Security at Net at Work

Net at Work is manufacturerof the modular Email Security Gateway NoSpamProxy. We carry the seal of approval “IT Security made in Germany”, are member of the association TeleTrust Federal Association for IT Security and the Alliance for Cyber Security. The security of our products as well as the privacy of our customers is very important to us.

Vulnerability Reporting

Please send your comments to the following address: mailto:[email protected].

Your report ideally contains this information:

• Product/application concerned
• Description of the vulnerability
• If available: Proof-of–concept, Exploit or Network recordings Even if you’re not quite sure: We will follow up your advice and contact you if we have any further questions.

Net at Work Product Security Incident Response Team

For questions or advice regarding the cyber security of our products and mobile applications please contact: mailto:[email protected]

PGP Public Key

You can find the PGP key [https://api.openkeys.de/api/pgpkey/nospamproxy.com/psirt/](here on Open Keys.)

PGP Fingerprint: 41EA FC04 E2AE 24EF DF3B 3E7C 13E7 5B53 9C61 F3DD

S/MIME Public Key You can find the S/MIME key [https://api.openkeys.de/api/certificate/nospamproxy.com/psirt/](here on Open Keys.)

Disclosure Policy Security messages Security messages Hall of Thanks

Disclosure Policy

Net at Work Vulnerability Disclosure Policy

Process for reporting and publishing security vulnerabilities

1. Introduction

As a manufacturer of high quality and durable products, the security of our customer data has top priority and is a company value ofNet at Work. We therefore welcome any contribution from external safety experts to improve the safety of our products. This Directive defines the framework which Net at Work for the responsible disclosure of security vulnerabilities. This Directive applies in its current version, subject to change without notice.

2. Scope of application

This policy applies to all networked or network-capable products and components developed, manufactured or marketed by Net at Work, as well as to all publicly available Net at Work IT applications.

We are interested in reports of vulnerabilities that are exploitable, lead directly to an exploitable vulnerability or allow user data to be compromised remotely.

Please note that reports of vulnerabilities with minimal security impact (e.g. missing headers), unverified results of automated scans, vulnerabilities beyond Net at Work’s control, or vulnerabilities that violate the requirements below will not be considered.

3. Authorisation and responsible disclosure

If your findings or comments concern one of our products or our mobile applications, you can contact our Product Security Incident Response Team (PSIRT) directly. Please use the following e-mail address:

[email protected]

**Your e-mail should contain the following information: **

• Product(s) concerned/application(s)
• Description of the identified weakness
• If available: Proof of concept source code,exploit or log files To speed up the reporting process, please

share the security incidents with us in detail;

To take our existing applications into consideration and not to disturb their operation;

To give us a reasonable response time before you disclose the information. We will endeavour to respond promptly and remedy the identified vulnerability within 90 days. During this time please We endeavour to respond promptly and remedy the identified vulnerability within 90 days. During this timewe ask you to keep all communications and information confidential. If we cannot meet this time frame, we will contact you immediately;

Not to access or modify our data or the data of our users without our express permission of the owner. Please access only your own accounts or test accounts for security research purposes; Please access only your own accounts or test accounts for security research purposes;

To contact us immediately if you accidentally come across data of other users. Viewing, changing, storing, transmitting or otherwise accessing the data is not permitted. Delete all local copies of the data immediately after reporting the vulnerability to the above Email addresses;

To act with good faith to avoid data breaches, data destruction and disruption or deterioration of our services (including denial–of–service); and to comply with all applicable laws.

4. Consequences of compliance with this Directive

We will not take civil action or file a complaint with law enforcement authorities for unintentional, bona fide violations of this Policy as amended. We consider activities conducted in accordance with this policy to be “authorized” conduct. To the extent that your activities are inconsistent with certain restrictions in our Policy, we will waive those restrictions to allow security research under this Policy. We will not make any claims against you if you have circumvented the technological measures we use to protect the applications under this policy.

We would like to thank you for your cooperation. Your comments and messages help us to make our systems more secure. In recognition of this, we would like to welcome you to our Hall of Thanks . Please let us know if and under which name we can list you there.

Security messages This page contains a list of all known vulnerabilities in NoSpamProxy.

Security messages This page contains a list of known vulnerabilities related to NoSpamProxy.

Hall of Thanks This page lists all persons who have reported a vulnerability and agreed to have their name published.

• Nitesh Singh | Open Bug Bounty | August 2020

NoSpamProxy

• [https://www.nospamproxy.de/en/e-mail-security-cloud/](NoSpamProxy Cloud)
• [https://www.nospamproxy.de/en/product/email-encryption/](NoSpamProxy Encryption)
• [https://www.nospamproxy.de/en/product/send-large-files/](NoSpamProxy Large Files)
• [https://www.nospamproxy.de/en/product/e-mail-disclaimer/](NoSpamProxy Disclaimer)
• [https://www.nospamproxy.de/en/request-quotation/](Price request)
• https://www.nospamproxy.de/en/team/
• https://www.netatwork.de/unternehmen/karriere/#jobsnospamproxy
• [https://www.netatwork.de/allgemeine-geschaeftsbedingungen-agb/](General terms and conditions)
• [https://www.netatwork.de/wp-content/uploads/EN-2023-Privacy-Information-for-Business-Partners_Net-at-Work_final.pdf](Data Protection Information for Business Partners and Applicants)
• https://www.nospamproxy.de/en/cybersecurity-product-security-incident-response-team-psirt/

Partners

• [https://www.nospamproxy.de/en/partner/partner-portal/#reseller-werden](Becoming a reseller)
• https://www.nospamproxy.de/en/partner/
• [https://www.nospamproxy.de/en/product/certificates/](Order Certificates)
• https://www.nospamproxy.de/de/newsletter-abo/

Categories

• [https://www.nospamproxy.de/en/category/alle-themen/](All topics)
• https://www.nospamproxy.de/en/category/all-topics/news-en/
• https://www.nospamproxy.de/en/support/
• https://www.nospamproxy.de/en/category/alle-themen/updates/
• [https://www.nospamproxy.de/en/product/certificates/](Order certificates)

Latest News

• https://www.nospamproxy.de/en/server-cloud-differences-tips-for-switching/[https://www.nospamproxy.de/en/server-cloud-differences-tips-for-switching/](NoSpamProxy Server and NoSpamProxy Cloud: Differences and Tips for Switching)16.03.2026 - 11:00

• https://www.nospamproxy.de/en/invoice-fraud-and-what-you-can-do-about-it/[https://www.nospamproxy.de/en/invoice-fraud-and-what-you-can-do-about-it/](When invoices become a trap: Invoice fraud and what you can do about it)24.02.2026 - 10:00

• https://www.nospamproxy.de/en/end-of-tls-client-authentication-certificates/[https://www.nospamproxy.de/en/end-of-tls-client-authentication-certificates/](End of TLS Client Authentication Certificates)19.02.2026 - 14:09

[#top]( Scroll to top )

Privacy Preference

We need your consent before you can continue on our website.

If you are under 16 and wish to give consent to optional services, you must ask your legal guardians for permission.

We use cookies and other technologies on our website. Some of them are essential, while others help us to improve this website and your experience.

Personal data may be processed (e.g. IP addresses), for example for personalized ads and content or ad and content measurement.

You can find more information about the use of your data in our [https://www.nospamproxy.de/en/privacy-policy/](privacy policy).

There is no obligation to consent to the processing of your data in order to use this offer.

You can revoke or adjust your selection at any time under #.

Please note that based on individual settings not all functions of the site may be available.

Some services process personal data in the USA. With your consent to use these services, you also consent to the processing of your data in the USA pursuant to Art. 49 (1) lit. a GDPR. The ECJ classifies the USA as a country with insufficient data protection according to EU standards. For example, there is a risk that U.S. authorities will process personal data in surveillance programs without any existing possibility of legal action for Europeans.

The following is a list of service groups for which consent can be given. The first service group is essential and cannot be unchecked.

• Essential

• Statistics

• Marketing

• External Media

I accept all Save Consent Accept only essential cookies Individual Privacy Preferences

Preferences[https://www.nospamproxy.de/en/privacy-policy/](Privacy Policy)https://www.nospamproxy.de/en/imprint/

You are currently viewing a placeholder content from Google Maps. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.

[#](More Information) [#](Unblock content) [#](Accept required service and unblock content)