The Dmail chrome extension encrypts your message locally on your computer. The encrypted body of the message is sent to Dmail's servers, while the decryption key and a link are sent to the intended recipients through Gmail. Neither Dmail nor Gmail gets both the encrypted message and the decryption key, so only the sender and intended recipients can read the message legibly.
Only the body of your Dmail gets encrypted. The subject line is not encrypted, nor are any attachments.
Users can currently send attachments, but they are not encrypted and are therefore not revokable. We are investigating document support in the near future.
When a user sends a Dmail, they can choose an expiration time of 1 hour, 1 day, 1 week or Never. The timer begins as soon as the email is sent, and when the timer is up, the Dmail is permanently deleted from our servers.
The "never" option allows users to revoke a message at any point they choose. Just click into your sent Dmail, and click the "revoke" button to permanently delete the message.
Use cases vary, but Dmail was built to send sensitive information like passwords, keys, account numbers, etc and destroy those messages once the intended recipient has received the information.
No. Dmail receives an encrypted copy of the body of your email, and never receives the decryption key to that email.
If someone gains access to your Gmail account, they can only view Dmails you've sent and received that have not yet been destroyed. We are working on a solution for this issue which we hope to roll out in the Fall.
No. Each Dmail has a unique decryption key. In order to read one of your messages, someone would need the decryption key, the location of that Dmail, and for the Dmail to not have been destroyed yet.
No. We cannot prevent recipients from taking screenshots or pictures of your Dmails. Dmails should be sent to trusted contacts, but for your and their protection, those messages can be destroyed so no one else can access them.