The Cloudoko Forms service collects data from a user via a form presented in a browser and be configured to send this via SMTP email to one or more address(es) of your choice. This article discusses the various options for configuring SMTP with Cloudoko and the security implications of this
Table of contents
Using our email server
By default, all customer accounts are configured to use our email servers.
Cloudoko can only protect the security of an email once it leaves our email servers.
Emails are inherently hard to secure without additional additional technology such as S/MIME or OpenPGP. At present Cloudoko do not support either of these options but are open to discussion with our customers should the need arise.
You should also check that your email clients are connecting securely (over TLS) to your email servers.
The risks can then be limited to someone snooping traffic between our email server and your email server.
Using your email server with a direct connection
Cloudoko can be configured to send emails using your SMTP server in one of two ways.
Ideally your email server will accept secure connections via SSL / TLS (it probably does).
Using your email server via Cloudoko Driver (if your email server is internally hosted - e.g. behind a firewall)
The Cloudoko Forms service can communicate with an internally hosted email server with Cloudoko Driver.
Cloudoko Forms communicates with the Driver via a Microsoft Azure service bus relay using transport security, TCP for message delivery, and a binary message encoding. The service bus control channel is SSL-protected. Proven Microsoft technology is employed to ensure security. For more information on Azure service bus relays, see https://azure.microsoft.com/en-gb/documentation/articles/service-bus-fundamentals-hybrid-solutions/#relays