Our Business
Account Security
We take your security very seriously.
Let's talk about....
- The emails sent to your list.
- Your Subscriber email addresses.
If your content is sensitive,
this page can help you choose the best options for YOUR list.
HOW WE OPERATE
Subscriber lists are backed up to several servers designed for 99.9% reliability. Data is redundantly stored across multiple facilities and devices. We can recover a mailing list and it’s settings from almost any point in time.
We DO NOT backup email sent to mailing lists. The Searchable Web Archive and Bounce Redelivery System (BRDS) are exceptions. A List Owner controls whether or not those options are used.
We do store emails on the listserve server for 30 days to assist in troubleshooting and debugging purposes only.
Our system is a mailing list reflector. That means, emails come in and are reflected (sent) to all Subscriber email addresses.
Subscribers do not set up an account or create a password. All email is sent to their regular email account.
List Moderators DO have a password to the group’s account. This allows settings to be changed, Subscribers added/removed, and reports to be viewed.
List Moderator access does not show any emails sent to the list. Also, all reports are sent to the List Moderator’s email address.
Your group’s email addresses are stored in YOUR account only.
We do not keep any other information about your Subscribers. Period.
IMPROVED DELIVERY
Our Bounce Redelivery System (BRDS) is a temporary web archive of emails sent for the past two weeks.
The archive provides a place for Subscribers to read missed email when messages are blocked by an ISP spam filter.
BRDS is on by default for all accounts. This option can be turned off in your Account Settings.
With this option, attachments are removed and stored on our server. A link is inserted into the outgoing email.
This option improves delivery since attachments are often viewed as Spam.
By default, attachments are deleted from our server after 30 days. You can change this option to 1 year or forever.
As an added service, we can monitor your inbox delivery at large ISP’s.
To accomplish this, we send your list email to our special accounts at these ISP’s.
This option is on by default but can be turned off in Account Settings.
Outgoing email is stored in Amazon SQS while awaiting delivery.
SQS is a queueing service that allows independent delivery servers to pull in an outgoing message and a handful of Subscriber addresses.
Delivery of each message is spread across multiple servers for quick and efficient delivery.
PRIVACY & SECURITY
The Disappearing Ink option is perfect for people concerned with privacy.
This option replaces the email message with a temporary web page link. Subscribers receive an email with the Subject Line but the body contains a link. A username and password is required to view the message.
The message on the web page expires based on your account settings. Choose 1 day, 3 days, or 7 days.
Incoming and outgoing email is encrypted while in transit, assuming the sending/receiving mail servers support encryption.
That means…..no one can see the content of your email while it is traveling to your inbox.
Emails to a mailing list are “semi public”; IE all members receive the email. What they do with that email is out of our control.
If you are concerned about non-Subscribers seeing email contents, do not turn on the Searchable Web Archive option. Turn off the Bounce Redelivery System, and the Inbox Monitor options described on this page.
You may also want to consider turning on the Disappearing Ink option.
For more information, please ask for our Security Posture.
Our Searchable Web Archive option stores email on a web page, which can be password protected. All emails sent to the mailing list are permanently stored in this archive.
The Searchable Web Archive is an optional paid service.
Our servers use the Amazon Cloud and run Ubuntu Long Term Support Linux for maximum stability and security.
Our Mail Transport Agent (MTA) is the Ubuntu version of Exim. The Mailing List software is written in Perl and Python.
The servers are ONLY accessible from designated IP addresses with the matching private key.
To help prevent Spam, we can Validate SPF. We verify the origin of incoming email against the SPF settings of the Subscriber’s domain.
If the Subscriber’s domain has set acceptable IP Addresses with a FAIL or SOFTFAIL policy, emails from a different IP are sent to the List Moderator for approval.