Cross-domain email gateway
Manage external network email accounts from within isolated networks

PSTmail allows email accounts on a less secure network (e.g. Internet) to be used from within an isolated network. A mapping between email accounts on both networks is established and messages are moved between them.

PSTmail is one of the products of the PSTgateways family. All PSTgateways products share the same architecture which provides a common administration and security infrastructure. Individual products differ in the supported data flows, called services.


PSTmail guarantees the impossibility of any type of traffic between the two networks except the mail transferred by the system itself.

The gateway does not substitute the mail servers on the two networks but rather uses them as intermediary elements for sending and receiving the messages. The system is exclusively administered from the isolated network.

Outgoing mail must be digitally signed in order to be transferred by the system.

Incoming Mail

The gateway manages incoming mail transparently: it periodically checks the external network mailboxes which have been configured, enters the messages it finds into the internal network and sends them to the configured destination accounts on the isolated network.

Incoming Mail Channel
This is the name given to the correspondence between an email address on the external network and an email address on the isolated network. There are also a number of parameters that can be individually specified for each channel, such as priority and format filters.

The mail enters a secure network in a transparent way for the users, even though filtering policies and conditional forwarding can be applied and it can be sent to various internal accounts.

Outgoing Mail

All outgoing messages need to be authorized by digital signature. PSTmail works as a mail server on the internal network and checks the digital signature of each message before sending it to its recipients on the external network.

It also deletes any internal network information contained in the message headers and permits basic filtering of the messages by format.

Main Benefits


  • Common Criteria Certified at EAL 4+
  • Incoming and outgoing flows work independently
  • Outgoing mail requires authorization using a digital signature (S/MIME) for each message
  • Isolated network information removed from outgoing mail


  • Allows real-time email communications
  • Transparent to the isolated networks users
  • Easy to deploy – Nothing to install on user’s computers

Technical data

  • Handle up to 2,500 email addresses (channels)
  • Supports Internet protocols: POP3, IMAP4, SMTP.
  • Incoming transfer rate: 20,000 messages / hour.
  • Outgoing transfer rate: 5,000 messages / hour.
  • Maximum message size: 50 MB.