A secure and encrypted email service provider that respects your privacy, supports end-to-end encryption, collects little amount of metadata, is a must-have for a secure communication online.
Email privacy is quintessential to protect your privacy & security online. While many communication methods have somewhat replaced email, most people still have and use at least one email account. Most businesses rely on email for their day-to-day activities, most of the online accounts require you to sign up with an email.
This leaves email with a huge attack surface as if someone just gets access to your email will have access to pretty much your entire identity, and information about your banking, healthcare and other accounts is stored within your email account.
Most of the big name email service providers, like Gmail and Yahoo, do not respect the privacy of your messages in the inbox:
- Gmail was caught giving third parties full access to your emails and tracking all of your purchases.
- Advertisers are allowed to scan Yahoo and AOL email accounts to “identify and segment potential customers by picking up on contextual buying signals, and past purchases.”
- Yahoo was also caught scanning emails in real-time for US surveillance agencies.
Alright, now that you are aware about the importance of having a secure email provider that respects your privacy, lets learn how to do just that.
How to Choose a Private Email Provider?
Choosing a secure email provider that respects your privacy can be tricky as there are lots of popular email providers with tons of great features that don’t care about your privacy. Here are just a few things you should look for in a secure & private email provider:
- Jurisdiction: Look for the companies operating outside the five/nine/fourteen-eyes countries to mass government dragnet surveillance, in a country with robust privacy and security laws.
- Strong Encryption: You should consider using those email providers that implement end-to-end encryption along with secure implementations of AES, RSA, along with OpenPGP.
- Open Sourceness: All software dealing with personal data should be open source as this lets anyone to look around the code to find bugs, backdoors, and vulnerabilities.
- Business Model: The business model of any company is an important factor, look for the ones that don’t rely on personal data collection & monetization.
Your email will still have some unencrypted metadata in the header, even if you are using end-to-end encryption (E2EE) technology like OpenPGP, learn more about email metadata.
Forward Secrecy is not supported by Open PGP, which will expose all the previous messages if the either you or recipient’s private key is stolen, learn how to protect your private keys.
You should consider switching to an encrypted messaging app.
Private Email Providers
While secure email options don’t necessarily get masses of storage space, and all the extra features that come with a Google account, you do get secure encrypted messaging. This means that when you send and receive emails, you know that only you can access the contents of those emails.
Tutanota is a freemium email service with the focus on security, privacy, encryption, anonymity, freedom, and open source. They are a small team of privacy enthusiasts, based in Germany, and have been in operation since 2011.
Tutanota uses a strong encryption solution instead of OpenPGP based on RSA and AES, that automatically encrypts the subject, the content and the attachments, they also plan to implement Forward Secrecy. Premium plans start at just €12/year, which includes features like custom domains, multiple users & alias support, and more.
They do not allow third-party email clients, but have native apps for Linux, macOS, Windows as well as Android & iOS. It supports two-factor authentication, and a .onion service is on the roadmap, but only accepts credit cards and PayPal.
ProtonMail is a freemium email service with the focus on privacy, security, encryption, anonymity, open source, and ease of use. They are the same people behind ProtonVPN, based in Switzerland, and have been in operation since 2013.
Accounts start with 500 MB of storage withe their free plan, this free plan does have some limitations like the lack of ProtonMail Bridge, which is required if you want to use a recommended email client like Thunderbird. Premium accounts start from €48/year which includes features like ProtonMail Bridge, additional storage, custom domain support, email aliases, and more.
Mailbox is a premium email service with the focus on being secure, ad-free, and privately powered by 100% eco-friendly energy with a full-fledged office productivity suite. They are based in Germany, and have been in operation since 2014.
There is no free version, and accounts start at €12/year that comes with 2 GB of storage, 3 email aliases, and more. Mailbox uses an integrated encryption in their webmail, which simplifies sending messages to users with public OpenPGP keys.
Mailbox lets you use third-party email clients, they support two-factor authentication, but do not accept Bitcoin, however, they do accept cash by mail, cash to bank, bank transfer, credit card, PayPal, and their webmail interface cannot be accessed via their .onion service.
Posteo is a premium email service with the focus on security, simplicity, anonymity, and being powered by green energy & ad-freedom. They are also based in Germany, and have been in operation since 2009.
There is no free version, and accounts start at €12/year that comes with 2 GB of storage, 2 email aliases, and more. Posteo has an integrated encryption in their webmail, which simplifies sending messages to users with public OpenPGP keys.
Posteo lets you use third-party email clients, supports two-factor authentication, but do not accept Bitcoin, however, they do accept cash-by-mail, credit/debit cards, bank transfers, and PayPal, but they do not operate a .onion service.
Soverin is a premium email provider which focuses on being private, secure, ad-free, and powered by sustainable energy. They are based in Amsterdam, and have been in operation since 2015.
There is no free version, and accounts start at €29/year, which comes with 25 GB of storage, multiple aliases, domains, and mailboxes as well as a public web page where you can publish PGP key, a profile picture, and a short bio. Soverin has an integrated encryption in their webmail, which simplifies sending messages to users.
Soverin allows you to use third-party email clients, supports two-factor authentication, accepts Bitcoin, credit/debit cards, and PayPal, but they do not operate a .onion service.
Disroot is a free email provider amongst other services with the focus on being open, decentralized, federated and respectful towards freedom and privacy. They are based in Amsterdam, and have been in operation since 2015, run bu volunteers and it community.
Disroot is free and uses open source software like Rainloop, users support the service through donations and buying extra storage. It allows for encrypted emails to be sent from their webmail application using OpenPGP. The mailbox limit is 1 GB, but you can buy extra storage at €0.15 per GB/month paid yearly.
Disroot lets you use a third-party email clients, supports two-factor authentication, accepts Bitcoin, faircoin, PayPal, direct bank deposit, and Patreon payments, but they do not operate a .onion service.
You can also self-host your email server if you don’t trust any of the above mentioned email providers, but it will require continuous maintenance. I will be updating this section with a guide to self-hosting an email server soon. Until then, this is a great article that will help you:
Self-Hosted Email Software
You can set up your own email server, but it will require attention and continuous maintenance, in order to keep things secure and your mail delivery reliable. These are some of the best software you can use to self-host your own email service:
Mail-in-a-Box is a free and open source automated setup script for deploying a mail server on Ubuntu. It helps you take back control of your email by defining a one-click, easy-to-deploy SMTP + everything else server: a mail server in a box.
Mailcow is a free and open source advanced mail server perfect for those with a bit more Linux experience. It has everything you need in a Docker container: A mailserver with DKIM support, antivirus and spam monitoring, webmail and ActiveSync with SOGo, and web-based administration with 2FA support.
Modoboa is a free and open source mail hosting and management platform with a modern and simplified user Interface. It is developed with modularity in mind, all current features are basically extensions, and comes with reputation checks like DNSBL and DMARC.
Most of the above mentioned email providers lets you use a third-party email client to access and use your email on your device, these are some open source, feature-rich, and privacy respecting email clients:
Thunderbird is a free and open-source cross-platform email client, news feed, RSS, and chat client, that’s easy to set up and customize with tons of great add-ons, developed by the Mozilla Foundation.
Claws Mail is a free and open source, GTK-based email and news client, that’s easy to configure and has an abundance of features. It is included with Gpg4win, an encryption suite for Windows.
Mailpile is a free, open source, modern, fast web-mail client with user-friendly encryption and privacy features. It aims to make it easy and convenient to receive and send PGP encrypted or signed e-mail.
K-9 Mail is a free and open source mail app for Android, with support for both POP3 and IMAP mailboxes, but supports push mail for IMAP only. It has support for dark mode, emojis, multiple identities, and more.
FairEmail is a freemium, open source, email app for Android, that is fast, lightweight, and battery friendly. It is privacy oriented, has support for dark mode, widgets, and more.
Email Cloaking Services
Email cloaking is the way of masking of the sender’s name and address in an e-mail, It is usually used to send spam or, as people prefer to call it, “bulk e-mail” that conceals their own e-mail address. Here are some of the best email cloaking service providers:
AnonAddy is a freemium and open source email cloaking service provider that lets you create email aliases that forward to your email address. You can choose to use the free version, or self-host it on your own server.
SimpleLogin is a freemium and open source email cloaking service provider that is very easy to use, and can be self-hosted. It has pretty nifty features like replace email by alias everywhere, and much more.
MailDrop is a free and open source, web-based email cloaking service provider that is powered by spam filters created by Heluna, used in order to block almost all spam attempts before they even get to your Maildrop inbox.
Let’s talk about email encryption: how emails can be encrypted, what encryption protocols to use, how you can protect your encryption keys, and everything else you need to know.
End-To-End Encryption in Email?
End-to-end encryption (E2EE) is the way of encrypting email contents so that nobody but the recipient(s) can read the email message. This prevents potential eavesdroppers — including your internet service provider, government, and even your email provider — from being able to access the cryptographic keys needed to decrypt the conversation.
How Can I Encrypt My Email?
The standard way to do end-to-end encryption of email, and have it work between different email providers is with OpenPGP (Open Pretty Good Privacy). There are different implementations of the OpenPGP standard, the most common being GnuPG and OpenPGP.js.
Now, as i have already mentioned earlier that OpenPGP does not encrypt your metadata, and it does not support forward secrecy, all of this combined with PGP flaws like EFAIL, and spam, phishing attacks leads to a pretty huge attack surface for emails — email wasn’t designed with privacy & security in mind, switch to encrypted chat messengers.
There is another E2EE standard that was popular with businesses called S/MIME, but it requires a certificate issued from a Certificate Authority.
Most of the email providers mentioned above use integrated encryption, which simplifies sending messages to users with public OpenPGP keys. You can also manually do PGP encryption:
How To Protect My Private Keys?
You can protect your private keys by strong your private keys in a smartcard like Yubikey or Nitrokey that works by receiving an encrypted email message from a device running an email/webmail client, the message is then decrypted by the smart card and the decrypted content is sent back to the device.
Let’s talk about all the fuss about email metadata: what is included in email metadata, who can see your email metadata, how you can protect your metadata, and everything else you need to know.
What Is Email Metadata?
Email metadata has some visible headers that you may have seen such as: To, From, Cc, Date, Subject — that are required to send and receive emails.
This email metadata is stored in the message header of the email message.
Email metadata is used to show who a message is from and what time it was received. Servers may use it to determine where an email message must be sent, among other purposes not transparent to the user.
Email metadata is accessible to your email client software (or webmail) and any servers relaying the message from you to any recipients. Sometimes this metadata can also be accessible to external third-parties that your email provider uses to protect against spam.
Why Can’t Email Metadata be End-to-End Encrypted?
Email metadata is crucial to the most basic functionality of email. The email servers need to know where the email came from, and where it has to go. E2EE was not built into the email protocols originally and is also optional, therefore, only the message content is protected by E2EE.
How Is My Metadata Protected?
When emails travel between email providers an encrypted connection is negotiated using Opportunistic TLS, which does protect the metadata from outside observers, but as it is not end-to-end encrypted, the server administrators can snoop on the metadata of an email.
Why Not Emails?
Let’s come to a conclusive point on why i don’t recommend using emails, and why you are better off using a secure messaging app :
- Not Built for Privacy & Security: Email was never built with privacy or security in mind, the OpenPGP standard was later formulated by Phil Zimmermann, who by the way does not use it himself.
- Metadata Not Encrypted: Even if you are using the “standard” encryption via OpenPGP, your metadata will not be end-to-end encrypted. The metadata is just as important as the content of the message.
- No Forward Secrecy: OpenPGP does not support forward secrecy, which means if your or recipient’s private key is once stolen, it will give access to all the messages that have been ever sent.
In the end, why use an ancient technology when there are better alternatives like encrypted chat messengers with encryption protocols like Signal and Matrix that are made from ground up with privacy & security in mind.
- Email Comparison Chart: An awesome chart that lets you find the private email service that suits your needs by That One Privacy Guy
- An NFC PGP SmartCard For Android: An awesome guide to creating a NFC PGP smartcard for your android device.
- Choosing an Email Service: An awesome guide to choosing a secure email service provider by That One Privacy Guy.
Private Email Providers
Choosing a privater email service provider that is secure, can be a bit tricky, and i hope this email guide helped you find the email provider, clients, cloaking services, and encryption that you need. I would still recommend that you switch to an encrypted messaging apps like signal for prolonged conversations as they support Forward secrecy.
That’s all Folks!
I will be updating this page frequently with more metadata removal tools and information. You should check out all the encrypted messengers that i recommend bettering protect your privacy.
Do let me know of any feedback, tips, or suggestions based on privacy and security tools you are using, feel free to drop a comment below!