Business email built on a secure foundation
Security is at the core of every UGMail mailbox. From the protocols on the wire to the hardware in our data centers, we engineer UGMail to keep your conversations private, authentic and available.
How UGMail protects your mail
Layered defenses across encryption, authentication and threat detection — applied to every mailbox, every domain, every plan.
Encryption in transit
All mail and web traffic is protected with TLS 1.2+ using modern cipher suites. SMTP, IMAP, POP3, JMAP and HTTPS connections enforce strong encryption end-to-end between clients, servers and partner relays.
Encryption at rest
Mailboxes, attachments, backups and metadata are encrypted at rest with AES-256. Encryption keys are isolated from data stores and rotated on a regular schedule.
Authentication standards
UGMail enforces SPF, DKIM and DMARC on outbound mail and validates them on inbound mail. ARC, MTA-STS and TLS-RPT are supported so domains can prove and verify legitimacy.
Anti-spam & anti-phishing
Multi-layer filtering combines reputation, heuristics, content analysis and machine learning to block spam, phishing, spoofing and business email compromise attempts before they reach inboxes.
Two-factor authentication
Users and administrators can enable 2FA using TOTP authenticator apps or security keys. App-specific passwords keep legacy clients isolated from your main credentials.
Audit logs & visibility
Administrators can review login history, IP addresses, device fingerprints, mailbox events and configuration changes from the UGMail admin portal.
Infrastructure & operations
Our platform is operated with the discipline of a regulated business. We invest in resilient infrastructure and clear processes so your email is always reachable and always protected.
Hardened infrastructure
Servers are deployed in secured, ISO-certified data centers with restricted physical access, redundant power, fire suppression and 24/7 monitoring.
Network protection
Edge firewalls, DDoS mitigation, rate limiting and IP reputation filtering protect our mail relays and web endpoints from abuse and brute-force attacks.
Redundancy & backups
Mail data is replicated across multiple availability zones with daily encrypted backups, giving you durability against hardware failure and accidental loss.
Access controls
Internal access to production systems is restricted by role, requires 2FA and is logged. Engineers never read customer mail content as part of normal operations.
Incident response
A documented incident response plan covers detection, containment, eradication, recovery and customer notification within the timeframes required by applicable law.
Global compliance posture
UGMail is built with GDPR principles in mind: lawful processing, data minimization, user rights and transparent sub-processors. Custom data residency is available on business plans.
Your data belongs to you
UGMail does not scan your mailbox to build advertising profiles, sell your data or train third-party models on your messages. We process customer data only to deliver the service you subscribed to and to keep it safe.
- No ad targeting based on email content
- Clear data processing agreement available on request
- Export and delete tools for full data portability
- Transparent sub-processor list maintained by UGMail
Operational best practices
Security is a continuous discipline at UGMail. Our team follows industry best practices across people, process and technology.
- Secure software development lifecycle with peer code review
- Static analysis, dependency scanning and regular penetration testing
- Least-privilege IAM with mandatory 2FA for all staff
- Encrypted device fleet, centrally managed and remotely wipeable
- Continuous monitoring, alerting and 24/7 on-call rotation
- Vendor risk reviews for every sub-processor handling customer data
Responsible disclosure
If you believe you have found a security vulnerability in UGMail, we want to hear from you. Please email security.ug@ugmail.co with a clear description and reproduction steps. We will acknowledge your report and keep you informed throughout remediation.