Secure encrypted email (SEEMail)

Secure email environment between government agencies which protects information classified as IN-CONFIDENCE, SENSITIVE or RESTRICTED.

SEEmail is opt-in for all eligible government agencies
Status Operational

Agency Contact

Department of Internal Affairs Sandeep Dalvi SEEMail Product Manager +64 4 462 0138

Service Description

SEEMail secures email traffic over the internet between participating New Zealand government agencies. The system is a gateway-to-gateway encrypted email service where the email is encrypted and decrypted by the agency’s SEEMail server and not at the end device i.e. a user’s PC, laptop or mobile.

SEEmail is approved to protect information classified IN-CONFIDENCE, SENSITIVE or RESTRICTED.


Participating SEEMail agencies have deployed accredited secure email gateways (sign and encrypt sensitive messages using Secure Multipurpose Internet Mail Extension -S/MIME).

Dimension Data provides the SEEMail PKI (certificate management and LDAP infrastructure) and is contracted under the one.govt agreement. Dimension Data directly invoices the Certificate Authority Management charges to SEEMail agencies. This does not require one.govt participation. 

Each participating agency must engage the services of an accredited SEEMail gateway provider.


If SEEMail is used appropriately by participating agencies, users can be confident that:

  • no one outside the sending participating agency can read the email when it is in transit
  • no one outside the sender’s participating agency can alter the message
  • the email does in fact come from the participating agency as claimed
  • all email traffic between participating agencies is secured
  • all email traffic between participating agencies authenticates the sending agency
  • email marked [SEEMAIL] and [IN-CONFIDENCE], [SENSITIVE] or [RESTRICTED] can only be read by the recipient participating agency and cannot be inadvertently sent to non-participating agencies.

Lead Agency

Department of Internal Affairs

Adopting the service

Agencies wanting to take up SEEMail do not need to undertake a full procurement process. The lead agency has procured the product on behalf of all agencies and has signed a Lead Agency Agreement with the vendor.

Agencies can take advantage of the work done by the Lead Agency by contacting the product manager and following the process below. 

  1. send a community membership request through the SEEMail Member Portal
  2. once authorised to join the SEEMail community, source SEEMail gateway services from an accredited gateway provider
  3. the certificate issuer and the accredited gateway provider will transition the service when the Terms of Use has been agreed.

Lead Agency Agreement summary

  • Closed Supplier Panel
  • Syndicated
  • Initial ten-year agreement, signed in 2009, with one two-year op

Lead Agency Agreement details

The Department of Internal Affairs has contracted management of the SEEMail PKI (certificate management and LDAP infrastructure) to Dimension Data New Zealand and, through it, Liverton. Separation of duties is a contractual requirement. Each SEEMail participating agency has a direct commercial agreement with their preferred accredited gateway provider.

The contract term between DIA and Dimension Data is for an initial term of 10 years to 2019 with one two-year renewal.

Supplier Information

Approved SEEMail Gateway suppliers

  • Liverton
  • SSS - IT Security Specialists
  • Trustwave
  • Dimension Data
  • Datacom
  • Spark Digital
  • DMZ Global
  • SMX

Provides a gateway service for SEEMail and also provides the SEEMail PKI/Certificate Authority Management service.

Contract Began January 2009