It has been a while since we’ve written anything here. Honestly, we have seen so much security news recently that we suspect people didn’t want to see any more.

By now, most people know about Sony being hacked along with countless other organizations. Gmail was hacked, Hotmail was hacked, Hotmail even went offline for a while, leaving users wondering what was happening to their email.

With all of this news about security violations, what are people to think? Well, the first thing people should think about is their own security, or rather the security of their data.

We generally don’t like to drone on and on but… do you leave your messages on Microsoft’s servers? How about on Google’s servers? Yahoo’s? Anyone else’s server? If you do, then you must consider that your privacy is in their hands. If a system administrator at Yahoo makes a mistake and leaves a hole open for a hacker to exploit, it will hurt you. Someone you don’t know, and never interact with, can cause you great discomfort by (accidentally) exposing all of the email stored in your online account. Considering most websites allow you to have your passwords emailed to you, this completely exposes your online identity to theft. Gmail users in China learned this lesson the hard way.

Responsible Behavior

What should you do? As we’ve said repeatedly (again, forgive us for droning on, again), you should NOT use IMAP to access your email (it leaves messages on the server, waiting for someone to hack your account). We regularly receive requests to support IMAP within TrulyMail because it can be used properly by some users. For us, this argument is the same as saying that TrulyMail should allow scripts inside the body of messages because they could be used for a good purpose, not just for hacking.

We have taken a strong stance against the weaknesses in email. Email is more than 40 years old and is full of weaknesses. At the same time, we all depend on email and likely use our email client more than any other piece of software. So, the fact that there are serious dangers in it should ring alarm bells. We answered the alarm by releasing an email client which solves many of the problems with email itself.

If someone sends you an email with a script embedded in it, could there be a good reason? It is possible but it is much more likely that they are trying to compromise your computer. After all, a script is another word for a program. Running an unknown program on your computer is simply asking for problems.

OK, enough about the dangers out in the world. What other news do we have for you?

Since our last writing, four months ago, we have added many, many new features to TrulyMail. We’ve even added a new version of TrulyMail.

Introducing TrulyMail Lite

At the request of our customers, we have created TrulyMail Lite. It is just like TrulyMail except it has fewer features. It does not support email (you can only communicate with other TrulyMail recipients). It does not support voice messaging or many other features found in TrulyMail. Why would anyone use TrulyMail Lite when TrulyMail is so much more feature-rich (both TrulyMail and TrulyMail Lite are free)? The simple answer is that TrulyMail Lite is for older computers and is a lighter-weight application, an application which does not consume so many resources, but will still allow you the safety of encrypted communications. Of course, TrulyMail Lite is available in Standard and Portable editions.

New Features

We’ve also added to TrulyMail’s already long list of features. For example, you can now play a sound as part of a messaging processing rule. For example, if you want to play one sound when you receive a message from John Smith and a different sound when you receive a message from Suzi Jones, you can now do that easily.

TrulyMail is now an RSS reader so if you want to download your news or blog updates directly into TrulyMail, you can easily do so.

TrulyMail now supports AutoText (or signatures). That is, if you want to be able to quickly add text to your messages, even using hot-keys, you can do so easily now.

You can now relate contacts to your outbound email accounts. So, if you want to make sure that every time you send to John Smith, it comes from your Hotmail account and every time you send to Suzi Jones, it comes from your Gmail account, you can do that easily now. TrulyMail will even warn you if you have two contacts on the same message who are assigned to different email accounts.

TrulyMail can now import messages from Outlook Express, Incredimail, and any email client which uses .eml file formats.

You can also now change the color of your folders in your folder tree.

One more major change we have made is that Encrypted Web Messaging now supports attachments. As you may know, Encrypted Web Messaging is a way to send encrypted messages to recipients who do not use TrulyMail. All encryption is done on your computer and all decryption is done in the recipient’s browser so everything is nice and secure. However, one problem has been handing attachments. After all, if decryption happens in the recipient’s browser, then they cannot decrypt attachments, right?

There are, of course, solutions to almost every problem. The solution in this case is to use AES256-encrypted zip files as attachments. The user will be able to open (and decrypt) the attachment with any zip utility which supports AES256-encrypted zip files. Most zip utilities (7-zip, WinZip, etc.) do but Windows’ built in support for zip files does not (nor does Mac's).

If your recipient does not have a third-party zip utility, what can they do? That’s easy. They can download a self-extracting zip file as an .exe file. In this case, they just download and run the file they download. The self-extracting zip file is actually a program (simply an extractor) so as long as they have Windows XP or later, they do not need a zip utility. The best part is that the choice belongs to the recipient. They can choose whichever they want.

If you want to learn more about the features within TrulyMail, the best way is to watch some videos: http://trulymail.com/Videos

As you can see, we have added quite a few new things to TrulyMail – most in direct response to feedback from our customers.

As always, we would love to hear from you as well.

Earlier this month, we introduced TrulyMail 3.0. Accordingly, we thought it best to use this opportunity to write a little about it.

There were many bugs fixed, which will result in a more stable experience for you. But, more excitingly, we have introduced many new features and improvements.

One new feature is a new reminder system. Think of this as a to-do list with dates. You will see your current (and past due) reminders in the section directly under the folder tree. By default, it will only show reminders due on or before today. If you want to see your future reminders as well, check the Show All Reminders box and you will see the future reminders with their dates highlighted in yellow.

Adding, editing, and deleting reminders is easy. Just right-click in the reminder area and choose what you want to do. You can even create reminders when sending messages. We don't know why nobody else does this (at least nobody else that we know of).

One thing that is special about TrulyMail reminders is that they can be related to one or more contacts or even to one or more messages. Then, when you open the reminder, you can click the message (or contact) and open it directly. This makes referring back to something fast and easy.

We've created a new automatic email account configuration utility within TrulyMail. It will lookup and verify (by actually connecting to your email server) all of your settings. Of course, you can still manually enter everything but now you don't have to.

We've always blocked scripts embedded in messages and now we also block iframes (a way of hosting a web page inside another web page). We believe there is no reason to use either scripts or iframes within messages, except for doing something bad. If one of our readers out there knows of a good reason to allow scripts or iframes, we would love to hear it.

TrulyMail also now keeps much more information about your interactions with your contacts (of course, this information never leaves your computer, unless you back up to TrulyMail servers and even then it is encrypted so nobody can read it). You can quickly see the last time you sent or received a message from a contact. You can also configure it so that reminders will be automatically generated for you based on how often you should contact your contacts.

TrulyMail also now includes an importance column in the message list. You can flag one contact as more (or less) important than others. Then, in your inbox, you can sort by importance, dealing with the most critical messages first, while delaying the less important ones for later.

TrulyMail also now has a message processing rule system. Let's say that every time you receive a message from 'JohnQ@Public.org' that you want that message to be moved to a specific folder. That is now very easy to do. Want to automatically increase the importance of any message that includes 'Project Alpha' in the subject? This is also very easy to do.

Have you ever wanted to have a little window to popup down by your system clock to tell you when new messages arrive? Just check a box in the options window and you'll have it. Would you like a sound played instead of (or in addition to) that notice? Easy. And, yes, you can add your own sounds.

We've also added a built-in audio player so you can play your voice messages without leaving TrulyMail.

Do you often send pictures? If you do, you likely have to resize your pictures (a picture from a common camera can take 5MB per image) to something more reasonable for your recipients. Now, TrulyMail can resize your pictures for you. Just attach your pictures and TrulyMail will ask you want you want to do. Want to turn off this feature? That's easy to do as well.

We've also added a new method of communication: The Encrypted Web Message. TrulyMail has always made it easy to send and receive encrypted messages. However, both parties have needed to use TrulyMail (this is true for both TrulyMail messages and encrypted email packages). Now, there is an alternative. You can send an encrypted web message to someone and they will receive an email from TrulyMail with a link so they can view that message in their browser. The message will be completely encrypted on your computer and only decrypted on their computer, in their browser (no external java applets needed) once they enter your password. They can even reply to you and it will also be completely encrypted (and delivered right into your TrulyMail inbox). Not even TrulyMail will be able to read your message contents.

This feature of encrypted web messaging is a paid feature. However, we've given all existing TrulyMail users the feature for free until the end of July. You can use it as much as you want. If you want to use this feature after the feature expires in your account, you can always renew for another year for only $10. See our store (or contact us) on our website for more information.

There are actually more than 150 improvements that we've made so we certainly cannot list all of them here. The best way to learn about TrulyMail is by using it.

If you would like to watch some training videos, you can see them here: http://TrulyMail.com/videos. There are more added all the time, so check back often.

We hope you like using the new TrulyMail as much as we've enjoyed making it for you.

As always, we would love to hear from you.

There are two notable stories from the news this past month which should make us reconsider leaving our email messages on someone's server. If you've been reading this blog for a while then you likely know that we are totally against leaving ANY messages on someone else's server for any longer than necessary. If you find you really have a good reason to leave message on someone's server (hopefully encrypted with TrulyMail), then we would love to hear it.

Before we talk about alternatives to leaving messages on someone's server, let's talk about the notable stories mentioned earlier.

The first is a case where a man (Mr. Walker) accessed his wife's email account and found evidence that she was unfaithful. Many people debate the details and what is right and wrong. In the end, Mr. Walker is facing felony hacking charges and five years in prison. While plenty of people are busy casting judgment (both for and against Mr. Walker), we are here to discuss something that nobody is talking about.

The wife (now ex-wife) left all her messages on Google's server. Once someone had access to her account (it only takes a password, after all), that person could read everything she ever wrote to anyone. In this case, it was her husband who accessed her email. A much bigger problem is for those people who speak out against the Chinese government, live in China, use Gmail, and had their email accounts hacked (but that is the topic of an earlier post).

Email accounts certainly can be accessed by people whom we wish not to have access. There are plenty of ways to hack an email account on most email servers. The question is, knowing this, why would you ever leave any messages (especially unencrypted messages) on someone's server?

Does it seem that the woman in question was sloppy and ended up paying the price (the price was her secrets being revealed)? We think so. Will she leave her emails on someone's server in the future? Probably not. However, like most people, she didn't think about the risks she was taking until she had already suffered some pain.

The second story is about Microsoft and their Live email services (formerly called Hotmail). This past weekend (first weekend of 2011), about 17,000 users of the Live email service found their accounts empty of emails – even those who had decades of emails stored on Microsoft's servers had lost everything. Of course, Microsoft got right on the problem and fixed it but during the downtime, those users had no way of getting their email, period.

Now, let's go back to why some users like to store email on someone else's server. The primary reason is so that user can access their email from anywhere in the world. If they are on vacation, if they are at work, at a friends home, etc., they can always get to their messages. Of course, as Microsoft has shown this is not something you can rely on 100%. If Microsoft loses your emails, then they can no longer give them to you (again, to be clear, the problem has reportedly been fixed by Microsoft).

So, if we want to access our emails from anywhere in the world, what should we do?

Clearly, leaving our messages on someone else's servers, while possible, creates at least two major risks (risk of someone accessing your account/reading your messages and risk of the person/company who manages the server(s) losing your messages). If we want to avoid these risks, what else can we do?

The best solution is to use TrulyMail Portable. TrulyMail Portable gives you all the features of TrulyMail Standard but can be run from a USB drive. You can buy a very inexpensive USB stick, put TrulyMail Portable on it, and keep all your messages in your pocket. If you go on vacation, your messages are with you. At work? Still there. At a friend's home? Still there.

With TrulyMail Portable, you have the convenience and security of having only a single copy of your messages (unless you want to keep a backup somewhere) and being able to access them from wherever you are.

In the two stories mentioned above, using TrulyMail Portable would have solved the problems of everyone. Fewer people would have suffered, if only they understood the risks they were really taking by keeping messages on someone else's server.

So, do yourself a favor. If you, or a friend, wants to access email from multiple locations, try, or recommend, TrulyMail Portable. It's free and with the upcoming release of TrulyMail 3.0, it's just getting better and better. You can download TrulyMail Portable here: http://TrulyMail.com/DownloadTrulyMailPortable.

Wikileaks; it's a name that has been in the news a lot recently. Some say the founder of Wikileaks is a terrorist, while others say he is a hero. We choose to stay out of the politicts of it but we would like to talk about the issue of keeping secrets.

As we have written many times, there are some secrets that need to be kept. Of course, for everyone who wants to keep a secret, there is usually someone else who would like to know that secret.

It has been said before, when two people know a secret, then it is no longer a secret. This was actually the weak link in the recent Wikileaks case. The data made public was from cables between embassies and Washington. These cables are encrypted (just like when one TrulyMail user sends a message to another TrulyMail user). Intercepting these message is no easy task and, in the recent Wikileaks case, it was not done at all.

We want to draw people's attention to this simple fact. The recent classified information which was published by Wikileaks was not obtained because of a failure of encrypted messaging. Rather, it was the people inside the embassies who felt the information should not be kept a secret.

How does this affect you, as a TrulyMail user? It should remind you that TrulyMail can prevent someone from intercepting your messages, since they are encrypted, but if you send a secret to someone else, that other person now knows that secret. If a third party later finds out that secret, it could well be because the other party revealed the information in question.

What can you do? Sadly, no much. There are companies who offer you the illusion of additional security. One example is the 'non-forwardable message.' In this case, the recipient cannot click the 'Forward' button and cannot copy the text from the message to paste it into a new message. Seems secure, right? Well, you must always remember the basic rule: If you give someone some information, they will be able to pass that information on to a third party, whether you like it or not. There are plenty of technical and non-technical ways to accomplish it. For example, someone could just re-type what you wrote. They could also read it into a voice message and send the information that way. They could even use screen-capture techniques (not complicated) and send an image of your message. Whatever way they choose, the end result is the same…your information is given to someone without your consent.

Is there a way around this? Not really. It is a fundamental truth that if you tell someone something, they can tell it to someone else. So, instead of trying to solve an insolvable problem, your time would be much better spent simply ensuring you are giving information only to those you trust and to use a secure system to ensure that a third party cannot intercept your messages.

We should be releasing TrulyMail 3.0 very soon. If all goes as planned, you should see something around the end of January. If you are interested in getting a beta version, please let us know and we will let you know when it is available.

Always keep your eyes open.

The question of trust is a complex one. Do you trust your neighbor? Do you trust your co-workers? Do you trust your local police? Do you trust your national police?

If you are using TrulyMail to send encrypted messages then you clearly trust TrulyMail, at least as far as delivering your messages is concerned. Even this, is a big step for many.

Why do we bring this up?

There has been a lot in the news lately about violations of trust and violations of privacy. RIM (makers of BlackBerry) has been talked about extensively due to the demands of nations like India, UAE, and others to be able to read all encrypted messages sent over BlackBerry devices. Will BlackBerry hand over the keys? Can they? It seems they cannot for enterprise customers but for non-enterprise customers, it is another story.

What about CircleTech? There have been rumors about the Czech counter-intelligence agency trying to bribe them to provide a defect in their system allowing the police to spy on users' messages. According to the news, however, the company rejected the money and kept their, and their product's, integrity.

What about HushMail? There was a case years ago where they decided to violate the trust of their users. Because of the design of their system, they actually held their users' decryption keys (TrulyMail never has your decryption keys); however, those keys were protected by the user's password. HushMail hacked their own system and provided 'altered' utilities to their users to capture the password to the decryption key in question. While the user thought they were safe from anyone reading any messages stored on the HushMail servers, those messages were handed over – in their unencrypted format – to the police.

What about TrulyMail?

Unlike web-based providers, we NEVER have your decryption keys and we have no way to get them. Your decryption keys are only on your system. Since we don't have your keys, we cannot provide your keys to anyone. As well, we cannot not decrypt your messages.

Unlike many systems, we never keep your messages on our server longer than absolutely necessary. As soon as a message is picked up by the recipient, it is deleted from our server.

What can you do to protect yourself?

First, use TrulyMail or another encryption service which will not keep your messages, even in an encrypted form. There is no reason to keep your messages on someone else's server. Send, receive, delete.

Second, if you are using email, do not store your messages on anyone's server. Many users use IMAP (which is a way of accessing your email on a server while leaving all the messages on the server). The whole idea behind IMAP is to keep all of your messages on the email server. Even if you encrypt your email, you should not leave your messages on a server longer than absolutely necessary. It is much better to use POP (which downloads all the messages from the server to your local computer and deletes the messages from the server). TrulyMail only supports POP because we feel so strongly about this.

You've likely read the news about one of Google's email administrators who was fired for illegally accessing users' email accounts. You've likely also read the news about Google being hacked in China and their users' email accounts being read by third parties. Gmail is great but they tend to keep your messages and that just increases your risks. The typical motivation for using IMAP is so you can access your email from multiple computers (home, work, vacation, etc.). We provide TrulyMail Portable so you can use POP and keep all your messages on a USB drive and keep it in your pocket. Which do you think is more secure? Google's servers or your pocket?

What about the recent talk about the US government demanding that all encrypted communication services being forced to install a 'backdoor' so that the government can read everyone's conversations? Would TrulyMail be affected by this? No. TrulyMail is based in Chile and we do not do any business with the US government therefore they have no authority over us. We will not provide such a backdoor into our system. We would sooner shut our system down than make our customers think their privacy is secure when it is not.

The idea of building a weakness into any system seems silly to us. After all, if it is a hole the police can use, then a hacker can use the same hole.

Our policy has always been that keeping your messages private is what TrulyMail is all about. From the time they leave your computer until the time they arrive on the recipient's computer, everything possible should be done to ensure the privacy of the message.

So, remember, to keep your privacy, use TrulyMail messages (much more private than email), or at least encrypted email (which TrulyMail also supports) and do not leave your messages on anyone's server longer than absolutely necessary.

There has been a lot of news coverage about the issue of RIM (Research in Motion) and their BlackBerry phones being disconnected in Saudi Arabia, UAE (United Arab Emirates), and perhaps even India.

The governments of these countries are demanding that RIM give the governments access to the messages sent from BlackBerry devices. The key point here is that BlackBerry uses encryption to keep messages private. This encryption is very difficult for governments to break so they want RIM to simply give them access to all of the messages, at the governments' choosing.

There are many issues here. First, is it possible? Second, is it reasonable? Third, what if RIM refuses to comply? Finally, of course, can this happen to TrulyMail?

Is It Possible?

This is a good question for RIM. It seems RIM would like to keep their own secrets on how they encrypt messages. We could get into a discussion about encryption techniques here but the main question is, when a message leaves a BlackBerry, is it encrypted to RIM or to the recipient? If the message is encrypted to RIM, then RIM can read the message. They would then have to re-encrypt the message to the recipient when the recipient picks up their messages. If this is the case, then yes, RIM could provide the access the governments want since RIM is able to read the messages sent over its network.

If, on the other hand, the messages are encrypted to the recipient then RIM would not be able to read the messages. If RIM cannot read the messages, they cannot give anything to the governments.

Which way does RIM's encryption work? That is unclear and it seems RIM wants to keep it that way.

Is It Reasonable?

This is really a value-based question. What is reasonable? What is fair and just? There are plenty of examples of governments wanting to spy on their citizens. Everywhere from China to Myanmar to the USA. If you say something, the government would like to know.

In some cases, especially in democracies (USA, UK, etc.) the governments cannot simply say 'we are doing this and there is nothing you can do about it.' The reason they cannot issue such an order is because those governments are (at least somewhat) responsible to their citizens. That is, the citizens can vote the government officials out of office if they become dissatisfied with their actions. So, the officials will often disguise a spying campaign in 'other clothes.' For example, they will claim that they must be able to read the contents of everyone's computer so they can make sure nobody is preying on children. Since no reasonable person wants harm to come to children, it is hard to object to this. Another thing they will claim is that they need to read all communications because if they cannot then terrorists will do something horrible.

Both of these claims are unfounded. If someone is ill enough to want to prey on children, they will find a way. If someone is mentally unstable enough to commit an act of terrorism, there is always a way to do it.

First, it is unclear that a single intercepted email message has ever been a contributing factor into the arrest of a terrorist. Someone tried to blow up a car in New York City. They were not caught via email. They were not caught by someone invading that person's privacy. They were caught by someone noticing something strange and notifying a police officer.

Some people remind us of an old quote by a founding father of the US, Benjamin Franklin. He said, those who give up liberty for security deserve neither liberty nor security. His point is worth considering. Freedom must always be retained. Without it, we are all prisoners.

What if RIM Refuses to Comply?

RIM does find themselves in a very difficult situation. They can operate in various countries because those countries allow them to do so. BlackBerry devices are tied to a country's mobile phone network. It would be easy for governments to prevent BlackBerrys to be sold in their countries and this is exactly what some governments, like the UAE, are doing. UAE has said that RIM cannot operate in the UAE after October unless they give UAE access to the private messages of RIM's users.

Will this pressure be enough for RIM to comply? Of course, only RIM executives can answer that. It has, however, been an issue in the past with many companies and China. Someone in China said something the Chinese government did not like and China told the company (Yahoo, in one well known case) to identify the person who said it. At risk of being kicked out of China, Yahoo complied. Yahoo was certainly not the only company who found themselves pressured heavily by foreign governments. Sadly, many companies do end up complying.

Can This Happen to TrulyMail?

At TrulyMail, we are more open with how we do things. We are quite clear than when you send an encrypted message (via TrulyMail or email) that message is encrypted to the recipient. That means only the recipient can read the contents of the message. We cannot. We do not have the decryption keys to read the message. Even if someone threatened us with something terrible, we could not comply because we cannot. It is not technically possible for us to read the contents of encrypted messages. We designed TrulyMail like this for a reason.

We believe that people have a right to privacy. Whether you're talking about an personal health matter or your bank balance or which company you want to buy, what you write is your business. Keeping it private is ours.

There is an old saying, if two people know a secret then it is not a secret. Secret is really just another name for privacy, it is about keeping information out of the public eye. Secret, privacy, whatever you want to call it, is something that should be your choice.

We believe in the principle of need to know. That is, those who need to know, get to know. If you send a message to TrulyMail Support, then we need to know the contents. However, if you send a message to someone else, then we do not need to know the contents.

Some might say we are careless but we disagree. We are providing a service. Does the postal service know the contents of every letter which they handle? Of course they do not. It should be the same for anyone handling electronic communications.

So, if you are using BlackBerry and you think that RIM might start making your private conversations public, then consider using TrulyMail for more of your messages. Then, you can rest assured that not only do you know when your messages arrive, but you also know that someone else is not reading them.

We just released TrulyMail version 2.6. What could be a better use of this month's post than to cover the new features?

Talk to Me

The biggest new feature is VoiceMail. After all, TrulyMail is not just an email client. TrulyMail is not just an encrypted, private messaging network. TrulyMail is a communication system. In previous versions, you could choose between encrypted and non-encrypted messages. You could also choose between using email or the TrulyMail network for delivering your messages. Who says communication always has to be text and images? Why can't you use your voice? After all, you don't need to worry about spelling if you're talking (and many people can speak faster than they can type). Now, you can choose between the written and spoken word. Just open a new message, click the VoiceMail record button, and start talking.

Changing Spacing

TrulyMail messages have always been double spaced between paragraphs. If you wanted a single spaced new line, you would hold down the <shift> key while pressing <enter>. However, what if you wanted single spacing to be the default and you wanted double spacing to happen when you pressed <shift> + <enter>? Well, now you have the option. From the main TrulyMail window, go to Tools -> Options and click on the Experience tab. At the bottom you will see "Use single spacing..." If you check this, your default will be single spacing and you can double space by using the <shift> + <enter> key combination. Warning: This can affect your formatting.

Did You Get This?

One of the benefits of using encrypted email is that in order for someone to open the message, they must get the key from the TrulyMail server. That process of getting the key tells the server that the person received, and is reading, the message. Because of this, even when you don't use TrulyMail's servers to send messages, you can still know which messages were received and which were not. Of course, TrulyMail handles all of this automatically for you. All you have to do is choose to encrypt your email messages.

Help Me

Don't worry, we've added some documentation to help you remember all of these things. From within TrulyMail, on the main window, go to Help -> TrulyMail Help. Another option is to go to: http://TrulyMail.com/Help.

As always, we are committed to making TrulyMail the most efficient, usable, and safe communication system around.

It has been about a year since we integrated email with TrulyMail. Since that point, you have been able to use the TrulyMail Client (standard or portable) to send and received both TrulyMail messages (which travel through TrulyMail servers and bypass email servers altogether) and email. In fact, you can even send a single message to both TrulyMail and email recipients. In this case, of course, the message has to be sent twice (to the TrulyMail servers and to the email servers).

Better than Email

There are many features which you get with TrulyMail messages which you do not get with email messages. For example, when you send a TrulyMail message, you always know if and when your recipient receives your message. You also get encryption for free. When we say free here we mean without cost AND without effort. You also get authentication so that you know when you receive a message from Anna that it is really from Anna and not from someone else.

We have worked hard to fix the fundamental problems with email by making TrulyMail the most robust communication tool around. However, what if you still want to use email?

Better Email

Since TrulyMail includes support for email, we wanted to make your experience with email as good as it can be. Yes, email has some built-in limitations but there are still many things we can do to make your email experience better.

1) Better Address Book - We have written previously about the TrulyMail address book. Its use of tags, its ability to configure so many options on a contact-by-contact basis, even its ability to block certain people from emailing you are features unique to TrulyMail. These features are all focused on one thing: Giving you better control over your communications.

2) Better Support - If you use Outlook, Outlook Express, Thunderbird, or any other email client, and you run into a problem, who can you contact? Can you call Microsoft? For a fee, yes, yes you can. You can make a posting on a website and keep checking back to see when the problem is resolved, if it ever is. However, we think it is much easier to simply be able to transmit any error information (only when you say to do so) directly to the people who can get you sending and receiving again. In TrulyMail, just go to Help->Send Data to TrulyMail Support and you know we can understand exactly what is going wrong. Of course, TrulyMail would never send any information anywhere without your permission.

3) Better Trash Can - Trash cans are great. You can delete messages to get them out of the way but they hang out in the trash so, in case you deleted one accidentally, you can still get the message back. Of course, once you empty your trash can, you lose all your messages in there. Since we are most likely to want to 'recover' a message soon after we delete it, we should have the option to empty the trash but keep the most recent 10 days worth of messages (or whatever number you choose). TrulyMail does exactly this. Actually, it does it all automatically. TrulyMail constantly keeps an eye on the trash and when a message has been in there more than 10 days (you choose the number under Tools -> Options -> Experience) then TrulyMail automatically, permanently, removes that message from the trash. This has one more benefit - your trash can never takes up too much space. If you keep your TrulyMail on a USB drive you don't want your trash filling up your drive.

4) Better Messages - We all have contacts which do not understand the subject line of a message. They always leave it blank or they put something so generic (like 'you' or 'information') that the subject might as well be blank. However, if you want to keep your old messages somewhere and you want to be able to find them by scanning a list of subjects, having a meaningless subject is really fustrating. Wouldn't it be great if you could change the subject on any message you received (or a message you sent without putting a good a subject on it)? After all, we can rename files so why can't we change the subject of an email? Of course, with TrulyMail you can. Just look under Message->Change Subject. Want to keep some notes attached to your message? Wouldn't is be great if you could just type in a little area off to the side but within the message itself? This way, if you ever opened the message, you would see those notes? Of course, TrulyMail is here to help. Go to Message -> Add Notes and you can do exactly that.

5) Better InBox - Wish you could see which messages have notes? Well, you can. Just look for the little note flag next on the message. Wish you could tell the size of a message (if you are trying to free up space, better to delete one 10MB message rather than 10 tiny messages). As you can see, the size is listed right in your message list. Want to see more than just whether or not a message has attachments? You actually want to see the number of attachments? Done! Just look in the 'A' column and you can see if a message has one, twenty, or no attachments at all.

6) Better Receipt Processing - One of emails greatest weaknesses is that although there is way to request a return receipt when sending email, there is little you can do with that receipt when it gets sent back to you. How do you keep track of which messages have been received and which have not? Of course, TrulyMail has the answer. While TrulyMail messages process receipts automatically, email receipts require some intervention on your part. Still, you can easily process email receipts and you can see the original message in your Sent Items folder get updates. Then, just scan your Sent Items folder and you will see which message (TrulyMail and email) have been received and which have not.

7) Better Options - Want to block remote images when someone not in your address book sends you an email? Go to Tools->Options->Email and you will see the option to do exactly that. Here's an even better feature: Imagine you have two contacts with the same name (father and son or perhaps just lucky to know more than one John Smith). When you receive messages from either one of them, you don't really know until you open the message which one sent the message. Perhaps you like to refer to the father as "John Smith The Elder" and the son as "John-John Smith." Of course, you cannot control how they send their name but you can control how you see their name. Again, go to Tools -> Options -> Email and choose to show the sender's name as it is in your address book. Then, update your address book and you will see your InBox in a whole new light.

8) Safer Reading - We've already covered remote images but what about scripts embedded within a message? Is it possible for someone to send you a message with embedded javascript (after all, an email message is usually HTML) which can be used to track you or to make some other change you would prefer not have happen? It is not only possible but it happens all the time. Try viewing the source on a posting from a Yahoo news group and you will see the scripts they add. If you don't like people running scripts inside your email, then you'll love TrulyMail. Open a message with scripts in it and TrulyMail will tell you how many scripts it blocked. This will let you know who is trying to do things you want to avoid. Our policy is that there is no reason to embed scripts within email.

There you have it. With TrulyMail, you get a communication system which is truly better than email and you also get truly better email. You get the best of both worlds, all in one application.

As you can see, while it is not possible to fix all the problems with email, it is possible to make email better. If you have some ways you would like to see TrulyMail better handle email, please let us know.

Are all address books the same? Of course, they are not. This article is to help you understand the TrulyMail address book.

Now, most electronic address books are quite similar. No matter which application you use (TrulyMail, Outlook, Thunderbird, etc.) all of the address books allow you to sort by the various columns. Simply click the column header where it says 'Name' and you will see all of your contacts listed in order of their name. You can see the sort order because the sorted column (in this case 'Name') will have a little triangle on it.

Most address books also allow you to filter your lists. For example, in the TrulyMail address book, just type into the Filter text box and you'll only see your contacts which match what you typed. When finding matches, TrulyMail will look at the contact's name, address (for email contacts), and tags.

You might notice there is an extra column in your TrulyMail address book which many address books do not include: Tags.

Tags are labels or identifiers you can add to your contacts. For example, perhaps you like to email your family members regular updates on your life. You could tag each family member 'Family' and then when you are creating a new message, simply type 'Family' and you will only see those contacts which match. This can be very useful when you have hundreds of contacts. A contact can have multiple tags so this is the ideal way to include people in groups. With TrulyMail, you can see what groups someone is in and who are the members of a group. Try doing that with Thunderbird (Thunderbird only allows you to see the members of groups but you cannot see all the groups for one contact)!

TrulyMail allows blocking contacts (so they cannot send you messages). You can block both TrulyMail contacts and email contacts. If you block a TrulyMail contact, the server will not even accept their messages to you. If you block an email contact, their message will be automatically deleted before you see it. Either way, the result is the same - blocked contacts will never bother you. Of course, it is possible to change your  mind. Perhaps you block someone and later decide you do not want that person to be blocked. To resolve this issue, just click on the Blocked Contacts tab (yes, your filter applies here too so it is easy to find someone even if you have many blocked contacts) and you can easily unblock those contacts you want to receive messages from.

You can also see a column titled 'Remote Images.' We have written articles before about remote images being used to track you. This is a complex issue but that does not mean you should not have control. The short version is that TrulyMail can either load remote images when displaying messages to you or not. This is configurable by you and you can configure it by contact. For example, perhaps you get a newsletter from support@TrulyMail.com and you know that when they do use remote images, they NEVER use them to track you (we never track you). You can configure that email address to allow remote images (Remote Images = True). This way, you will not have to click one more button when viewing emails from trusted sources.

Receive Only is another feature that other applications do not support (we have no idea why as we find it quite useful). The issue is that there are contacts you want in your address book (so you can configure return receipt settings, remote image settings, etc.) but you never want them to show up in your list of contacts when you are writing a message. For example, if you use Google Alerts, then you receive messages from googlealerts-noreply@google.com. You may want to make sure you never send a return receipt to this address but that does not mean you want to see this email address as a contact when you are writing new messages. The solution is to mark this contact as Receive Only then they will only show up in your address book and not in your contact list when composing a message.

Req Receipt is 'true' when you want to always request a return receipt from this person (that is, you want to be notified when the person reads your message so you know they got it). This is not an issue for TrulyMail contacts as TrulyMail always requests, and automatically processes, return receipts from TrulyMail users. However, for email contacts, this is important. For example, perhaps you have an understanding with a business contact that because emails are frequently never delivered (one of the major problems with email), you will both send messages with return receipts requested and you will always send the receipt back for messages you received. This way, you know what has been delivered and what has not been. While you could manually do this every time you write a message to that person, it is much easier to simply mark that contact Req Receipt=True and let TrulyMail do the work for you.

You can also mark Send Receipt=Always if you want TrulyMail to automatically send a return receipt to this contact when they send you an email message with a return receipt requested. If you mark Send Receipt=Never then even if that contact requests a return receipt, TrulyMail will not send one and will not ask you. You can also set Send Receipt=Use receiving account settings which means that TrulyMail will consider the the settings in the email account used to receive the message. TrulyMail gives you control at both a high and low level so you can choose what is right for you.

We are constantly trying to make TrulyMail easier to use for you so please feel free to send us your comments on how you use TrulyMail and which features you would like to see added or changed. After all, we are here to serve you.

If you have explored your TrulyMail in detail, you have likely found (under Tools-> Create / Change Startup Password) the ability to create a Startup Password. You might not, however, fully understand its purpose. This posting is to explain that.

The startup password is used for two purposes:

1) Stopping people from accidentally accessing the messages in your TrulyMail, and

2) Protecting your stored passwords, even from TrulyMail Support personnel

Let us explore the first point first.

Since TrulyMail is installed on your computer (or USB drive), someone must have access to your computer (or USB drive) in order to access your TrulyMail messages. If you leave your computer unattended (for example, at work when you run into a quick meeting) then someone could open your TrulyMail and read what you have. Of course, the safest solution to this is to lock your workstation.

Windows provides a very easy way to lock your workstation simply by holding down the 'Windows' key on your keyboard while pressing the 'L' key. This will lock your workstation so only someone with your password can access your computer. However, what about another plan? Since you might forget to lock your workstation, what can TrulyMail do to help you?

If you create a Startup Password then when you open TrulyMail, you will be prompted for this password before you can see anything (read or send messages, look in your address book, etc.). Does this encrypt your information on your drive? No. Does it stop a dedicated hacker from peeking around? No. What it does do is provide a simple door someone must pass through in order use your TrulyMail. As the old saying goes, 'Locks keep honest people honest.' If someone really wants to get in, then the best solution is to use TrulyMail Portable on a USB drive and keep it in your pocket at all times. Physical security is the most important thing in keeping your data private.

Now, there is a second benefit to using a Startup Password. First, however, you must understand that TrulyMail stores some of your passwords (but TrulyMail only does this when you ask it to and it only stores this information locally - the information is never sent to TrulyMail's servers). For example, when checking your TrulyMail account, you are prompted for your TrulyMail account password. Having to enter this every ten minutes can be a bother for some. If this bother becomes too much, then simply check the box labeled 'Remember' (on the login window). Then, when you click 'Login' your password will be stored and you will not be prompted again. Of course, you can always go to Tools->Options on the main TrulyMail window and click the 'Clear Saved Password' button. Then, your stored password will be erased and you will be prompted each time for your password.

Now, when TrulyMail stores your password, how does it store it? Of course, TrulyMail encrypts your password before storing it. Not to do so would be quite unsafe. While it would be difficult, it is technically possible for a hacker to break the encryption and find out your password. However, if you create a Startup Password, then finding your password is much, much more difficult. We won't go into the details of cryptography here as it is too complex for most people. However, the simple rule is that if you create a Startup Password, then all of your stored passwords will be much more difficult for a hacker to find.

Why do we give you this option? If you have been reading this blog for a while, then you know that we at TrulyMail do everything we can to give you the control to keep your private information private.