be Smart.
be Secure.
Phone: 800-441-6612
How it Works
TLS Checker

How it Works

Send Secure Email to Anyone.
SecureLine seamlessly integrates three distinct modes of secure email communications: SMTP TLS, SecureLine Escrow, and SecureLine PKI, to ensure that you can securely communicate with anyone.
Receive Secure Emails from Anyone.
SecureLine's SecureSend Portal enables anyone to freely send secure emails to you.

Watch how it all works — Overview Video.

Three Paths to Secure Email

Simple, Seamless, Transport Encryption. TLS ensures that each message is transmitted from you all the way to your recipient's email server over an "enforced secured channel", even though the message itself is not encrypted within the channel. The message emerges from the TLS-secured channel onto the recipient's email server and is delivered to the recipient's INBOX like any regular email message. SMTP TLS prevents eavesdropping, ensures transport encryption of messages, and is a sufficient level of encryption for HIPAA.

Your recipients' email servers must support TLS for this mode of easy encryption to work (Not many do) — LuxSci determines this automatically for you and falls back to other mechanisms as needed. See also: SMTP TLS: All About Secure Email Delivery over TLS

SecureLine users (WebMail and SMTP) can disable TLS-Only sending on a per-message basis (e.g. if you like TLS Only in general, but would like to use Opportunistic TLS + something more secure (Escrow, PGP, or S/MIME) for particular messages).

More Details — SecureLine TLS

Retrieve Secure Messages from a Web Portal. With SecureLine Escrow, each recipient receives a simple email notice of a waiting message in his/her INBOX. The recipient clicks on a link in that notice, answers a security question or provides a password to verify his/her identity, and then accesses the message over a secured connection in their Web Browser. Escrow enables sending secure messages to anyone, no matter what mail service they have.

More Details — SecureLine Escrow

PGP and S/MIME Certificates. SecureLine supports use of S/MIME and PGP for message encryption and decryption. If you require message content to be always encrypted and to be sent in full to the recipient, then this is for you. It does require that your recipient be "set up" to use S/MIME or PGP.

More Details — SecureLine PKI

SecureLine integrates all of these methods, using the best choice for each recipient based on your sending preferences. In general:

  • TLS is easiest to use, though least secure. It is not compatible with many recipients
  • Escrow is very secure and compatible with any recipient; however, recipients have to go to our Portal to pick up messages
  • PKI is most secure, but hardest to use as it requires communication of certificates and setup of email software for all recipients using it. Most people do not use PKI unless they have a specific need for it.

Three Paths Compared

Security TLS Escrow PKI

Meets HIPAA Requirements

Message encrypted during tranmission

Message encrypted at rest

If the recipent's email account is compromised, messages can still be safe


Message content at rest protected from any LuxSci staff access?

** ***

* Use of Escrow with "Question and Answer" recipient verification protects the messages if you use well chosen questions and answers. Use of "SecureSend Login" recipient verification allows the recipient's password to be easily reset by anyone with access to the user's email account. This is why "Question and Answer" authentication can be more secure.

** Escrow with "Message Center" enabled technically allows LuxSci operations staff to unlock saved messages, as the system needs to be able to open any saved messages for the user. Escrow with Message Center off (the default) eliminates the possibility of anyone for except the individual recipients themselves to unlock their messages.

*** PKI-encrypted messages can never be opened by LuxSci operations staff unless you have "Escrowed" the password to your private key with LuxSci for auto-decryption or password-recovery purposes.

Feature TLS Escrow PKI

Recipient can reply securely to sender

Message content delivered to recipient INBOX

Secure messages appear just like regular messages to recipient

Recipient must retrieve message from a secure web site

Recipient must set up security software ahead of time

Sender can retract a message after sending

Sender can tell if recipient has read a message

Sender can get read receipts that always work

How Messages Are Encrypted

SecureLine selects the encryption method to use separately for each recipient of each message. As a result, a single message to multiple people can employ many different encryption methods. SecureLine takes care of this all behind the scenes — in general, little or no sender interaction is needed.

For every recipient, SecureLine goes through the following list of possible encryption options, in order, and uses the first one available for that recipient.

Encryption Option Discussion


SMTP TLS Only TLS Only for delivery is used if:
a. TLS Only delivery is enabled account-wide or domain-wide
b. The recipient's email servers support TLS
c. The recipient is not excluded from TLS delivery by your administrator
d. The sender has not opted this message out of TLS Only use


PKI PGP or S/MIME will be used for delivery if the recipient is an active LuxSci user with a PGP and/or S/MIME certificate in his/her LuxSci profile.

Getting the public key and determining use of S/MIME vs PGP will be taken care of by SecureLine and the recipient's personal LuxSci preferences.


PKI or Escrow Question and Answer from Address Book data SecureLine will look in the sender's address books for pre-configured encryption information for the recipient. This could be a PGP or S/MIME public key or an Escrow Question and Answer. The first entry with encryption information found is used.

User Address Books are searched in the following order:
a. Preferred address book for SecureLine data, if specified
b. All subscribed address books, if there are any
b. Default address book, if none are subscribed


Escrow with SecureSend Login If the 'SecureSend Login' mode of Escrow recipient verification is enabled for your account, this will be used.


Escrow with SecureSend Login If the recipient already has a SecureSend account, then the 'SecureSend Login' mode of Escrow recipient verification will be used.


Escrow with Default Question and Answer If there is a default Escrow Question and Answer configured on the per-account, per-domain, or per-user level for this recipient, then that will be used.


Escrow prompts sender for a Question and Answer When using LuxSci WebMail or Windows Outlook with the SecureLine Plugin, SecureLine can ask the sender to provide Questions and Answers as needed for new recipients. These can be auto-saved to the sender's address books for easy re-use.

In cases where none of the first 6 options work and SecureLine cannot interact with the sender, SecureLine cannot send the message securely. The message will fail to send to this recipient and the preferred action to take in this case is followed (e.g. Send insecurely or send a bounce notice to the sender indicating the failure).

As long as "Escrow with SecureSend Login verification" or a default Question and Answer are provided, messages will always be able to be sent securely to anyone without sender input.

Starting at $12.00/mo
Sign Up

"I can't tell you how happy I have been with Luxsci's support. You guys have been really on top of things, and obviously have great tech skills. Thanks a lot for your help!"

—Charles Snipes, Owner, DataTriangle

TRUSTe Privacy Certification Refund Policy Thawte Extended Validation SSL Certificate

Learn more

• The Case for Email Security

• Ensuring All Data is Encrypted at Rest with LuxSci

more articles

"I just wanted to say that LuxSci is DEFINITELY the best hosting company I've ever used for email. They have real features, not glitz, especially... complete testimonial"
McAfee Secure TRUSTe Privacy Certification Thawte Extended Validation SSL Certificate Refund Policy
• Access Anywhere
• Fast and Robust
• Super Secure
• Tons of Features
• Customizable
• Mobile Friendly

Send and receive email from your favorite programs, including:

 Microsoft Outlook
 Mozilla Thunderbird
 Apple Mail
 Windows Mail

... Virtually any program that supports POP, IMAP, or SMTP

Keep your email, contacts, and calendars in sync:

 Apple iPhone and iPad
 Android Devices
 Windows Phone

... Any device with Exchange ActiveSync (EAS) support

Relay your server's mail through LuxSci via smarthost:

• Resolve issues with ISP sending limits and restrictions
• Improve deliverability with better IP reputation and IP masking
• Take advantage of Email Archival and HIPAA Compliance
• Even setup smarthosting from Google Apps!

Free web site hosting with any email account:

• Start with up to 10 web sites and MySQL databases
• DNS services for one domain included
• Tons of features and fully HIPAA capable

LuxSci's focus on security and privacy:

• Read The Case for Email Security
• Read Mitigating Security & Privacy Threats
• Review our Privacy Policy

The most accurate, flexible, and trusted filters in the business:

• Premium protection with Intel Security Saas
• Realtime virus database guards against the latest threats
• Seven-day quarantine lets you put eyes on every filtered email
• Supplement with our Basic Spam Filter for even more features

End-to-end secure email encryption — to anyone, from anyone:

• No setup required — encryption is automatic and easy to use
• Secure outbound email with TLS, PGP, S/MIME, or Escrow
• Free inbound encryption via our SecureSend portal
• Independent of your recipient's level of email security
• Widely compatible and fully HIPAA Compliant

Add an extra layer of security with an SSL Certificate:

• Secure your web site
• Debrand LuxSci WebMail with your own secure domain
• Access secure email services via your own secure domain

Encrypt your service traffic via secure tunnel:

• Add another layer of security to your SSL connections
• WebMail, POP, IMAP, SMTP, web/database access
• SecureForm posts, SecureLine Escrow, SecureSend access
• Restrict your account to VPN access only

Secure long-term message archival:

• Immutable, tamperproof email retention with audit trails
• No system requirements — minimal setup, even less upkeep
• Realtime archival of all inbound and outbound messages
• Works anywhere — even with non-LuxSci email hosting

Free data backups included with all email hosting accounts:

• Automatic backups of all email, WebAides, web/database data
• Seven daily backups and up to four weekly backups
• Unlimited restores included at no additional cost
• Custom backup schedules for dedicated servers

Automate your email management:

• Save messages to specific folders or to LuxSci WebAides
• Advanced text scanning with regular expressions
• Tag messages, alter subject lines, or add custom headers
• Filter by message charset, type, TLS status, DKIM status
• Chain filters together for even more complex actions

• Bulk add and edit users, aliases and more
• Control sharing and access globally or on a granular level
• Delegate user roles through permissions
• Configure account-wide taglines, sending restrictions, and more
• Remotely administer account via SOAP API

Share, collaborate, organize, synchronize:

• Calendars, Contacts, Documents, Notes, Widgets, Workspaces
• Fine-grained access control and security
• Access anywhere via secure web portal or smartphone
• Save over solutions like Microsoft Exchange

Free folder sharing for all email hosting accounts:

• Share mail folders with other users in your account
• Subscribe to only the folders you want to see
• Set read-only or read-write access control
• View all personal and shared folders via unified web interface

Color code and label your email messages:

• Define and assign multiple IMAP keywords to each message
• Filter, search, and sort by tags
• Compatible and synchronizes with any IMAP email client
• Also usable with WebAide entries