Mailbox,
sealed.
A compliance-grade mail archive. Ingest IMAP, PST, MBOX. Redact PII. Hash every message. Ship a signed evidence pack that an auditor can replay six years later — and verify offline, without our involvement.
The corporate mailbox
is the corporate record.
German Aufbewahrungspflicht. Sarbanes-Oxley. DORA. Every regulated organisation is required to archive business correspondence — usually for six to ten years — in a form that survives an audit.
The honest answer to "how does your mail archive work" is too often: we have a folder. Then somebody leaves, the folder rotates, the integrity claim is unprovable.
This pipeline replaces the folder with a deterministic workflow. Messages flow in. PII is redacted before anything leaves the original process. Every message is hashed. The whole archive is sealed into an evidence pack carrying its own ed25519 signature. The auditor verifies the pack offline, without us.
The pipeline,
plain and signed.
From E2E Tests/MailArchiving/mail-archive-sample.viow. Three transport adapters in, one sealed bundle out.
Three sibling workflows handle the read side: mail-archive-sample.viow, mail-archive-dryrun.viow (validate without writing), and mail-restore-sample.viow (replay an archive into a fresh mailbox).
What the auditor actually checks.
The pack ships with the verifier. No vendor involvement.
| Check | Mechanism | Verifies |
|---|---|---|
| Per-message integrity | SHA-256 of headers + body | No message has been altered since archival. |
| Archive integrity | Merkle root over all messages | No message has been added or removed. |
| Authenticity | Ed25519 signature of the root | The archive was produced by the holder of the run key. |
| PII compliance | Redaction log emitted alongside | PII categories detected and the action taken on each. |
| Replayability | Sibling mail-restore-sample.viow | The archive deterministically reconstitutes the mailbox. |
Why this matters.
- Legal-hold without the lock-in. The archive format is open. You can leave us and the pack still verifies.
- Mailbox to evidence in one binary. No SaaS, no e-discovery vendor, no third-party access to the mailbox.
- Same evidence shape as NIS 2. The pack the auditor verifies here is the same pack format VSNEP produces for cyber incidents (see NIS 2).