Our webmail consists of rich innovative user-interfaces that are specifically designed for business users. It allows you to manage your email, address book, tasks, appointments, password, mail forwarding options, etc in an effective manner.

Our mail system allows you to download and view emails using your favorite email client (Microsoft Outlook, Outlook Express, Eudora, Netscape Mail etc.). You would not necessarily have to use the web-based email client only.

Using our POP3 service, you can download all your emails when connected to the internet and then view and manipulate the retrieved messages without needing to stay connected. Our service allows you to set your email software to "leave mail on server" - which is very useful if you want to download the same messages from a different computer, or read your messages from the web-based email client at a later date, or just maintain a copy of your messages on the server for backup purposes.

We are one of the few hosting companies that allow you to access their email via IMAP (a modern alternative to POP3). IMAP provides various advantages, such as - freedom to download selective messages / attachments only, the ability to create and manipulate server-side folders, perform server-side searches on email messages etc.

Email forwards/aliases are email addresses configured such that all incoming mails to them, are forwarded to other email address/addresses. A choice of forward/alias can be anything - corporate name, business department, additional nickname, misspellings etc. An email forward/alias can redirect all incoming emails to - one or more email accounts, mailing lists or other email forwards/aliases.

Enabling the auto-responder would result in an automatic reply being sent out by the email system as soon as an email is received for that specific email address. Auto-Responders are commonly used for the following -

A catch-all is an account that receives messages sent to non-existent email addresses at your domain name. For example, if someone sends a mail to mgmt@yourdomainname.com, and the account didn't actually exist, the catch-all would receive this message. A catch-all email address can ensure that genuine and possibly important communication intended for you is NEVER missed.

Along with every hosting package you get the ability to add up to 50 mailing lists with 500 members in each list. While adding a mailing list, you can decide to create it in the form of a newsletter, an announce list, a private discussion list or an open discussion list. You can also choose to moderate messages and mailing list subscriptions. The email administrator control panel also allows you to view and edit your member lists, automatically block mails where message size is greater than the size specified by you, add a specific message at the end of all posts, add / remove moderators, block specific users from posting to your list etc.

With your email hosting package you get a full-fledged DNS Manager with an easy-to-use Web based Interface for DNS Management. You can add, modify, delete all types of records through the web based interface. All additions and modifications will reflect instantly on every DNS server. You can even set and change TTL on a per record basis, and modify all the SOA parameters.

You can provide users with round-the-clock, high-performance, comprehensive protection against the threat of e-mail borne viruses and malicious code for ALL their email accounts. Our AntiVirus software detects nearly 100% of viruses and other malicious programs. Our comprehensive virus patterns database updates at frequent intervals and supports infallible identification.

Our mail server blocks out unwanted spam at the server level making email communication more usable. The basic anti-spam solution blocks as much as 70% of all spam for most users and about 30-40% for users who get a huge amount of spam on a daily basis. All spam that is blocked is 100% guaranteed junk mail i.e. genuine mails would never get blocked.

Spammers have started using advanced methods such as Directory Harvest Attacks (DHAs) to collect corporate email addresses and add them to their spam lists. A typically DHA works by trying to deliver mails to addresses in a spammers dictionary of common email addresses at your domain name for e.g. john.smith@yourdomain.com, jsmith@yourdomain.com, john@yourdomain.com, johnsmith@yourdomain.com etc. Email addresses of mails that are not rejected by your mail server are assumed to be real and are compiled in to spam lists and sold to several other spammers around the world. So even if they have been giving out their email address to trusted friends and business associates only, have taken extra care to not use it while signing up for any service, and never used it while posting on online forums - their extra-guarded email address still gets spam if successfully harvested through a DHA attack. Further, the damage caused by DHAs isn't just more spam - as if that wasn't bad enough - a large DHA or multiple simultaneous DHAs act like a denial-of-service attack and can deteriorate their mail service or worse bring down your mail server.

Our mail systems automatically detect DHA attacks and nip them in the bud. They are designed to protect your accounts from extremely large attacks. Our systems are successfully blocking several such attacks on a daily basis.

Mail Bombing involves sending of a large number of and/or excessively large-sized unwanted emails to a single e-mail address, with the aim to prevent normal use of the mailbox. Our systems have built-in protection against such attacks.

Email Server Flooding is a type of denial-of-service attack. It involves sending of a exceptionally large number of unwanted emails to one or more e-mail address on a mail server using multiple threads, with the aim to degrade the performance of the mail server by choking all available SMTP connections and other resources. Our filtering systems use state-of-the-art technology to detect such attacks and launch counter-measures to protect our mail servers.

Our Security platform and process leverage on multiple levels of security - consisting of Security Systems and Equipment1 combined with Security Procedures and Practices2 and Auditing Processes3, to ensure unparalleled security for all the services we provide. The platform tackles security at 7 different levels

Our global datacenter partnerships are a result of a comprehensive Due diligence process. Security and stability are two of the most important variables in our due diligence process. All datacenters are equipped with surveillance cameras, biometric locks, authorization-based access policies, limited datacenter access, security personnel, and similar standard security equipment, processes and operations. What separates us however is the fact that our due diligence process also incorporates a measure of proactiveness demonstrated by the datacenter towards security. This is measured by evaluating past practices, customer case studies, and the amount of time the datacenter dedicates towards security research and study.

Our global infrastructure deployments incorporate DDOS mitigators, Intrusion Detection systems, and Firewalls both at the edge and the Rack level. Our deployments have weathered frequent hacking and DDOS attempts (sometimes as many as 3 in a single day) without any degradation.

Denial of Service is currently the top source of financial loss due to cybercrime. The goal of a Denial-of-Service attack is to disrupt your business activities by stopping the operation of your web site, email or web applications. This is achieved by attacking the servers or network that host these services and overloading the key resources such as bandwidth, CPU and memory. The typical motives behind such attacks are extortion, bragging rights, political statements, damaging competition etc. Virtually any organization that connects to the Internet is vulnerable to these attacks. The business impact of large sustained DoS attacks is colossal, as it would lead to lost profits, customer dissatisfaction, productivity loss etc due to inavailability or deterioration of service. A DoS attack in most cases would even land you with the largest bandwidth overage invoice that you have ever seen.

Our Distributed Denial-of-Service protection system provides unrivaled protection against DoS and DDoS attacks on your internet-facing infrastructures i.e. your websites, email and mission critical web applications, by using sophisticated state-of-the-art technology which automatically triggers itself as soon as an attack is launched. The DDoS mitigator's filtering system blocks almost all fraudulent traffic and ensures that legitimate traffic is allowed up to the largest extent possible. These systems have seamlessly protected several web sites from large service outages caused by simultaneous attacks as large as 300+ Mbps in the past, thus allowing organizations to focus on their Business.

Our round-the-clock firewall protection system secures the perimeter and delivers the very best first line of defense. It uses highly adaptive and advanced inspection technology to safeguard your data, website, email and web applications by blocking unauthorized network access. It ensures controlled connectivity between the servers that store your data and the Internet through the enforcement of security policies devised by subject matter experts.

Our network intrusion detection, prevention and vulnerability management system provides rapid, accurate and comprehensive protection against targeted attacks, traffic anomalies, "unknown" worms, spyware/adware, network viruses, rogue applications and other zero-day exploits. It uses ultramodern high-performance network processors that carry out thousands of checks on each packet flow simultaneously with no perceivable increase in latency. As packets pass through our systems, they are fully scrutinized to determine whether they are legitimate or harmful. This method of instantaneous protection is the most effective mechanism of ensuring that harmful attacks do not reach their targets.

Hardware Standardization We have standardized on hardware vendors that have a track record of high security standards and quality support. Most of our infrastructure and datacenter partners use equipment from Cisco, Juniper, HP, Dell etc.

Host Based Intrusion Detection System
With the advent of tools that are able to bypass port blocking perimeter defense systems such as firewalls, it is now essential for enterprises to deploy Host-based Intrusion Detection System (HIDS) which focuses on monitoring and analyising the internals of a computing system. Our Host-based Intrusion Detection System assists in detecting and pinpointing changes to the system and configuration files - whether by accident, from malicious tampering, or external intrusion - using heuristic scanners, host log information, and by monitoring system activity. Rapid discovery of changes decreases risk of potential damage, and also reduces troubleshooting and recovery times, thus decreasing overall impact and improving security and system availability.

Our applications run on myriad systems with myriad server software. Operating Systems include various flavors of Linux, BSD, Windows. Server Software includes versions and flavors of Apache, IIS, Resin, Tomcat, Postgres, MySQL, MSSQL, Qmail, Sendmail, Proftpd etc etc. We ensure security despite the diverse portfolio of software products we utilize by following a process-oriented approach

All servers are registered for automatic updates to ensure that they always have the latest security patch installed and that any new vulnerabilities are rectified as soon as possible. The largest number of intrusions result from exploitation of known vulnerabilities, configuration errors, or virus attacks where countermeasures ARE already available. According to CERT, systems and networks are impacted by these events as they have "not consistently" deployed the patches that were released.

We fully understand the requirement for strong patch and update management processes. As operating systems and server software get more complex, each newer release is littered with security holes. Information and updates for new security threats are released on an almost daily basis. We have built consistent, repeatable processes and a reliable auditing and reporting framework which ensures that all our systems are always up-to-date.

Frequent checks are run using enterprise grade security software to determine if any servers have any known vulnerabilities. The servers are scanned against the most comprehensive and up-to-date databases of known vulnerabilities. This enables us to proactively protect our servers from attacks and ensure business continuity by identifying security holes or vulnerabilities before an attack occurs.

Software upgrades are released frequently by various software vendors. while each vendor follows their own testing procedures prior to release of any upgrade, they cannot test inter-operability issues between various software. For instance a new release of a database may be tested by the Database vendor. However the impact of deploying this release on a production system running various other FTP, Mail, Web Server software cannot be directly determined. Our system administration team documents the impact analysis of various software upgrades and if any of them are perceived to have a high-risk, they are first beta-tested in our labs before live deployment.

All of the application software that is used in the platform is built by us. We do not outsource development. Any 3rd party Products or Components go through comprehensive training and testing procedures where all elements of such products are broken down and knowledge about their architecture and implementation is transferred to our team. This allows us to completely control all variables involved in any particular Product. All applications are engineered using our proprietary Product Engineering Process which follows a proactive approach towards security. Each application is broken down into various components such as User Interface, Core API, Backend Database etc. Each layer of abstraction has its own security checks, despite the security checks performed by a higher abstraction layer. All sensitive data is stored in an encrypted format. Our engineering and development practices ensure the highest level of security with regards to all application software

The weakest link in the security chain is always the people you trust. Personnel, Development staff, Vendors, essentially anyone that has privileged access to your system. Our Holistic Security Approach attempts to minimize security risk brought on by the "Human Factor". Information is divulged only on a "need-to-know" basis. Authorization expires upon the expiry of the requirement. Personnel are coached specifically in security measures and the criticality of observing them.

Every employee that has administrator privileges to any of our servers goes through a comprehensive background check. Companies that skip out on this are putting to risk all sensitive and important data belonging to their customers, as no matter how much money is invested into high-end security solutions, one wrong hire - having the right amount of access - can cause greater damage than any external attack.

In a vast deployment of globally distributed servers, audit processes are required to ensure process replication and discipline. Are all servers being patched regularly? Are the backup scripts running all the time? Are offsite backups being rotated as desired? Are appropriate reference checks being performed on all personnel? Is the security equipment sending out timely alerts? These and many such questions are regularly verified in an out-of-band process that involves investigation, surveys, ethical hacking attempts, interviews etc. Our audit mechanisms alert us to a kink in our security processes before it is discovered by external users.