Security

Emcognito Security and Privacy Architecture

Emcognito is an email forwarding alias service. It creates aliases that forward to your real inbox, stores account and alias metadata needed to route mail, and is designed not to store copies of forwarded email bodies after delivery.

Updated

Forwarding path

  • A sender emails one of your Emcognito aliases.
  • The forwarding service validates the alias and account state.
  • Allowed messages are forwarded to your verified destination inbox.
  • You can suspend or delete an alias if it starts receiving unwanted mail.

What is stored

  • Account identifiers required for passwordless sign-in and billing state.
  • Alias metadata such as labels, notes, status, and routing fields.
  • Monthly forwarding counters used to enforce transparent plan limits.

What is not stored as the product model

Emcognito's public product model is forwarding, not mailbox hosting. The service is designed not to retain copies of forwarded message bodies after delivery. Users should still avoid sending highly sensitive secrets through any forwarding service unless it matches their threat model.

Frequently asked questions

Is Emcognito open source?

No. Emcognito is not open source. The trust model is product transparency, clear data practices, and future third-party audit work when budget allows.

Does Emcognito replace encrypted email?

No. Emcognito hides your real address and helps trace leaks. It is not a substitute for end-to-end encrypted mailbox services.