Underscores Tumbleweed’s Commitment to Adopt Email Sender Authentication Technologies to Fight Email Fraud

Redwood City, CA – August 12, 2004 – Tumbleweed® Communications Corp. (NASDAQ:TMWD) today announced that it continues to lead the industry in adopting technologies and standards that help eliminate fraudulent inbound email by adopting the Sender ID Framework. Sender ID, the convergence of Microsoft's Caller ID for email proposal and Meng Wong's Sender Policy Framework (SPF), verifies that each e-mail message originates from the Internet domain it claims to come from based on the sending server’s IP address. Eliminating domain spoofing will help legitimate senders protect their domain names and reputations, and help recipients more effectively identify and filter junk e-mail.

Tumbleweed currently supports SPF and Caller ID, and plans to adopt Sender ID for the 6.1 version of Tumbleweed’s Email Firewall. Tumbleweed’s Email Firewall has been recognized as the #1 enterprise software solution for fighting spam according to Network World, and the #1 email firewall software for large enterprises by Information Security Magazine. Tumbleweed Email Firewall protects, filters and secures email traffic at the Internet gateway with an integrated set of anti-spam, anti-virus, anti-hacker, content filtering, email relay, and encrypted messaging capabilities -- minimizing email communications risks and reducing email management costs.

With the adoption of Sender ID, Tumbleweed will deliver the broadest set of email authentication implementations in the industry. Tumbleweed’s Email Firewall 6.0 has received S/MIME Gateway (SMG) certification from the Open Group, a technology neutral consortium committed to business efficiency and interoperability. Tumbleweed is one of the first two vendors to have an email encryption gateway certified for interoperability under the program, which is designed to reduce the risk of deploying gateway-to-gateway S/MIME authentication and encryption by ensuring that certified products from a variety of vendors will work together. Tumbleweed also plans to support Sender ID in future releases of Tumbleweed’s MailGate, the company’s award-winning LINUX based anti-spam appliance.

"Tumbleweed recognized early on the benefits of utilizing strong authentication technology to combat email fraud and has been ahead of the industry in delivering email authentication technologies to customers,” said Ken Beer, Director of Product Management at Tumbleweed Communications. "Authentication of email senders has emerged as an important cornerstone for many different aspects of email security, including anti-spam, anti-worm, and anti-phishing. Most email threats are reliant on sender address spoofing, so the adoption of authentication technologies can go along way toward preventing fraudulent emails from reaching enterprise inboxes.”

“The success of any email authentication initiative, such as the Sender ID Framework, requires swift and broad action industrywide, and momentum for this kind of standard is clearly building,” said Ryan Hamlin, General Manager of Microsoft’s Safety Technology and Strategy Group. “By integrating Sender ID into tools that enable easier industry adoption, Tumbleweed is taking a great step to help the industry as a whole to swiftly move forward in establishing e-mail authentication standards that will help contain the spam and phishing problem for customers worldwide.”

About Tumbleweed's Email Firewall
Tumbleweed Email Firewall has been recognized as the #1 enterprise software solution for fighting spam according to Network World (http://www.nwfusion.com/reviews/2003/0915spam.html), and the #1 email firewall software for large enterprises by Information Security Magazine. Tumbleweed Email Firewall protects, filters and secures email traffic at the Internet gateway with an integrated set of anti-spam, anti-virus, anti-hacker, content filtering, email relay, and encrypted messaging capabilities -- minimizing email communications risks and reducing email management costs. Tumbleweed Email Firewall is used by over 400 of the largest, most demanding messaging infrastructures in the world, and is available in both appliance and software editions.

About Tumbleweed Communications Corp.
Tumbleweed is a leading provider of secure Internet messaging software products for enterprises. By making Internet communications secure, reliable and automated, Tumbleweed's anti-spam, email firewall, secure file transfer, secure email, and identity validation solutions help customers significantly reduce the cost of doing business. Tumbleweed products are used by millions of end-users and tens of thousands of corporations. Tumbleweed customers include ABN Amro, Bank of America Securities, Catholic Healthcare West, JP Morgan Chase & Co., The Regence Group (Blue Cross/Blue Shield), St. Luke's Episcopal Healthcare System, the US Food and Drug Administration, and the US Navy and Marine Corps. Tumbleweed Communications was founded in 1993 and is headquartered in Redwood City, Calif. For additional information about Tumbleweed go to www.tumbleweed.com or call 650-216-2000.

SAFE HARBOR STATEMENT
Tumbleweed cautions that forward-looking statements contained in this press release are based on current plans and expectations, and that a number of factors could cause the actual results to differ materially from the guidance given at this time. These factors are described in the Safe Harbor statement below.

Except for the historical information contained herein, the matters discussed in this press release may constitute forward-looking statements that involve risks and uncertainties that could cause actual results to differ materially from those projected, particularly with respect to the timing of Tumbleweed’s adoption of the Sender ID framework and effectiveness of Tumbleweed products that use the Sender ID framework. In some cases, forward-looking statements can be identified by terminology such as "may," "will," "should," "potential," "continue," "expects," "anticipates," "intends," "plans," "believes," "estimates," and similar expressions. For further cautions about the risks of investing in Tumbleweed, we refer you to the documents Tumbleweed files from time to time with the Securities and Exchange Commission, particularly Tumbleweed's Form 10-K filed March 15, 2004 and Form 10-Q filed May 10, 2004.

Tumbleweed assumes no obligation to update information contained in this press release, including for example its guidance regarding its future performance, which represents the Company's expectations only as of the date of this release and should not be viewed as a statement about the Company's expectations after such date. Although this release may remain available on the Company's website or elsewhere, its continued availability does not indicate that the Company is reaffirming or confirming any of the information contained herein.

###