Secure Email

Interoperable. Flexible. Fully Managed.

Secure email

It’s safe to send email again.

Never worry about unsecured emails or attachments again.

What is Secure Email Gateway?

A DOQEX Secure Email Gateway protects, inspects and modifies emails via automated policies. Whether you wish to protect emails sent by back office applications, automated systems or people, our solution protects the whole email and its attachments, keeping everything encrypted in transit and at rest.

Plug & Protect in an Afternoon



DOQEX needs no plugins or agents and will work with any email client and infrastructure.


Set Policies

We’ll help you quickly set up the policies and transport rules required to get you up and running.



Relax. It’s a managed service after all. Whenever you need assistance, we’ll respond at pace.

Key Benefits


Using our Security Policy Builder, we will quickly automate protections and processes that make your life easier.

Managed Service

Relax. Our experts will get you up and running and look after your service, acting quickly on all your requests.

Any Email Client

DOQEX works with any email client and infrastructure. Our MS Office plugin is also available should you prefer it.

Industry Standard Encryption

Secure email underpinned with the assurance that ISO 27001 certification brings you.

Attachment Protection

Automatically convert email attachments to secure, controllable and auditable download links.

“Recall” email and attachments

Users, team managers, service desk and admins can revoke attachments or entire emails.

Find out with only 2 button steps!


“DOQEX was selected as a cost-effective solution that both met Benenden’s secure data sharing requirements whilst completely preserving our brand identity.”

Andrew Radi, Group CIO

Tell Me More

Works With Any Email Service

Yes, any email client.

DOQEX does not require a plugin and will work with any email client and infrastructure. We’ve even tested it using mutt on a Sun SPARC workstation, though it’s no problem if you’re using Office365 instead.

Microsoft Office Plugin.

If you’d prefer to use a plugin, we have one. Configurable and simple to use, we don’t bog your users down with decisions and menus – simply send your mail!

Policy-Driven Processing

Automated security.

Apply security by policy and allow your users to forget about security settings and just get on with their work.

Secure email from back office applications.

All email is processed by the DOQEX mail gateway, so you can apply processing rules for mail from your in-house systems.

Sender-based routing.

DOQEX mail gateway allows full control over mail rules based upon individual senders and sender domains.

Attachment Protection

Automated password protection.

Strip email attachments and protect your download links with a password.

“Recall” email attachments.

Flexibly grant recall capabilities to users, service desk and team managers

On by default. Opt-in. Opt-out.

We’ll define and develop mail processing rules so that protections are appropriate for your use case.

Email Integrity

Attachment protection.

Automatically convert email attachments to secure, auditable download links. We’ll configure the link text (in any language) and design branded email templates for all your use cases.

Lifetime and auto-expiry.

Attachments are subject to compulsory expiry and TTL policies. Whether you set links to last just one day or one year you avoid files hanging around recipient mail boxes forever. 

Most of us are guilty of abusing email clients as a form of perpetual storage. This is bad for security and bad for anyone paying to store or backup bloated .pst files! 

Protecting the Whole Email

Captivemail portal

Recipients no longer receive your original emails. Instead, recipients are directed to your private securemail gateway.

Recalling email

Admins, service desk, team managers & users can be granted the ability to recall email and attachments.

Restricted reply and forward list

Admins can configure reply addresses to restrict responses to the correct individual or group mailbox. This eliminates errors  and promotes security.

Prevent attachment download

Attachments can be automatically discarded, marked as view only or embedded with customisable watermarks.

Authentication options

Select authentication options appropriate for the sensitivity of the data. Options include SSO, multi-factor auth, SMS tokens, single and multi-use direct login links.

Multiple recipient groups

Like granular processing rules, each rule can be applied to discrete divisions. This enables alternate authentication, download rights and other settings to be applied for each rule.


No need. Users don’t need to download or install anything. Reading and replying to messages is done via your DOQEX private securemail portal. Messages are consumed and processed by the DOQEX securemail gateway.

By default, you send an email in the same way you have always done. Security is automatic.

This is because the security processing is set via policy triggers by the admin team.

As organisations often have different policies and procedures, we recommend you talk with us to explore the best options for you.

To read secure messages, recipients log in to your private securemail portal.

Portals are best served using one of your existing domains, for example: Your contacts will interact with you via this portal.

Your branded portal is setup as part of the DOQEX service. All notifications and interactions within your service are tailored to support your workflows, including customisable email and sms templates.

Different authentication methods can be applied to different user cohorts along with customisable workflow pages and user instructions.

No need. Attachment processing is normally configured according to policy, therefore the workflow is usually fully automated, i.e. your users or back-office apps just send the message.

Because each DOQEX service is configured differently, we will work with you to identify and configure appropriate options and policies. We will also help you create user instructions for distribution to your organisation.

By default, every user can recall their own emails.

Depending upon your setup configuration, you may require authorisation or action by a team manager, service desk manager or administrator.

No. PGP requires a key exchange with someone you already know (and have a trusted out-of-band comms channel with).

DOQEX protects workflows between anyone, even if you’ve never been in touch with them before.

No need. Most DOQEX users never need to download or install anything. DOQEX does however have an MS Office plugin which can be used to enable Securemail and File Sharing actions directly within MS Word, Outlook, Excel, PowerPoint.

Yes. DOQEX interoperates seamlessly with Exchange or EOL.

Setup is fast and we provide detailed instructions for administrators.

We can also provide powershell scripts or a DOQEX engineer to assist. Talk to your account manager or raise a ticket for more details.

Yes. DOQEX can stop viruses and other malicious payloads that are present in your messages.

DOQEX can also filter inbound messages for spam, phishing and other malicious activity.

Yes. DOQEX is designed to play nicely with other email service providers.

Whether they are adding signatures, banners, scanning for malicious payloads or unauthorised content our policy at DOQEX is to be fully interoperable with your other providers.

From Authy to Radius to YubiKey and beyond, we support the majority of authentication methods.

If there is an option we don’t currently support, let us know and we’ll add it.

Yes. As well as LDAP auth, DOQEX supports SSO via an IdP (such as Okta) using SAML or OpenID connect via the OAuth2 framework.

Yes. Documents available for viewing can have a watermark embedded.

The watermark is configurable and can include custom text as well as identifying data such timestamp, agent stamps, IP, etc. Watermarks are vital to protect against data exfiltration by users with cameras or screenshot tools.

Any device with a modern, standards compliant browser is compatible with DOQEX.

If you have immutable legacy devices or browsers in your mix, please speak to us, we’ll be happy to examine interoperability support.

All data is located within the UK. London by default.

We can also offer locations in Cambridge and the EU including The Netherlands, Germany and Belgium.

DOQEX server nodes are built by us from bare metal upwards. We can guarantee exactly where your data resides, down to the rack number, floor number and postcode. The same applies to backups.

You decide.

As part of our on-boarding process, we will configure TTLs for messages, attachments, metadata, audit trail and backup data.

All data TTLs are under admin and policy control.

Feature List

Hover over any feature to learn more about it.


Encryption At Rest

Any stored data is encrypted using three stages.

Encryption In Transit

Any moving data between points is encrypted using three stages.

Encryption in Memory

All data is queued in encrypted memory vaults.

Attachments redirect to Project Workspaces

DOQEX securely brokers your business workflows, fully supporting destination endpoints.

Attachments redirect to Alternate File Store (FTP, SMB/CIFS, S3, OneDrive etc)

DOQEX securely brokers your business workflows, fully supporting destination endpoints across major platforms.

Attachments redirect to DLP Engine

Attachments can be passed for inspection and compliance against data loss policies.

Attachment Workflow Control

Download, Discard, View only, Watermark.

Attachments may automatically be discarded or marked as view only preventing recipients downloading files. File viewing may be watermarked with audit trail data for extra security.

Restrict Reply & Forward Lists

By default recipients are prevented from doing anything except replying to the original sender. Administrators can configure reply lists to enable responses to shared addresses and teams.

Email Recall

Recall emails by clicking a button from the email in their sent items folder. Administrators, Team managers, and service desk teams can recall email on users behalf.

Evidence quality Audit Trail

Every action on data by users or the system is securely logged in an indelible audit trail.

Audit Trail Reporting

Comprehensive range of audit trail reports. Customisable reports, schedulable reports, digest reports.

Authentication (Multi-factor, Email, Q&A, SMS)

Choose an authentication option for recipients appropriate to their capabilities and the sensitivity of the data. Options include multi-factor auth, SMS tokens, single and multi-use direct login links.

Single Sign On

Multiple SSO options available incl. SAML2, OpenID, Okta

Direct Login Links

Simplifies the login process. No passwords required but usage and expiring is still controlled.

Data Loss Prevention (DLP)*

Data Loss Prevention engine is a comprehensive policy driven tool to help prevent data exfiltration and data loss.

DLP Triggers

DLP engine contains pre-built triggers for credit card numbers, NI numbers, Keywords, phrases, sentiment etc.

Smarthost Configuration

Configure alternative hosts for return, outbound and bounce scenarios. Configure smarthost ports, hosts, authentication and security controls.

Domain Specific Email Routing

Route mail to different policies based upon domain.

Domain Whitelisting

Restrict message routing based upon authorised domain sources.

Unlimited Storage Capacity

We operate an unlimited storage policy which is subject to fair usage policy. Security should not be rationed.

Message Retention (days) TTL

The default email storage period is 365 days, but can be changed according to your policies.

Large File Transfer

Bypasses mail client file size limitations to send files securely to the cloud.

Sender-Based Routing

DOQEX mail gateway allows full control over mail rules based upon individual senders and sender domains.

Encryption Certified

DOQEX uses the FIPS 140-2 approved encryption algorithm, Advanced Encryption Standard (AES).

Encryption Standard (default)

AES-256 encryption is extremely secure. It is the most secure encryption algorithm available today and is used extensively in government and military applications

International Standard Certification

ISO 27001. The world's best-known standard for information security management systems (ISMS).

Malware & content protection

Documents are scanned upon upload for malicious activity to ensure compromised accounts are not able to send weaponized attachments.

Attachment Limits

There is no attachment limit, but your storage will be subject to our fair usage policy.

Watermarking – embedded security fingerprint

 Help protect data exfiltration by unauthorised devices and safeguard against screenshots and image capture. The watermark security fingerprint is configurable and can include timestamp, agent strings, IP and email address, host details and custom notices.

Discrete Recipient Policy

Along with granular recipient routing processing rules each rule can segregate recipients into discrete divisions. This enables alternate auth, download rights and other settings to be applied for each rule.

Opt-in/Opt-out Encryption

Admin can define defaults for user cohorts.

Message Modification

Inspect messages for keywords/triggers and enable substitutions.

EULA Templates & Enforcement

Define & present your terms of use and rules at the point of use. Define different terms for each user cohort. Enforce and report against usage.

Outlook Plugin

Seamless integration with Microsoft Office 365 email via an Outlook Plug-in.


Email Client Support

DOQEX provides a frictionless service that does not require a plugin and will therefore work with any email client and infrastructure.

Policy-Based Routing

Applying security by policy allows users to forget about security settings and just get on with their work.

Attachments conversion to Secure Links

Automatically convert email attachments to secure, traceable download links. Configure the link text (in any language) and decide on the placement position.

Email Attachment Recall

Users and administrators have the ability to revoke email attachments.

Read Notifications

Automatically convert email attachments to secure, traceable download links. Configure the link text (in any language) and decide on the placement position.

Role-based Reporting

All users have pre-packaged repports available, including DPO/GDPR, SARs, Project Managers and users.

Upload Request Automation

Automatically create secure upload links based on policy triggers. Requests are automatically embedded within emails, admins configure link format, text and location.


White labelling

DOQEX services are configurable with branding, corporate styling etc.

Private labelling

A DOQEX service is private and the ultimate in a trusted service. Every element is configurable with multiple identities. Every communication element from Email to SMS is templated and configurable. DOQEX has no ego.

Managed Service

We look after and monitor your day to day administration of the service, making adds, moves and changes as requested. Plus providing audits and reporting.

Want to know more?

Call Us

01904 500255

Message Us