>>>>> Kevin Phillips <kevin at kpitconsulting.com> writes: > Zixmail is OK for email encryption that integrates with Outlook or can run > stand alone. If you need to use Outlook, you're still better off using GnuPG. The last I knew, Gpg4win still didn't work properly with Outlook 2007 (it works OK with earlier versions), but there are other Outlook 2007 plugins like OutlookGnuPG (http://www.cumps.be/gpg-in-outlook-2007-outlookgnupg/). I can't recommend Zixmail for any application other than perhaps dedicated intra-company low-grade encryption and time-stamping. It's a proprietary product, from a company that's refused to disclose their security algorithms for review in the cryptography community, with a FAQ that reeks of snake oil. Worse, anything you send via the Zix "feature" that claims to deliver secure mail to non-users will be decrypted by a public server before being sent to its destination via an SSL-secured browser connection. Calling this level of security "casual" would be very charitable. PGP self-decrypting archive files are many orders of magnitude more secure, even if the pass phrases you make up are only "average quality". Unfortunately, doing encryption right is a difficult job, and Zix has erected as many obstacles as they can to doing it right. Zix is just another PGP replacement that falls way short of the mark for both security and utility. -- Roger Williams <roger at qux.com> Chief Technical Officer, Qux Corporation 433 West Street, Suite 8, Amherst, MA 01002, USA Tel +1 413 253-6400 * Fax +1 508 302-0230 * GSM +1 508 287-1420