IMPORTANT SECURITY NOTICE
To mitigate efail please consider the following:
- Install Version >= 2.40.264
- Disable HTML view (Settings->Display->View HTML content by default->off)
- Do not download remote content
R2Mail2 is an email client for Android OS which provides cryptographic capabilities, such as Digital Signatures and Digital De- and Encryption based on personal Soft-Token keys (.p12 format), as for example provided by a Trust Center or generated by PGP applications. Even though we focus on the best cryptographic experience in the Android email world, we try to provide a full functioning mail client with corresponding safety features in general.
- E-Mail Server: IMAP (incl. pushmail/idle), POP, SMTP and Exchange (>2007 SP1)
- SSL with X-509 client certifiate authentication
- An database in which the mails are stored encrypted
- Special Attachment View (browse your attachments without checking single mails)
- Unified Inbox and E-Mail Threading
- Switch for Html and Text view options
- Peak Options for check intervals
- Search Function for messages per Folder
Main Cryptographic Features:
- Private keys and passwords are stored in an encrypted database (Key-Store) and protected by a Master Password.
- The security settings allow the configuration of encryption parameters, signature and certificate validation methods (OCSP and LDAP).
- Full S/MIME and PGP Plain and PGP MIME support
- Automatic selection of S/MIME or PGP for each recipient
- Full support of Android Root Store
- Certificate import of .crt, .pem and .asc formats
- Certificate/Key import from KeyServer LDAP or HKP (HTTP)
The application needs the following Android permissions to run:
- Full Internet Access – required to send and receive emails
- Modify/Delete SD card content – required to access the private key store, download attachments and to write log-files
- Read Contacts – required to suggest email addresses from your contacts
- Network State – required to check if an Internet connection is present
- Vibrate – required for notification purposes
- WakeLock – to allow service to check mails in background
If you get errors please use “Menu -> Report Error” on the start-screen to send us the log-file information in your preferred way!
Please find the most recent release notes here!
Information about Private Key and Validity Handling:
The application comes without a personal key pair (the users private and public key) – so it is fully functioning in the sense of sending and receiving emails as any other mail client and provides the correct usage of validation if the mail you receive is signed by the sender.
For signing or encrypting a message it is necessary to use a private key you own. Turn to a Trust Center of your choice as a source of supply. You can find a list of trust centers, which are trusted within the Android world, in the Certificate Store (CA section) of R2Mail2. Please be aware that this app can only support Soft-Token in form of P12-files and will not work with smartcard-based certificates.
The private key you use for signing and decryption is bound to the validity of the certificate. This means, that after the certificate is revoked or no longer valid (because the date stated in the field “Valid To” of your certificate is in the past) signatures will not be possible. Nonetheless, we implemented the function to decrypt messages with private keys even with no longer valid certificates. So your messages will always be available to you, even with older keys.