mail-html5

Whiteout Mail is a mail client with full IMAP, SMTP, TLS and OpenPGP support written in pure JavaScript. The Client is distributed as a Chrome Packaged App since it requires TCP sockets. Download the official version under whiteout.io.

Security

• The app is deployed as an auditable packaged app with static versions in order to prevent problems with host-based security.
• Content Securit Policy (CSP) is enforced to prevent against injection attacks.
• The code is still under heavy development and is yet not recommended for production use. That being said, we have done multiple code audits and penetration tests (which will be published as soon as all reported vulnerabilities are fixed).
• We will also launch a bug bounty program later on the compensate security researchers. If you find any security vulnerabilites, don't hesitate to contact us security@whiteout.io.

Building

You can download a prebuilt bundle under releases or build your own:

npm install && grunt

This builds the Chrome Packaged App bundle DEV.zip which can be installed under chrome://extensions in developer mode.

Testing

npm test

License

Copyright © 2013, Whiteout Networks GmbH. All rights reserved.

The code is open for inspection and peer review by the security community.
The code is currently not licensed under an open source license. If you're
interested in contributing or getting a license, please get in touch with
us (info@whiteout.io).

Many of the libraries we use are licensed under an open source license. Here are some of the libraries we use (for a complete list please take a look at the code):

• OpenPGP.js: An implementation of OpenPGP in Javascript
• Inbox: Simple IMAP client for node.js
• Nodemailer: SMTP client for node.js
• Forge: An implementation of TLS in Javascript
• node-shims: A basic set shims of commonly used node API for use in the browser