Security & Trust  

go-mapi has two security stories, and they stay separate: Standalone is the free MAPI Gmail bridge that runs locally, while Managed is the pilot control plane for organizations that need fleet-level configuration and auditability.

Standalone Standalone  

Standalone is the no-cloud path. A legacy Windows application calls MAPI, the local go-mapi DLL catches that request, and the go-mapi desktop app opens the Gmail compose flow. No browser extension, native messaging host, or go-mapi server is in the path.

Standalone go-mapi data flow from legacy Windows application through local MAPI components to Gmail, with no go-mapi server in the path.
No go-mapi servers anywhere in the path.

Mail content and attachments stay between your Windows machine, your browser, and Gmail. Standalone does not send message bodies to go-mapi, does not phone home, and does not require a go-mapi account.

Want it now? Free forever, LGPL-3.0. Download Standalone.

Managed Managed  

Managed is the pilot control plane for Google Workspace admins deploying go-mapi across many Windows seats. It is not a mail relay.

Managed control plane concept showing an admin console, central configuration, and fleet clients reporting state and audit events.
Managed control plane - architecture concept (in pilot)

The pilot launches with EU hosting. US and Worldwide regions follow once Managed reaches general availability. Managed handles only control-plane metadata: configuration, audit events, seat licensing, and fleet state. Email message bodies never transit through Managed; mail still flows from the user’s Windows machine directly to Gmail through the Standalone client path.

No badges yet - we publish attestations as they land, never before.

Today Planned
GDPR-compliant subprocessor list SOC 2 for Managed general availability
Spanish operator under LSSI-CE and LOPDGDD ISO 27001 after the pilot hardens
Google Workspace identity boundary Trust portal with published attestations

Join the Managed pilot

Vulnerability disclosure  

Report security issues to [email protected] . We acknowledge vulnerability reports within 2 business days and credit reporters by default unless they opt out. Please do not submit unrelated support questions to this address.

Your rights under GDPR  

The canonical privacy-policy language for access, rectification, erasure, restriction, portability, objection, and complaints to the AEPD lives in the privacy policy . The Security page keeps the operational security story short and links there as the source of truth.

Subprocessors  

go-mapi.app currently relies on these subprocessors:

  • GitHub Pages - static-site hosting.
  • Cloudflare - DNS and CDN.
  • Formspark - Managed pilot lead form on /cloud/.
  • Plausible - privacy-friendly pageview analytics once enabled.

Full subprocessor entries with addresses, DPA references, and transfer mechanisms live in the privacy policy .