Skip to main content
Email Gateway

Email Security Gateway

Inbound and outbound email protection with DLP scanning, DKIM signature generation, attachment extraction to secure links, and per-domain policy enforcement. A complete SMTP server implementation — not a proxy.

SMTP GatewayDLP ScanningDKIM/SPFAttachment Extraction
01Inbound

Inbound Protection

Full SMTP server with Postfix integration, MIME parsing, DLP scanning, and configurable policy actions on every inbound message.

MnemoShare implements a complete SMTP server (25 source files) with Postfix socketmap and content filter integration. Every inbound message is parsed, scanned, and processed inline before delivery.

Processing

  • Full SMTP server with Postfix socketmap + content filter
  • MIME parsing with automatic attachment extraction
  • DLP scanning on body content and all attachments

Policy

  • Actions: pass, reject, or rewrite (redact, extract, hybrid)
  • Per-domain configuration for granular control
  • Size limits configurable per domain
stage_01

SMTP & MIME

Postfix socketmap + content-filter intake. Each message parsed; attachments extracted into a scannable manifest before any delivery decision.

avg_parse_time~38ms
stage_02

DLP scan

Body content and every attachment routed through the same multi-stage DLP engine used for file uploads — regex, ML, and GenAI classification.

engines_active3
stage_03

Policy action

Per-domain rule decides outcome: pass through, reject with bounce, or rewrite — redact body, extract attachments to secure links, or both.

actionspass · reject · rewrite
02Outbound

Outbound Relay

Outbound SMTP relay with DKIM signature generation, rate limiting, sender allowlists, and policy enforcement.

Security

  • DKIM signature generation and validation
  • Rate limiting per sender to prevent abuse
  • Sender allowlists for trusted addresses

Routing

  • Outbound SMTP relay with full policy enforcement
  • MX record resolution for intelligent routing
  • Spam filtering integration
03Attachments

Attachment Security

Automatically extract email attachments into secure MnemoShare download links with scanning and a full audit trail.

Extraction

  • Automatic extraction to secure download links
  • Multi-format: plain text, Office, PDFs

Controls

  • Anonymous links when policy allows
  • Full audit trail of every processing decision
Comparison

Beyond traditional MFT

Most managed file transfer platforms were designed before modern threats existed. Here is how MnemoShare compares.

CapabilityTraditional MFTMnemoShare
Email integrationFiles and email are separate systemsUnified SMTP gateway with DLP and policy enforcement
Attachment handlingEmail attachments bypass file transfer controlsAttachments extracted, scanned, and delivered via secure links
AuthenticationNo email-level authenticationDKIM signature generation and validation, SPF support
Policy enforcementNo email policiesPer-domain config: pass, reject, or rewrite with DLP integration
Audit trailNo visibility into email-based file sharingEvery email processed, scanned, and logged with policy decisions

See how MnemoShare compares. Schedule a demo

In Practice

Real-world use cases

Healthcare email compliance

Hospital routes outbound email through MnemoShare gateway. PHI detected in attachments triggers automatic extraction — attachment replaced with secure download link requiring authentication. Audit trail proves compliance.

Secure requests for PHI, PII, or signatures

Admin generates a secure link to request a patient record, a vendor W-9, or a signed consent form. Recipient authenticates, uploads or signs, and the result lands in MnemoShare with DLP scanning and a full audit trail — replacing Docusign and standalone secure-form tools with one workflow.

Financial document routing

Investment firm configures per-domain policies. Emails to external partners have attachments extracted and scanned for PCI data. Clean attachments pass through; flagged content is quarantined for review.

Preventing accidental disclosure

Insurance company uses DLP-integrated email gateway to catch employees accidentally attaching wrong files. Policy blocks emails with SSN patterns in attachments and notifies sender and admin.

FAQ

Frequently asked questions

Is this a full email security gateway or just a proxy?

MnemoShare implements a complete SMTP server (25 source files) with DKIM signature generation and validation, MIME parsing, attachment extraction, rate limiting, sender allowlists, MX resolution, and relay capabilities. It processes email inline, not as a simple proxy.

How does email DLP integration work?

The email gateway applies the same DLP detection engine used for file uploads to email body content and attachments. Policy actions include pass, reject, or rewrite (redact body content, extract attachments to secure links, or a hybrid approach).

Can MnemoShare replace attachments with secure links?

Yes. When policy triggers on an attachment, MnemoShare extracts it, stores it securely, and replaces the attachment in the email with a secure download link. The recipient authenticates to download, creating an audit trail.

Does the email gateway support per-domain configuration?

Yes. Administrators configure policies per sending or receiving domain, with separate rules for internal vs. external communication, different size limits, and domain-specific DLP policies.

Get Started

Ready to see MnemoShare in action?

Start a free trial, schedule a walkthrough, or dive into the docs.