used for secure local data storage, if needed.

The MENU and LOGOFF buttons have the same functions as in other pages.

How To Read ZMAIL

ZMAIL Skin - message is inlined web page (HTML encoding):
Click the READ button directly in your email program. Until you close your browser, the next messages can be read without additional login (login once, read all ZMAIL).

ZMAIL+ Skin - message is in web page attachment (HTML encoding):
Double-click on the attachment link or copy-and-paste the attachment link into your browser. After the message opens in your browser, click READ and follow the instructions. Until you close your browser, the next messages can be read without additional login (login once, read all ZMAIL).

Zlink Skin: messages are sent as a virtual link. They are easy to read and have least size. The Zlink Skin always has the same physical size, independent of the message length or attachment.

ZSENTRY Skin or IM Skin - message has gibberish text (text encoding):
Use the Read ZMAIL page, after you log in. Drag-and-drop or copy-and-paste the entire text message body into the Input Box. Click READ. Automate this task for ZSENTRY Skin with the ZMAIL Decrypt Bookmarklet.

If the message is not yet released (i.e., its Release Time has not passed yet), the message cannot be decrypted. Read more about the Release Time.

If the message has expired (i.e., its Expiration Time has passed), the message cannot be decrypted. Read more about the Expiration Time.

After ZMAIL decrypts your email, the information below will be available to you.

Time: Provides information on Release Time and Expiration Time (also called "Election Ends" with ZVOTE ballots) for this message. See the next item "Date".

Date Sent and Expiration (ZMAIL Timestamp): The time and date the message was sent ("Date Sent:") and, if the message expires, the date after which the message can no longer be read ("Expiration:"). By using ZMAIL, the sender limits the right to read the message to its expiration time. The dates are in the format specified by RFC822. With ZMAIL, this information is cryptographically signed with the message and provides a secure timestamp independent of the sender. The dates are visible to the recipient before decryption, in the ZMAIL message (see Envelope Information). After decryption, the authenticated dates are visible to the recipient in local (recipient's) time and in GMT time. The dates are visible also in the message header (X-ZSENTRY-Mail-Date field), with the time and date the message was sent, in a format specified by RFC822. The time and date values are provided by ZMAIL Time Authority. The time is synchronized to available atomic clocks complying to NIST standards. The "Date:" field in the email should be very close to "Date Sent:".

Time Zone: The world Time Zone used to display time information. Options are UTC (also called GMT) and Local. The UTC time does not change regarding Daylight Savings Time. The Local time is read from the user's locale information (i.e., depends how you set up your computer) and changes with Daylight Savings Time.

Release Time: The message can be decrypted and read after the date shown. If no date is shown, the message was immediately available. Read more about Release Time.

Expiration Time: The message can be decrypted and read before the date shown. If no date is shown, the message does not expire. Read more about Expiration Time.

From: (Sender Information) Should be equal to the "From:" field in the email. The sender's authenticated email address, verified by a challenge-response test during the sender's registration procedure. At that time, ZMAIL verified positively that an unpredictable code sent in a message to this email address was timely used according to instructions in the message. ZMAIL has not authenticated the name of the Sender. PREMIUM senders are identified by the PREMIUM Seal, which you can click to verify.

To / CC: (Recipient Information, authenticated by ZMAIL) The first line contains the actual recipient of this message and should be equal to the "To:" field in the email header; the additional lines (if present) contain the addresses of copied recipients (which are suppressed in the email header for security reasons).

Plaintext Subject: The Subject header, as it was sent visibly in the email headers.

Decrypted Subject: The "Subject:" field in the ZMAIL message, which was sent authenticated and encrypted. IF the sender chose to protect the Subject information, this is NOT the same as the Plaintext Subject that was sent visibly in the email headers. Otherwise, the "Decrypted Subject:" should be the same as the Plaintext Subject header of the email (NOTE: the Plaintext Subject header of the email is subject to tampering and loss, whereas the ZMAIL "Subject:" is tamperproof.).

Decrypted Message: The actual email message body, after is was decrypted and authenticated.

Format: Defined by the sender, can be Text, "Rich Text" (also called Web page format or HTML), or Inline. You may override the sender's format choice. The Inline format will try to present the page using the original document format (e.g., PDF, Excel), which may not be enabled in the recipient's browser. If the message contains unsafe elements (e.g., ActiveX, Javascript, or Applet), ZMAIL may suppress Rich Text rendering for security reasons. NOTE: Rich Text formatting may not work with your browser.

Decrypted Attachment: The file that was attached by the sender (if any). The file was compressed, authenticated, encrypted and sent with the message's timestamp. You receive the file in the same format (MIME encoding) that was sent, which availability may depend on your system. The file may be downloaded or read inlined (directly using the browser), using the respective buttons "Download" and "Open".

Reply: The email is formatted for reply to the sender only and presented in the Composer screen.

Reply All: (button available only if there are CC recipients) The email is formatted for reply to the sender and all CC recipients, and presented in the Composer screen.

Forward: The email is formatted for forwarding and presented in the Composer screen.

Send New: Also known as "edit message as new" or "send as new" in some email agents. This button opens the current message as new, ready for editing and sending. The original message is also available if you click "Back" in the editing window.

Compose: Opens a new compose window, for editing and sending a new message. The original message is also available if you click "Back" in the editing window.

Export: The decrypted ZMAIL without Attachment is exported in EML format for download or inline reading with your default email application (e.g., Microsoft Outlook, Mac Entourage), including headers. The file is saved in plaintext, with suggested prefix "INBOX_NOATT_zmail_" and a unique name with extension .eml, in a folder of your choosing.

Export All: (button available only if there is an Attachment) Using this button, the decrypted ZMAIL with Attachment is exported in EML format for download or inline reading with your default email application (e.g., Microsoft Outlook, Mac Entourage), including headers. The file is saved in plaintext, with suggested prefix "INBOX_zmail_" and a unique name with extension .eml, in a folder of your choosing.

Download / Open: (buttons available only if there is an Attachment; otherwise displays the notice "There is no attachment.") When the ZMAIL has an attachment, just the Attachment may be downloaded or opened by using the corresponding buttons.

Message Fingerprint: Message Fingerprint This icon identifies the Message Fingerprint, which is the visible digital signature of the ZMAIL.

ZMAIL automatically verifies that every message is received exactly as it was sent (all ZMAIL messages are authenticated). A ZMAIL message, including headers and attachments, is copyright-, access- and copy-protected under the US Digital Millennium Copyright Act as well as other US and international laws. By using ZMAIL, the sender limits the right to read the message to its expiration time and original recipient(s).

The Message Fingerprint provides a human-readable, simple, auditable record that the message was received exactly as it was sent. The Message Fingerprint is visible in the Envelope Information. The Message Fingerprint is also visible to both sender and recipient as a unique character string in the message header "X-ZSENTRY-Mail-Message-Fingerprint". An example of ZMAIL Message Fingerprint is "E4630D4C051C86DD0C4444A03FA76BD9".

The Message Fingerprint can be used as evidence that the message was: (a) sent and (b) received exactly as sent. Sending ZMAIL with a Fingerprint is optional and requires the sender to check a box.

Any ZMAIL user can verify the Fingerprint of a message. The Fingerprint has 32 alphanumeric characters, from 0 to 9 and A to F. The Fingerprint value depends on the entire message (including attachment), the date it was sent and on the sender's and recipients' names and email addresses -- the same message will have a different fingerprint if it is resent. After the ZMAIL message is decrypted, and after ZMAIL internally verifies that the message was not tampered with, ZMAIL shows the calculated Fingerprint to the recipient (at the bottom of the decrypted message). The recipient can verify the Message Fingerprint directly with the sender or, vice-versa, the sender (who knows the original Message Fingerprint value from the send report) can verify it with the recipient.

Return Receipt: Return Receipt This icon appears when the sender has requested a Return Receipt as a mandatory condition before the recipient can decrypt (read) the ZMAIL message.

The Return Receipt informs the sender when (the time), where (the IP number), how (the browser or email agent identification), and by whom (the recipient's ZMAIL-authenticated name and email address) the message is decrypted, every time it is decrypted. When a Return Receipt is requested, the recipient is notified in the Envelope Information, before the message is decrypted. If you wish to decline to provide the Return Receipt, do not attempt to decrypt the message. Read more about the ZMAIL Return Receipt.


The contents of this entire site and domains zsentry.com are © Copyright, NMA Inc., 2003-7. All rights reserved, worldwide. Titles and product names are trademarks of NMA, Inc., including NMA, ZSENTRY, Return Code and ZMAIL. Patent pending.