Features

Sending and Downloading Files with Ease

• Uses a simple, easy to understand, webmail-like interface for sending files.
Unlimited Files Size.
Modern HTML 5 upload mechanism where supported.
Automatic Fallback to HTML 4 where needed.
Support for the 4 major browser vendors with their last 2 major releases (last 3 for Internet Explorer).
Splits files in 100Mb blocks during uploads to get around proxy limitations.
No Flash, Java or any other plugin used to send or download files.
No browser tweaks or browser reconfiguration required to send or download files.
Each message is sent with an expiration date, the message can’t be viewed and the files attached will be automatically deleted on expiration.
Messages can expire on a certain date or after a set number of downloads.
Multiple files can be automatically zip’ed and downloaded as one zip archive.
Can set forwarding permission to control who other than the specified recipients should be able to download the files.
Can limit message size on a per group or per user basis.
Can BCC myself (to add to my email clients Sent folder).
• Can send files that has already been sent again without re-uploading.
• Can block files based on file extension, or only allow files to be sent with certain extensions.

Receiving Files as easy as possible

• Users can Receive files from external parties with no prior registration.
Users can Request files from external parties that won’t need to register to send files back from the request.

Filedrop pages static URLs for receiving files

• Requires no registration for the external party to use.
You can have as many Filedrop pages as you need.
Each Filedrop page have their own settings for restricted file types and max file size.
Each Filedrop page can have individual forwarding permission to restrict who can download the sent files.
User Filedrop pages — each local users can get their own static URL they can share in their email signature and is unique to them.
User Filedrops can use a nice looking URL with the users email in the URL, a secure random string or both, as required.

File & Folder Sharing

Simple File & Folder sharing for internal and external projects, collaboration and sharing.

• User & Group based authentication.
Ability to upload Folders directly in supported browsers (i.e. Chrome).
Ability to save as many revisions of each file as you need.
Zip-download the current folder including sub-folders.

FileLinks links to individual files

A FileLink is a link to an individual file. It’s perfect for when you don’t know who the recipient is going to be, or for quickly post links to files in a forum, instant messager, post on an intranet and similar.

• You can create as many FileLinks as you need.
Each FileLink has its own expiration and authentication setting.
When attempted to download an authenticated message from a non-existent user, they will authenticate with their email address.

File Requests one time file receive

A File Request is a one time file request users can send to any user. The recipient of the file request will get a one-time use link they can use to send files back to the requester.

• Requires no registration for the external party to use.
One time use so it can never be abused.
File Requests can be enabled on a per group basis

Security protects you even when you don’t realize it

 Secure by Default deployment.
 Can be deployed with no cloud interaction for maximum security.
 Builtin Firewall configured and enabled for maximum security.
 Can be deployed on the Internet with no other firewall or other protection.
• Minimal installed packages in the operating system configuration.
 All transfers can be required to use Industry • Standard HTTPs.
 Only Strong SSL algorithms enabled.
 Only Strong TLS/SSL versions enabled.
 Protection from Cross Site Scripting (XSS) attacks.
• Protection from Cross Site Request Forgery (CSRF).
 HTTP Strict Transport Security (HSTS) enabled.
 All Downloads protected with 3 x 128 bit random tokens (384 bits).
 FIPS140-2 enabled OpenSSL for cryptographic functions (as opposed to weak standard system functions).
 Option to deploy using builtin full disk encryption for data-at-rest encryption.
 Builtin support for Let’s Encrypt Certificates.
 All files are protected for integrity using SHA-1 hashes.
 SHA-1 hashes are visible on all emails sent, on the message page and download information page.
 Can be configured as a closed system with no external user access.
 Passwords are never sent in cleartext.
• Custom Password complexity validation.
 User accounts can be configured to automatically be deleted after a number of days without activity.
 Default to not require external users to have accounts, and still provide authentication.
 Can require all users to have accounts.
 Strong 2-factor authentication can be enabled.
 2-factor authentication can be enabled on a per group or per user basis.
 Secure local password store using the Bcrypt method.
 Single Sign-On (SSO) Integration with SAML 2 providers.
 Simple SSO integration with static shared secrets for simple local integration.
 Spam Protection without CAPTCHA — use of hidden fields in forms that bots will fill in but hidden from users with stylesheets.
 Brute Force Protection — default to block the ip address from the attacker for 15 minutes after 5 failed attempts within 5 minutes.
 Possible to block groups of users to only login from certain ip address ranges.
 Possible to block administrators to only administer the system from certain ip address ranges.
 All activity is logged. This include sending files, downloading files, successful and failed logins, creation, deletion and updates of user accounts, changes to any configuration…
 Can export all logs using Syslog.
 All files are scanned with ClamAV Antivirus on default.
 AV signatures is configured to update every 2 hours.
 AV Engine is configured to updated nightly.
• Ability to add custom file scan (for integration into other AV engines, DLP solution and similar).
 Ability to limit forwarding permissions on a per group basis.
 Ability to limit recipient email domain on a per group basis.
 Ability to limit file extensions or only accept certain file extensions on a per group basis.
 Remember-me can be configured to not enabled, 2 weeks or indefinite.
 Geoloction and Google MAPS integration to get a visual representation of where a file has been downloaded from.
 Display Browser and Operating System details for downloaded files.