Are your emails and attachments safe from prying eyes?
Unless you are using a secure email service that respects your privacy, the answer is probably no. Most large email providers, such as Gmail and Yahoo, do not respect the privacy of your inbox. For example:
- Google is adding ever more advertisements into your Gmail Promotions section. We’re also seeing reports that some people are finding ads interspersed between messages within their Gmail Inbox.
- Gmail was caught giving third parties full access to user emails and also tracking all of your purchases.
- Advertisers have been allowed to scan Yahoo and AOL accounts to “identify and segment potential customers by picking up on contextual buying signals, and past purchases.”
- Yahoo has been caught scanning emails in real time for US surveillance agencies.
In today’s digital age, securing your communications has become increasingly important as data breaches and privacy concerns are on the rise. With the average person spending more than five hours managing their work and personal emails daily, it’s essential to opt for the most secure email provider that prioritizes encryption and privacy. In this article, we present the top 10 secure email providers for 2024, along with essential factors to consider when choosing the best one for your needs.
Big-name email services put lots of money into security, but they are also large targets and not invulnerable. A while back, the big news was the ease with which hackers were able to compromise thousands of Microsoft Exchange email servers. You might well be safer using a smaller, less well-known email service.
On a positive note, there is a relatively simple solution for keeping your inbox more secure: switch to a secure email provider that respects your privacy.
Privacy Tip: When using email, be sure to also use a good VPN to hide your IP address and secure your internet traffic. We use and recommend NordVPN, one of the top services that has passed independent privacy and security audits. Get 74% off NordVPN here >
What is the best secure email service in 2024?
With so many different types of users, there is no single “best secure email” service that will be the top choice for everyone. While some may prioritize maximum security and strong encryption, others may want convenience and simplicity with user-friendly apps for all devices.
With that being said, here are our top recommendations:
- Proton Mail – Best all-around secure email service based in Switzerland [33% off coupon]
- StartMail – Private email hosted in The Netherlands with unlimited aliases [50% off coupon]
- Mailfence – Secure email for professionals and teams
- Tuta Mail – Secure Email for Any Device
- Mailbox.org – Affordable private German email service
- Posteo – Reliable anonymous email service
- Runbox – Private email in Norway
- CounterMail – Swedish email with strong security features
- Kolab Now: Swiss email, compliant with GDPR, HIPAA, and PCI
- Soverin – Basic private email service
We also have a guide on encrypted email services here.
Factors to consider when choosing the best secure email service for your needs
Here are just a few factors to consider when switching to a secure email provider:
- Jurisdiction – Where is the service located and how does this affect user privacy? Where is your data physically stored?
- PGP support – Some secure email providers support PGP, while others do not use PGP due to its vulnerabilities and weaknesses.
- Import feature – Can you import your existing emails and contacts?
- Email apps – Due to encryption, many secure email services cannot be used with third-party email clients, but some also offer dedicated apps.
- Encryption – Are the emails end-to-end encrypted in transit? Are emails and attachments encrypted at rest?
- Features – Some features you may want to consider are contacts, calendars, file storage, inbox search, collaboration tools, and support for DAV services.
- Security – What are the provider’s safety standards and policies?
- Privacy – In which ways does the email service protect your privacy? What data is being collected, for how long, and why?
- Threat model – How much privacy and security do you need and which service best fits those needs?
The goal of this guide is to help you find the best secure email solution for your unique needs.
Here are the most secure email providers in 2024 that will protect your privacy.
1. Proton Mail – Best all-around secure email service
Based in | Switzerland |
Storage | 15-500 GB |
Price | $3.49/mo. |
Free Tier | Up to 1 GB |
Website | Proton.me |
Proton Mail is a Switzerland-based email service that enjoys a great reputation in the privacy community. It was started by a team of academics working at MIT and CERN in 2014. Shortly thereafter, it was promoted in media as “the only email system the NSA can’t access” – which was around the time Lavabit was shut down for not cooperating with the US government.
Looking at the service itself, Proton Mail has a lot going for it. It uses PGP encryption standards for email and stores all messages and attachments encrypted at rest on Swiss servers. Proton Mail has a unique feature for “self-destructing messages”, address verification, and full PGP support. Recently, it introduced Tracking Links Protection feature which removes tracking pixels from email links.
It also offers end-to-end and zero-access encryption for messages, which means that even the service providers themselves cannot access your content. This is a crucial feature for anyone who values their privacy and wants to ensure their communications remain confidential.
Proton Mail also has some additional tools that you may expect from a paid service.
- Proton Mail Bridge – allows Proton Mail to connect to other email services.
- Proton Calendar – easily manage your meetings and personal appointments.
- Proton Drive – store and share your important files via secure links.
- Proton VPN – a solid VPN is available by subscribing to Proton Unlimited plan. If you are intrigued, you may want to take a look at our ProtonVPN review.
- iOS and Android apps
See all Proton Mail features here >>
Proton Mail Encryption
Regarding encryption, it’s important to note that Proton Mail does not encrypt the subject lines of emails or certain metadata. Unfortunately, these are the inherent limitations of the PGP standard. Most of the email services we discuss here use PGP, but I wouldn’t count on any of them to protect me from the NSA or their counterparts in other countries.
Additionally, the Proton Mail search function can only search subject lines within your inbox, not the actual content of your emails. This is another functional limitation that comes from integrating more encryption and security into the service.
Proton Mail does offer some great apps for mobile devices (Android and iOS). You can also use Proton Mail with third-party apps through the Proton Mail Bridge feature (restricted to paid users).
Overall Proton Mail is a well-regarded email provider and should be a great secure email option for most users. Switzerland remains a strong privacy jurisdiction that is not a member of any surveillance alliances.
Note: Proton Mail is now integrated into the Proton suite of services. The full suite includes Proton Mail, Proton Calendar, Proton Drive, and Proton VPN. You can learn more about these products in our full Proton Mail review.
+ Pros
- End-to-end (E2E) and zero-access encryption for Email, Calendar, and Contact information
- Operates under Swiss jurisdiction
- All data stored on servers in Switzerland
- Apps for Android and iOS mobile devices
- Web client, encryption algorithms, Android and iOS code are all open source
- Support for custom domains
- Strips IP address from emails
- Can be used with third-party email clients through the Proton Mail Bridge feature
- Can import contacts and emails
– Cons
- Subject lines not encrypted
- May require personal information for verification of new accounts
Proton Mail Black Friday Deal is live:
Get 60% Off Proton Mail with two-year plans using the coupon below:
(Coupon is applied automatically; 30-day money-back guarantee)
See our Proton Mail review for more info.
2. StartMail – Private email hosted in The Netherlands with unlimited aliases
Based in | The Netherlands |
Storage | 10-20 GB |
Price | $3.00/mo. |
Free Tier | 7 day trial |
Website | StartMail.com |
StartMail is a rising star in the secure email world. As an established email service founded in 2013, we can be confident that StartMail will be around for the long haul. Based in the Netherlands, StartMail’s servers are well-protected, and the service supports two-factor authentication for additional security.
One of the best features that StartMail offers is unlimited aliases here. This feature allows you to manage multiple email identities under a single account. You can easily create as many email aliases as you like, giving you maximum privacy over your main email address when signing up for services. You can also create time limits for your aliases, ranging from one-time use to forever.
This secure email provider is particularly suited for individuals and businesses that rely heavily on desktop computers for their daily operations. With its state-of-the-art PGP end-to-end encryption, StartMail ensures that your emails are secure from the moment you hit send until they reach the recipient. This level of encryption is particularly important in today’s digital age, where data breaches and cyberattacks are increasingly common.
StartMail can be easily used with other email clients like ThunderBird or mobile clients on iOS and Android. And unlike some other providers, such as Proton Mail, StartMail does not offer dedicated apps. You can use the webmail version or any email client with StartMail.
The Netherlands is a good jurisdiction for privacy and StartMail aims to keep as little data as possible to run their operations. Unlike most other secure email providers, StartMail handles encryption server-side, rather than in the browser – see their white paper explaining why.
StartMail allows users to utilize PGP encryption with emails also being encrypted at rest on their Dutch servers. The whole service is user friendly, and you can encrypt and sign your mail with just one click.
StartMail’s strong encryption features and unlimited email aliases make it a great option for those who primarily use desktop devices for their email communications. If you’re looking for a secure email provider that offers robust encryption and the convenience of managing multiple email identities, StartMail could be the perfect fit for you.
+ Pros
- Create unlimited email aliases
- PGP end-to-end encryption
- Easy contacts and email migration
- Organize your inbox with filters
- Minimalistic design
- No ads. No tracking. No spam.
- Flexible spam filter
- Anonymous cryptocurrency payments
- Use custom domain
- Compliant with GDPR
- 7 day free trial
– Cons
- No free version
- Lacks calendar, notes, and file storage
StartMail Exclusive Coupon:
Get 50% off ANY subscription plan with the coupon below along with a 7 day free trial:
(Coupon is applied automatically.)
See our StartMail review for more info.
3. Mailfence – Secure email for professionals and teams
Based in | Belgium |
Storage | 11 – 225 GB |
Price | €2.50/mo. |
Free Tier | Up to 1 GB |
Website | Mailfence.com |
Mailfence is a fully-featured secure email provider offering calendar, contacts, file storage, and PGP encryption. It is based in Belgium, which is a solid privacy jurisdiction with strict data protection laws.
The core of Mailfence’s security is its powerful end-to-end encryption and digital signatures using OpenPGP. OpenPGP, or Open Pretty Good Privacy, is a non-proprietary protocol for encrypting email using public key cryptography. It is based on the original PGP (Pretty Good Privacy) software. This means that only you and the person you’re communicating with can read what is sent, and nobody else, not even Mailfence, can access your content. This is a crucial feature for anyone who values their privacy and wants to ensure their communications remain confidential.
Furthermore, Mailfence is based in Belgium, a country known for its strong data protection laws. The Belgian Data Protection Authority (DPA) is one of the most stringent in the European Union, which is known for its robust data protection framework. This geographical advantage provides an additional layer of security to Mailfence users. It’s like having a virtual safe for your emails, providing you with the peace of mind that your data is safe and secure.
While many secure email services sacrifice features and functionality for security, you can have it all with Mailfence. This makes Mailfence a great alternative to full email and productivity suites, such as G Suite or Office 365.
Mailfence supports all standard protocols like POP, IMAP, SMTP, WebDav. It also integrates a calendar, document storage, workspaces, and a chat which enable real time sharing of data and group collaboration, making it an ideal choice for professionals and teams.
While Mailfence does log IP addresses and some other data, it provides a user-friendly interface and accepts cryptocurrency payments for added privacy. The logging of IP addresses and some other data is part of Mailfence’s commitment to transparency. However, this information is only kept for a short period and is primarily used to maintain the quality and safety of the service.
The user-friendly interface of Mailfence ensures that even users who are not tech-savvy can navigate the platform with ease. The interface is clean, intuitive, and easy to use, making it easy to send, receive, and organize your emails. Moreover, Mailfence accepts cryptocurrency payments, which can provide an additional layer of privacy for users.
In order to further enhance the user experience, Mailfence has recently launched mobile apps for both iOS and Android platforms. This comes in addition to the Progressive Web App that was already available.
When I did an in-depth test for the Mailfence review, I found it to be very intuitive, sporting a slick interface with a tons of features. Its performance was smooth and I didn’t encounter any bugs. But, in case you experience any problems, you can always turn to their responsive email and phone support.
Note: Due to financial requirements imposed by Google, Mailfence has dropped support for POP/IMAP connections to Gmail servers.
+ Pros
- Offers end-to-end encryption and digital signatures
- Mobile app for iOS and Android
- Data is stored on Belgian servers
- Offers OpenPGP encryption
- Messages, Documents, Calendar, Contacts, and Groups
- Custom domains (paid plans)
- Password manager and 2FA
- SMTP, POP, and IMAP support
- Can synchronize with other email clients
- Supports password-protected messages with expiration time
- Removes IP addresses from mail headers
- OpenPGP user keystore
- Cryptocurrency payment options
– Cons
- Logging of IP address and some other data
- Code is not open source
See our Mailfence review for more info.
4. Tuta Email – Private and secure email in Germany
Based in | Germany |
Storage | 1 – 1,000 GB |
Price | €3.00/mo. |
Free Tier | Up to 1 GB |
Website | Tuta.com |
Tuta (formerly Tutanota) is a Germany-based secure email service run by a small team of privacy enthusiasts, with no outside investors or owners. Although it is not as well known as Proton Mail, Tuta is a serious player in the secure email space. Its hybrid encryption system overcomes some of the drawbacks of PGP, and your privacy rights are protected by the GDPR and other pro-privacy EU regulations.
Note: Tuta claims that their encryption can be updated and strengthened if necessary against quantum-computer attacks.
Tuta’s Encryption System
All messages in your inbox, contacts, and calendar are encrypted at rest on servers in Germany. For sending encrypted emails with Tuta, you have two options:
- When emailing another Tuta user, all of your emails are automatically encrypted (asymmetric encryption).
- When sending an email to someone with another email provider, the user receives a link to the message and a password key for encryption/decryption purposes (symmetric encryption).
Tuta establishes an external mailbox for that particular contact, where all the exchanged messages are securely encrypted. This proves to be quite useful, especially if you are using it for business.
While Tuta uses high-end encryption and is arguably one of the most secure email providers anywhere, there are also some downsides. This includes no support for PGP, IMAP, POP, or SMTP. Additionally, you cannot import existing emails into your encrypted Tuta inbox.
To make up for the lack of IMAP support, Tuta has built open source desktop clients for Windows, Linux, and macOS. They also have offline mode, so you can open your emails, calendars, and contacts even when not having access to the web.
All in all, Tuta is a transparent, high-security email provider that just may take your privacy to a whole other level.
+ Pros
- Encrypted messages (including Subject lines) Address Book, Inbox Rules and Filters, Search Index, encrypted at rest and stored on German servers
- Can search body of encrypted messages
- Can send encrypted messages to non-users
- Strips IP address from emails
- Desktop, mobile, and web apps
- Open source code (including mobile apps)
- Encrypted calendar with iCard support
- Encrypted contacts
- Inbox rules with Spam filter
- Multiple email addresses (aliases)
- Support for custom domains
– Cons
- Does not work with PGP
- Currently no way to import existing emails
- Will not work with 3rd-party email clients
Website: https://Tuta.com
See our Tuta review for more info.
5. Mailbox.org – Affordable private German email service
Based in | Germany |
Storage | 2 – 100 GB |
Price | €1.00/mo. |
Free Tier | None |
Website | Mailbox.org |
Mailbox.org is a german secure email service that you should definitely consider. It provides robust security for your email, but it also functions as an all-inclusive productivity suite, similar to Microsoft 365 (formerly known as Office 365). It offers a huge lineup of features, including Mail, Calendar, Address Book, Drive (cloud storage), Tasks, Portal, Text, Spreadsheet, Presentation, and Webchat. Impressively, Mailbox.org still has a user-friendly interface and sharp design.
When choosing a secure email provider, you often have to pick between features and security. With Mailbox.org, you can arguably get the best of both worlds. From the security and encryption side, it offers full PGP support and can easily encrypt all your data at rest on their secure servers in Germany. You can also use Mailbox.org with mobile apps and third-party email clients.
Lastly, Mailbox.org is very affordable, with basic plans starting at only €1 per month. You can pick up a free 30-day trial if you want to test-drive this privacy-focused email provider.
Note: Mailbox.org does receive requests for information from “public authorities.” In 2022, they received 55 requests for information, and ultimately rejected about 13% of them. They responded to the rest of them as required by law.
+ Pros
- PGP support (server-side or E2E through Mailvelope app)
- Company and servers located in Germany with strong privacy protections
- HSTS and PFS for messages in transit
- Protected against man-in-the-middle attacks
- Message and spam filters
- Virus protection
- Full text search
- POP, IMAP, SMTP, ActiveSync support
- vCard, CardDAV, CalDav support
- Messages are encrypted at rest
- Supports custom domains
- Mobile apps for some of the Office features
- Open source
– Cons
- No mobile email clients (but can be used with third-party email clients)
- Some tracking during registration
- PGP encryption leaves message subject and metadata exposed
Website: https://Mailbox.org/
Check out our Mailbox.org review for more details.
6. Posteo – Privacy-focused email in Germany
Based in | Germany |
Storage | 2 – 20 GB |
Price | €1.00/mo. |
Free Tier | None |
Website | Posteo.de |
Posteo is yet another German email service. It provides strong privacy and security to its users, and in many ways is similar to Mailbox.org. Both are comprehensive email providers that employ PGP encryption. They even charge similar prices. However, Posteo distinguishes itself in a few significant aspects:
- It does not support custom domains.
- There is no designated spam folder (emails are either sent to the inbox or not accepted).
- There are no trial or free versions, which is somewhat offset by its reasonable pricing.
Posteo really makes an effort to protect the privacy of its users. IP addresses are automatically stripped from emails, no logs are kept, and they offer strong encryption standards. In short, this email takes security and privacy very seriously.
Posteo also supports anonymous registration and anonymous payments – even allowing you to send cash in the mail for no digital trail. This is a trend we’ve seen with VPN services as well. And if you pay with a credit card, PayPal, or some other digital method, they manually separate account details from payment info.
In short, Posteo is an affordable, customizable, and secure service that’s a good option for users on a budget.
+ Pros
- Mail, Calendar, Contacts, and Notes are encrypted at rest with OpenPGP on secure servers in Germany
- Configurable spam filter
- Migration service for moving from another email service to Posteo
- Subject, headers, body, metadata, and attachments are encrypted
- Includes Messages, Calendar, Contacts (Address Book), and Notes
- Completely Open Source
- Strong commitment to privacy, sustainable energy, and other social initiatives
- Self-financed; good track record (operating since 2009)
- No logs, IP address stripping, secure email storage with daily backups
- Allows anonymous (cash) payments
- Supports SMTP, POP, and IMAP protocols
– Cons
- Custom domains not supported; no “.com” options available
- No spam folder (spam emails are either rejected or delivered to regular inbox)
- No trial or free version
- Cryptocurrency payments not supported
Website: https://Posteo.de/
See the Posteo review for more info.
7. Runbox – Private and sustainable email in Norway
Based in | Norway |
Storage | 2 – 50 GB |
Price | $1.66/mo. |
Free Tier | 30 day trial |
Website | Runbox.com |
Runbox is a Norwegian company that has been in the email business for over 20 years. Norway is a good secure-email jurisdiction, with a strong legal framework for privacy. All Runbox servers are located in secure data centers, running on clean, renewable, hydropower energy.
One unique feature of Runbox is that it gives you 100 aliases to use with your account. Secure file storage is also included, with different pricing tiers. Runbox fully supports SMTP, POP, and IMAP protocols and can be used with third-party email clients. They released Runbox 7 (still in beta) over a year ago, and are improving it all the time, with a massive number of updates taking place so far this year. So far, this is only a webmail service, so you won’t find any mobile or desktop clients.
Unlike some other secure email services, Runbox doesn’t have a built-in option for encrypting your entire mailbox. And while you can use PGP with Runbox, it is not yet fully integrated into the platform. Another drawback is that Runbox does not offer a built-in calendar, but this feature may be included when Version 7 gets released.
Runbox offers a 30-day free trial and makes importing your existing emails simple with the guides on their site. They also go the extra mile by giving you a 60-day money-back guarantee, so you can really get a sense of whether this service suits you before getting locked into a subscription.
+ Pros
- IP addresses stripped from messages
- Includes Webmail, Contacts, and Files
- Servers run on renewable energy
- Supports SMTP, POP, and IMAP protocols
- Synchronizes with other email clients
- GDPR compliant
- Norway has strong data protection laws
- 100 email aliases per mailbox
- Custom domain names on some paid accounts
- Numerous payment methods accepted (including cash and cryptocurrencies)
– Cons
- Browser-based; no desktop or mobile apps
- Not open source
- Data not encrypted within the Runbox system or at rest
- No business-specific features
Website: https://Runbox.com
Check out our Runbox review here.
8. CounterMail – Private and secure Swedish email service
Based in | Sweden |
Storage | 4 GB+ |
Price | $4.83/mo. |
Free Tier | 7 day free trial |
Website | CounterMail.com |
Next up on our list is CounterMail, a secure email provider based in Sweden. CounterMail has been operating for over 15 years with a goal to “offer the most secure online email service on the Internet, with excellent free support.”
Note: Before we go any further, you should know that registering for CounterMail currently requires an invitation from a premium CounterMail user. If you don’t know someone who already uses this service, you are not welcome right now.
CounterMail uses OpenPGP encryption with 4,096-bit encryption keys. They protect their users from identity leaks and Man-In-The-Middle attacks with RSA and AES-CBC encryption on top of SSL. Unfortunately, they do not have their own mobile or desktop apps.
In order to ensure your privacy, they keep no logs and they store your mail on diskless servers. Countermail anonymizes email headers and also strips the sender’s IP address. All emails and attachments are stored encrypted at rest using OpenPGP on servers in Sweden. Although the base storage is relatively small (4GB), you can permanently upgrade this via one-time payment.
While CounterMail is a bit more expensive than some other secure email providers, they explain this price difference comes from using only high-quality servers and implementing strong security measures. It may not have all the frills, but CounterMail is a serious security-focused email provider with a 15+ year track record.
+ Pros
- Supports cryptocurrency payments
- Secure, built-in password manager
- All emails and attachments stored encrypted on no-logs, secure servers in Sweden
- Custom domain support
- Message filter and autoresponder features
- Uses RSA, AES-CBC, and SSL encryption to protect against leaks and MITM attacks
– Cons
- Design and UI feels outdated
- More expensive than other secure email options
- Now requires an invite to register
https://CounterMail.com
9. Kolab Now – Fully-featured Swiss email
Based in | Switzerland |
Storage | 5 GB+ |
Price | $5.47/mo. |
Free Tier | 30 day trial |
Website | KolabNow.com |
Based in Switzerland, Kolab Now is a private email service offering lots of features and full email suite functionality. A Kolab Now subscription includes email, contacts, calendars, scheduling, collaboration/sharing tools, and cloud file storage. Right now they are also running a public beta of their voice and video conferencing system. All of these features make Kolab Now an excellent choice for business users, teams, and privacy-focused individuals.
The service does have a stylish and intuitive interface that makes it easy to organize yourself. There’s also a strong cross-platform support, so you can use Kolab Now on your computers, tablets, and smartphones. It can work in tandem with other email services, like Apple mail, Outlook, and Thunderbird.
While Kolab Now does offer numerous features and support for all major operating systems and devices, it does not provide the highest levels of security. End-to-end encryption for emails is available via Perfect Forward Secrecy and they are stored encrypted at rest.
The price is also on the higher end, especially if you want access to all features and unlock more storage. However, for those wanting a feature-rich email suite hosted in Switzerland, Kolab Now may be a good fit.
+ Pros
- Accepts cryptocurrency payments
- Full support for POP, SMTP, and IMAP
- Switzerland jurisdiction with strong privacy protection
- Full email suite with numerous features to replace Gmail, Office365, etc.
- Support for custom domains, teams, and business users
- End-to-end (E2E) encryption is available, but not built in
– Cons
- Email not encrypted at rest (but stored in high-security Swiss data center)
- Expensive
Website: https://KolabNow.com
10. Soverin – Basic private email in the Netherlands
Based in | The Netherlands |
Storage | 25 GB |
Price | €3.25/mo. |
Free Tier | No |
Website | Soverin.net |
Focusing on user privacy and data protection, Soverin offers a straightforward private email service. With end-to-end encryption and a user-friendly interface, Soverin is an excellent choice for users who want a simple and secure email service. As a user, you get to enjoy the peace of mind that comes with knowing your emails are shielded from prying eyes. Moreover, Soverin’s user interface is designed to be intuitive, making it easy for both tech-savvy users and those less familiar with digital technologies to navigate their email accounts with ease.
While Soverin may not offer numerous advanced features compared to some competitors, its focus on privacy and simplicity make it a top choice for users seeking a basic private email service. This means that while you might not get all the bells and whistles that come with some other email services, you get a no-nonsense, secure platform that prioritizes your privacy and makes email management a breeze. For those who value simplicity and security over a plethora of features, Soverin is a solid choice.
+ Pros
- 25 GB of data storage for all plans
- Data protected under Dutch privacy laws and GDPR
- Can be used with third-party email clients
– Cons
- No custom mobile apps
- Not open source
- No built-in encryption options
Website: https://Soverin.net
Email jurisdiction and data privacy
Did you know that the jurisdiction in which your email service is located can seriously impact the security of your data? Depending on your threat model, this could be a major consideration. For an in-depth overview of jurisdiction and privacy, you may want to read our article on the Five/9/14 Eyes surveillance alliances.
Here are some reasons why you should pay attention to jurisdiction.
Surveilance in the United States (leading member of the Five Eyes)
Tech companies in the US can be forced to give government agencies direct access to their servers for “extensive, in-depth surveillance on live communications and stored information” – as explained in the PRISM surveillance program. Data requests can also be accompanied by gag orders, which forbid the company from disclosing what’s going on (see also National Security Letters).
Several instances have been reported where American email service providers were compelled to surrender information. In a notable case, Lavabit chose to shut down the business instead of disclosing user data. Riseup, another email service provider in the US, was forced to hand over data to law enforcement agencies.
After exhausting our legal options, Riseup recently chose to comply with two sealed warrants from the FBI, rather than facing contempt of court (which would have resulted in jail time for Riseup birds and/or termination of the Riseup organization).
There was a “gag order” that prevented us from disclosing even the existence of these warrants until now. This was also the reason why we could not update our “Canary” [warrant canary that warns users about these events].
State of privacy in Europe
Politicians in Europe are frequently trying to find an excuse to limit or ban the use of encryption by their people. This time, the argument is that encryption must be banned to fight child abuse. Once again it is up to email services like Tutanota and Mailfence to protect the privacy rights of their users. In April, a group of tech companies sent an open letter to the European Parliament arguing against the mass surveillance that the elimination of encryption would be meant to enable.
How this will turn out is unclear, but the possibility of the EU banning encryption casts doubts on the viability of any secure email service based in the EU.
We’ll let you know what happens with this.
All email providers must comply with the law
While these examples may seem alarming, the truth is that all email providers must comply with legal requirements in the country they are operating in. For example, Proton Mail, a Switzerland email provider, has also been forced to log IP addresses and disable accounts by valid court orders, as they disclose in their transparency report.
All in all, some jurisdictions are much better than others, so choose wisely. As a general rule, I’d still avoid email services in the US, and other Five Eyes jurisdictions.
Want secure email? Pay for it.
The unlimited “free” email business model is fundamentally flawed. It offers a free service, which is used to collect data and thereby monetize the user and make money on ads. With these privacy-abusing “free” services, you are actually paying for the product with your data.
In contrast, here we recommend privacy-friendly, secure, ad-free email services. While some of these email services offer limited free subscriptions, you will need to upgrade to a paid plan for more storage and premium features (the freemium business model).
Fortunately, you can “vote with your dollars” by supporting these privacy-respecting businesses and upgrade to paid accounts. This will help email providers to grow, improve, and serve more people with an ethical business model that does not rely on exploiting their users’ data.
Secure email shortcomings and PGP flaws
Most secure email services mentioned in this guide use PGP for end-to-end encryption. PGP, which stands for Pretty Good Privacy was invented back in 1991 by Phil Zimmermann.
PGP Flaws – While PGP is considered a trustworthy, secure encryption method, there have been some flaws in implementing PGP that have made headlines recently. And lets not forget about EFAIL vulnerabilities.
While the news did attract lots of attention, the “flaws” were mainly tied to the incorrect implementation of PGP by third parties. To my knowledge, this did not affect the secure email providers mentioned in this guide.
Limited Use – Another fundamental problem with adopting secure email is that few people are willing to go through the hassle of PGP key management, encryption, decryption, etc. However, there are some solutions to this, and by some measures encrypted email usage continues to grow.
Many providers address this issue by making encryption automatic and seamless. Tutanota, for example, uses built-in AES encryption that automatically encrypts emails between Tutanota users, including headers, subject line, body, and attachments. They also provide a secure, two-way communication contact form called Secure Connect.
Vulnerabilities – Even when using a secure browser, there are still weak points to consider with using browser-based email clients. Phil Zimmermann gave an interview highlighting some of these shortcomings:
“The browser is not a terribly safe place to run code. Browsers have a large attack surface,” he said. Wherever encryption and decryption take place, though, it’s a vast improvement on no encryption. But even encrypting messages may not be enough, depending on the threat model. The very nature of email makes it vulnerable.
“Email has an enormous attack surface,” Zimmermann said. “You’ve not only got cryptographic issues but you’ve got things like spam and phishing and loading images from a server somewhere that might have things embedded inside.”
On a positive note, there are many options for securing your browser – see the secure browser and Firefox privacy guides. Furthermore, most secure email providers offer protection against these attack vectors by blocking email images by default and utilizing virus filters.
However, you should keep in mind that desktop email clients can also be problematic. They can potentially reveal unique information about your operating system, your IP address, and location.
Regardless of these limitations, using a secure email provider will help you keep large tech companies from extracting your email data for third parties.
Secure email vs secure messaging apps
Depending on your threat model, you may also want to consider using secure messaging apps, which do not have all of the vulnerabilities discussed above.
We have tested many different services and compiled a list of our favorites. Here are a few reviews of some of the best apps we’ve tested:
Encrypted messaging apps generally offer a higher level of security than email services. Plus, they are much easier to use than PGP email encryption.
Finally, encrypted messaging apps are also convenient for back-and-forth conversations, document sharing, and collaboration with others. For more information, check out our roundup guide on the best secure messaging apps.
Use a premium VPN with email
One fundamental problem with email is that it can expose your IP address and location to third parties, by design.
While some secure email services strip IP addresses and conceal metadata, many others do not. And as we saw with the Proton Mail logging case, email services may be forced to log user IP addresses by valid court orders, without disclosing any information to the user. We’ve seen this with email providers in the US, Germany, and even Switzerland.
Finally, there’s also the fact that many email services keep logs for security. This may include user IP addresses, connection times, and other metadata. Of course, whenever you have logs, there’s a risk that this data could end up with third parties, for various reasons.
To effectively conceal your IP address and location, you will need to use a good VPN (Virtual Private Network). Popular VPN services, such as ExpressVPN and NordVPN, offer VPN clients (apps) for all major operating systems and devices.
A VPN creates a secure tunnel between your device and a VPN server, encrypting your traffic and concealing your real IP address and location. This will improve your privacy and security, all the while you carry on with business as usual. Larger providers, such as NordVPN and Surfshark, have huge server networks all around the world, so you can use them everywhere.
Because a VPN offers significant privacy and security benefits, it’s a smart idea to use one whenever you’re online. Internet providers in many countries are recording user browsing history by logging DNS requests. Depending on local laws, this information could then be sold to advertisers or handed to government agencies in countries with mandatory data retention laws. With a VPN, your DNS requests are encrypted and handled by the VPN server and unreadable to your ISP or other parties.
At the time of publication, our top VPN recommendations right now are NordVPN, which also comes with a 74% off coupon here. For the latest VPN rankings and tips, see our guide on the best VPN services.
Benefits of Open Source in Secure Email Providers
When considering secure email providers, open source software offers a multitude of benefits. By allowing users and developers to access and review the source code, open source software ensures transparency and enables the verification of its security and trustworthiness. This public scrutiny helps identify any potential security vulnerabilities and ensures that the software is regularly updated and improved.
Another advantage of open source software is community-driven development, a collaborative approach that allows a community of developers to work together to improve the software. This leads to faster development and more reliable and secure software, as potential issues are identified and resolved more quickly.
In summary, choosing a secure email provider that utilizes open source software is advantageous in terms of security and reliability, as it allows for public review and verification of its encryption protocols and privacy protections.
Conclusion on secure and private email services in 2024
Regardless of your circumstances, switching to a secure and private email service will improve your privacy. Major email providers like Gmail, Yahoo, and Microsoft don’t always prioritize user privacy, so you have to look after it yourself. Paying for one of these secure email services means you won’t be paying with your privacy by using “freebies”.
Once you switch to one of these email services your private communications will be much more secure. Then, all you need to do is avoid non-technical attacks, like classic email scams that never seem to go away.
See the main privacy tools guide for other privacy and security essentials.
We also have a guide on encrypting email.
If you want more info on these secure email providers, you could check out our in-depth reviews below:
- Proton Mail Review
- Tuta Review
- Mailfence Review
- Mailbox.org Review
- Hushmail Review
- Posteo Review
- Fastmail Review
- Runbox Review
- StartMail Review
Have you used one of these secure email providers? Feel free to leave your feedback/review of the service below.
This secure email guide was last updated on June 13, 2024.
KotaD
Anyone have experience with fastmail? Do people reliably receive your emails?
vanp
I’ve been using Fastmail for years. There is no such problem. Plus, they’re responsive to questions, concerns, and problem reports. And they at least used to have a dummy account you could play with before making a purchase decision.
It doesn’t meet everybody’s standard for privacy, encryption, possibility of gov’t intrusion, whatever else, but it’s a reputable operation that does not itself spy on you or sell ‘you’ to the highest bidder. I have no reason to believe I’ve ever been targeted by anybody receiving ‘me’ from Fastmail.
bumpintheroad
$30 bucks on a year is what anymore?
I be in need and may look into fastmail.
Thanks vanp
May be useful to others…
Fastmail Pty Ltd (“we”, “our” or “us”) based at PO Box 234, Collins Street West, VIC 8007, Australia, ABN 31 142 646 580 is responsible for your personal information (Personal Information) and we take our data protection and privacy responsibilities seriously
This privacy policy explains how we collect, use and share personal information in the course of our business activities
[https://www.fastmail.com/privacy/]
How Fastmail provides a secure service
[https://www.fastmail.help/hc/en-us/articles/1500000280221-How-Fastmail-provides-a-secure-service]
The main servers are located at 365 Data Centers in Bridgewater, New Jersey, USA. Their facility is a high-security, video-monitored location with backup power, air conditioning, fire systems, 24x7x365 monitoring, and onsite technical support.
365 does a whole lot more to ensure security, including their hardware, best-practices, and routines. You can read all about them [https://365datacenters.com/]
Howie
3$ month or 36$ year for fastmail
Your perspective has as much merit as having a fresh air tax. Not everyone is privileged and can afford to commit or wants to throw around their credit card info Most don’t use crypto. If you’re a business you can afford to pay any rate.
So let’s be clear and coherent, something which has been missing from the recent comments. Most people don’t need an enhanced email service in the long run. Those that do will pay.
bumpintheroad
to howie
your point being?
security and privacy with free is doable but its oh so limited to features.
no i dont need a vpn or a slew of features other than simple email, contacts. maybe a calender but team or for businesses enhanchments NO.
heads up people
$0.99/mo special offer
limited time offer! get a @memail.com premium email address, 2 GB of storage and our MeMail Webmail (powered by MS Outlook®).
do the special and find your handle @memail.com
then, see a promo added that drops it to $9.99 year.
which you can lockin for upto 5years due immediately.
Rolly
I tried Proton Mail and had a deal-breaking issue: The recipients of my emails did not always receive them. I dont know if they were going into people’s spam boxes, or what. Is this happening because its not a mainstream server, so the recipients’ server recognized it as spam since it wasn’t coming from a “@gmail.com” etc?
I dont need all the fancy features (cloud-based word processing/sheets apps, etc.) – I dont even need a super secure process to protect against authorities searching. I just want to have my main personal email hosted on a server that wont actively, intentionally profile and sell/use my data, and that when I send an email, it will reliably arrive to the recipient 99% of the time. I’m willing to pay for this. Does anyone have any advice?
vanp
Fastmail. See my comments above. And even if an email goes to the Spam folder, it was still delivered and can be read, un-spammed, etc.
bumpintheroad
Per vanp’s reply and your interests of a simple secured mailbox service. If your like me, Rolly, and basically need emails as a business contact used for everyday life. Like utilities, insurance, health, mortgage and loans. Stay with an email service using the .com domain as your address domain relates to. So using…its easy accepted.
Swisscows email ends with the .email domain and in my area some local smaller businesses require a common TLD domain. Soverin mail you have the .net domain for your address domain. Fastmail uses the com domain.
BITR
Of course the mentioned have or dont have other domains besides the .com they offer users. But .com for an email mailbox address has given me less trouble for online signups.
vanp
If you’re saying Fastmail doesn’t allow their users/customers to create an email address that ends with anything other than ‘.com,’ that’s wrong; at least it used to be. Mine does not end in ‘.com.’ If that’s now a requirement, than I’ve been grandfathered in. You might wanna check your dater.
BITRbumpintheroad
vanp reguarding fastmail*
No that is not what I meant.
The Com domain seems the default entry though on their signup, with another 19 offered having @fastmail.(otherDOMAIN) in a drop-down list. Then even an @sent.com they offered.
Point being, when an email address you have or Ive had, ends with a domain other than the .COM domain. It is more apt for rejection (not always) from online forms – where an email address is requested and needs supplied to be able to submit the form.
PLEASE SUPPLY A VALID EMAIL
Ive never had any problems with an email address on the com domain on forms submissions for a way of contact.
vanp
BITRbumpintheroad, not one time, no, not ever, never has an online form rejected any submission of mine because my email address did not end in ‘.com.’ I’ve never had any problem in any setting/context in this regard.
Walter Kupka
It’s disappointing that this blog and its author neglected to include a list of free encrypted email providers in the conclusion or summary section. Simply adding “free” or “premium” (or a similar indicator) next to the names of the email clients would suffice.
Contrastingly, in another blog discussing the downfall of Skiff, the aforementioned blogger suggested a paid/premium provider with an affiliate link.
As time passes, I’m observing this site becoming increasingly biased and less objective.
bumpintheroad
Many of the biggest email services are known to scan emails for advertising data, and have even been accused of working directly with US authorities by permitting mass surveillance.
If you want to start sending secure emails for free, you are going to need an email provider that provides end-to-end encryption for nothing. This is extremely rare because providing strong end-to-end encryption is not easy.
Free tier’s were available (today who ?)
Mailfence, Protonmail, Tutanota, and Kolab Now.
We know free is not free from the bigger email services. Users of their products riding free have paid with every bit of personal data shared.
Last, smaller encryption email services usually have payment tiers and the Free Tier was paid by those payment tiers. Fastforeward to today, smaller email services have increased overhead as all of us. Eliminating the free tiers in lue of raising prices on their paying customers. Is why you dont probably see a List of Free. Yet tons of other relevant information. Im greatful !
edemal
skiff is no more unfortunately.
Tutanota changed its domain for tuta.com
is there anyone who tried [https://app.stayprivate.com/] they say everything encrypted vault mails, notes and they are giving 15gb free storage. I don’t see any review anywhere on the net. It looks very smooth but I’d love to see an opinion from a savvy
bumpintheroad
Strange I recall, a simulator fact happening to anti-virus companies a double-fist-full of years back. Ctemplar and Skiff on the Mail side I’ve personally used, and this fact of bigger companies buying up the competition exists. Guess, that gives more meaning to the term Net.
As you may be aware, all Skiff services, including Mail, Pages, Calendar and Drive, will be sunsetting August 9, 2024, as part of Skiff’s acquisition by Notion.
(https://www.notion.so/about)
After that date, you will no longer have any access to your Skiff data, including email addresses, files, contacts, events and all other data stored on Skiff products. You can migrate this data at any time before the sunset date.
bumpintheroad
PreVeil implements Zero Trust security. Information is only encrypted and decrypted on a user’s device – never on the server – making it useless to attackers if hacked.
Send and receive end-to-end encrypted emails using your existing email address from Outlook, Gmail, Apple Mail, mobile app or your browser. Protected from phishing, spoofing, password, server, and admin attacks.
* Must install manually on unsupported email clients
*Recent Mail changes by Apple require manual installation for now
Anybody used this service?
[preveil.com]
tom waters
skiff mail has been merged with notion and sunsetting the email service as a result.
ArnonS
StartMail, belongs to StartPage, which bought few years ago by data mining company fro San Francisco……….
Sven Taylor
They are separate business entities.
Fellow internet user
Thanks for the article! Would be useful also to include which email services recycle emails, as it is a significant element in regards to privacy. For instance Mailbox and Posteo recycle emails.
vanp
Uh, “recycle emails?”
bumpintheroad
Belive its meant as the chosen address you had used with either mentioned service. Which addressee you used signing up and your contacts see the message being from.
The part before the @. Can be used…by again anyone using either service after you give it up, usually when discontenuing the specific mail service.
Worst case examples:
Password reset requests.
Old contacts sending messages to an account that ended for you by you.
Tons of mail services do not recycle mailbox addresses for those reasons.
vanp
Thanks for the response.
bumpintheroad
Thanks for the Q vanp.
Hate to think anything AI can be more useful than a human on human for help.
Off topic, has anyone noticed in calling a business for help lately?
To many have gone to a work from home base especially for their CS.
You speak to a rep that fills out a form to submit to get you help. That is either answered by email or snail mail. Request to speak to a management rep availabe or get a call back and good luck. Only human contact is the entry level help that you have any conversation with in that answers the business CS phone number given.
Quietme
How adding?
1. A summary table comparing each product
2. Specifically mentioning in each email product review, if the email product allows encrypted emailing to non-users of the reviewed product?
Quietme
I still find some of the products that make the top 10 ahead of Skiff pretty odd. How about for transparency, you publish your scoring system, and the score you assign each product?
Patriot
It seems painfully obvious that there should be ZERO expectation of ANY privacy within the USA. Damn the US constitutional law of the land. The banana republic has spoken!
From Noway
I have wondered about why the “cyberfear” email service hasn’t been reviewed. I’m concerned that I may have missed something. Could any elaborate? Good, bad, or otherwise.
JB
You may want to update the review, Posteo has recently added a Spam folder:
https://posteo.de/en/blog/new-at-posteo-optional-spam-folder-and-spam-log
Quietme
Thanks for this update.
Mark
Thanks for adding, I came here to say this.
They also have .com domains
pourriture lhermitte
Thank you for this updated list
Maybe you should clearly stipulate which one is free and which one is for pay as many of them are in fact paid services.
Some have nothing to do in this list like Tutanota, a stasi-gestapo like German provider totally controlled by the totalitarian state of banana republic Germany.
Ps: Norway privacy laws aren’t better than any others in Europe.
Quietme
Fair question from the poster promoting Skiff. How come Skiff neither:
1. Makes the top 10?
2. Has its existing review on this website listed in the list of individual email product reviews?
Sven Taylor
It has now been added to our email reviews page. This page on Secure Email Services is being revised now and should go live next week.
Jim Pryde
I quite agree that ProtonMail is right at the top of the list for security. It us relatively easy to use BUT I found it did not play well with other software such as Thunderbird or Spark due to the nature of ProtonBridge.
Getting my subscription cancelled proved almost IMPOSSIBLE!
Andrew
You might want to check out Skiff Mail (skiff.com) on the rankings. It’s open-source, end-to-end encrypted, and we just launched adding a custom domain on the free tier.
Quietme
Hi Andrew,
How about adding to Skiff capability to send encrypted email to non-Skiff users?
quietme
The info on this page needs updating re Tutanota. They have tripled the price of their lowest paid plan to 3 euros pcm. Other references to Tutanota on this website may also need updated to this.
Andrew Milich
You might want to check out Skiff Mail (skiff.com). It’s open-source, end-to-end encrypted, and we just launched adding a custom domain on the free tier. That means you can use it as a business email with your own domain.
Anonymous
What about Swisscows email?
Jack Sparrow
Heh, yeah I was wondering that two. Given that Swisscows was in the top 10 for best privacy focused search engines on this very website, I’m surprised that their email service isn’t mentioned in this list.
jesse deebox
They were milked for all they were worth a long time ago.
Mikey
FYI if you are an American citizen and you access an internet service outside the United States, the federal government can eavesdrop on your communications without a warrant thanks to the patriot act and other laws passed since the “war on terror” began in 2001. If you choose a service hosted in the USA, the government would be required to obtain a warrant. Of course, the law has not stopped them, there are zero consequences if they eavesdrop on your communications, there is nothing holding them to account and since the Snowden revelations I’ve come to the conclusion my fellow citizens don’t care if the government intercepts and stores every bit of communication that takes place. However, if they wanted to use your messages as evidence against you in court, they would need to obtain a warrant.
For a USA citizen, these services hosted in foreign countries might not be the smartest choice.
Kathy
This is so much more involved where a short blurb can’t go into. Like the US gov on the US citizens with stateside mailboxes, reported somewhere in one of the anti-terrorism ACT’s, the gov deems all messages 6 months old in a mailbox as abandoned and can get copies of those. Sure all governments have to go their own court systems to have your info and then locally residing people stand the best chances to defend themselves of a charge wherever they live. Don’t forget the US government has it’s foot in more countries the the eye’s nations in tow. You have to warrant a target on your back to cause a government all the trouble in going after you. Encryption is a lock and a lock is to keep honest people stay honest but a dishonest person will break any lock. Doesn’t say much for secure technology of the digital realm nor the governments we have today. Just think how many times your image and even plate tags are captured in a bustling metro area.
american
Something to note though, if your “USA hosted service” has/uses servers literally anywhere else in the world, they probably move or copy your data to those servers from time-to-time for backups or load balancing or any number of things, and that’s where a large part of “foreign data” is collected… so you still could be ******
brokep
My comment here is in relation to Lavabit.com
Every mention of Lavabit on this site is in reference to its noble shutdown rather than comply with a tyrannical NSL. However, https://www.lavabit.com is alive and well since January 20t 2017. Full disclosure I have been working at lavabit since 2018.
I believe a full review of the service is due here.
The server is fully open source
https://www.github.com/lavabit/magma
The VPN server they offer on Android (Google play & F-Droid) is also open source
https://www.github.com/lavabit/pahoehoe
Kathy
brokep: @lavabit
Strange the site has the tab MEET THE TEAM and only a management team of two people shown = ladar levison Founder in Chief, richard delgado Business Guy. Then I’ve looked in from time to time over the years and the site looks really the same. Even, this is still there “Volcano—our free, open source mail client—takes full advantage of the Dark Internet Mail Environment”. Is COMING SOON so is LAVABIT still actively developing the Volcano mail client and as ever is going to happen? When?
I agree Sven should have Heinrich look into lavabit and maybe why he hasn’t is because the lights are on but no-one is home, like in the press and active developments even the site being updated. Be nice to have an understanding to another good mail service worth the privacy previewed.
flashx
What do you think of swisscows email?
Kathy
The service is good for what it is being on the simpler side of the email game. Free tier works for me and gets costly if it doesn’t so (reminder) again for the simple stuff. Only hang-up is any online business that see the .email domain and says – Please enter a valid email address. Not allowing it, so plan on having a .com domain mail service for a backup. Like the free tier of skiff,com mail service.
– – -Before dropping big bucks on a mail service try https://restoreprivacy.com/email/reviews/posteo/ and at least have something to compare too for something surely costing 5-9x’s as much.
Buck a month for what Posteo offers is really fair, encryption has to be understood if you want to send and receive mail that way. Mailbox/address book encryption helps – https://posteo.de/en/help/categories/encryption
Rob H
On 12 june 2023 I noticed that tutanota had raised their prices. They no longer have a $1 plan. Please update your content.
Thanks.
Rob h
B
I’ve found Protonmail support extremely lacking for Amazon Fire tablet, and lots of problems do arise. Currenty, I can’t open any e-mails because I immediately upon the mailbox opening get the message “This page uses too much memory, so Silk removed some content. Show original.” When I tap to show the original page, it takes me back to the loading e-mail page, which then results in the memory message appearing again. I have to trick it to even log out. I don’t have this issue with any other e-mail service.
aHumanBeing
Mailfence also has CalDAV support (see https://mailfence.com/en/doc/calendar.jsp). BTW, the Entry plan now costs € 3.50 per month. (They still have a free plan.)
John
CyberFear – January 25, 2023
We’re ongoing a hardware upgrade to resolve the “slow website” issues.
It will soon be completed.
With respect,
Alex, CyberFear.com
23-3-2023
“URL is not valid, not accessible or not allowed.”
Website Screenshot Capture Tool Free | IPVoid
[https://www.ipvoid.com/capture-website-screenshot/]
CyberFear
Hi John,
The hardware upgrade has been completed.
If you’re having issues accessing CyberFear.com website, please contact us.
With respect,
Alex, CyberFear.com
Mitch
Hi Sven,
Have you heard of Sekur email / VPN? I’m intrigued by it, although they are higher in price than others…
https://www.sekur.com/
https://www.sekurvpn.com/
RD
I’d also like to know where CyberFear is based. After the recent turmoil over another privacy email service that advertised servers in Curaçao–outside the reach of the 14 Eyes–but which turned out to be owned by spyware company Trustcor with shady US government connections and security expert confirmed spyware hidden in their services, I just don’t know who to trust anymore. I’d like a service that works with Thunderbird for GnuPG keys management (necessary for some services). Options seems to be the big anti-privacy email services.
Cyberfear looks good, but they need to disclose more about themselves. Too many scams today. CTemplar recently closed down. Why? Weren’t they also outside the reach of the 14 Eyes? And Skiff.com looks terrific, but they’re in the Captain of the Fourteen Eyes’ jurisdiction–the USSA.
Leprechaun
As far as I can tell, cyberfear’s website is hosted in a facility owned by OVH, in Wroclaw, Poland.
I would not be surprised if they also hosted other servers there. I agree with you that they should be a little less close-mouthed about some of their details — too much is unclear.
Greeta
Any thoughts on Swisscows email service?
Kathy
It’s ok till you run into a company that has a problem with their (swisscows) dot email domain. This is fixed by running two separate mail services, as I have to do. My second is skiff mail with a dot com domain. Both having free tiers!
Harsh
mailfence.com mail.ru check for their promise vs reality
EK
Countermail should be removed from these lists. I’ve been trying to open an account with CM since 2018. You need an invitation code, but no one on any social media site I’ve ever visited has one. What good is privacy email if only a few citizens have it? Hardly supports the privacy-is-a-basic-human-right ethos. And no one else I’ve spoken to who wants a privacy email account has had luck getting the elitist invitation code for CM either.
Lynn
Are there any secure email services outside of Europe? It just seems so strange that all of these services you review all always in Europe…. Perhaps I do not understand. Thank you for doing all the research and helping so many to restore privacy.
Blessings
Sven Taylor
Skiff Mail is a new one we just reviewed, based in California.
JanSi
I noticed that too, and with many Western Europe countries pushing for WWIII I would not want to risk my server being nuked.
vanp
What nonsense! Don’t listen to the news; it’s not taking you anywhere you need to be.
Harmony in one's consciousness is true happiness
Friends a useful article on nytimes.com—> personal tech
Everyone Wants Your Email Address. Think Twice Before Sharing It.
Your email address has become a digital bread crumb for companies to link your activity across sites. Here’s how you can limit this.
https://www.nytimes.com/2023/01/25/technology/personaltech/email-address-digital-tracking.html
The solution is to use services like Firefox Relay or Duckduckgo email protection or freemium services like Simple Login
Cyber Sven 🤖
I am happy with Gmail for bank and outlook premium for personal use. I don’t see why to use any other service when these are more secure and reliable. Google no longer scans Gmail content for targeted advertisements.
Mike
@Cyber Sven since GMail is proprietary Google can change the terms at any time. Google really doesn’t need to scan emails since they have plenty of other methods (like Google Chrome) to mine people’s data to begin with.
Saint Revolution
” … and, if you look out the window, there, on the left, we have an stooge ostrich with its head stuck so far in the Google/MicroSoft sand it’s licking Chinese toe jam. Please keep your hands in the vehicle, your brain on logic auto-pilot, and your ass completely out of 14 Eyes, as we continue our tour … WELCOME … to Jurassic Gigantic Criminally Corrupt Google/MicroSoft/BigTech/Government Collusion Treasonous Traitors’ Park . ” .
Kathy
I’ll have some of what Saint Revolution is having!
Brain on logic – for that to happen, one needs many experiences from all sorts of a practical application, where the tying of a thought, work process and the desired solution to a final end result one seeks – is minds-eye obtainable as well as an hands on executed triumph.
People aren’t lazy, just easy prey for the other sides hand-outs in the total equation. Free isn’t free…when your stolen from. The big bank-roll side of this equation where mining peoples data electronically is the norm. But come peek in my windows and become hamburger.
A guy
Google is a tech-giant who profits off of your privacy more than any of the others. Furthermore, they are in bed with the goverment. You have NO privacy with them. ZERO.
Do you like how they are pushing for censhorship as well? You support that?
e.r.
Why or why was my time wasted with countermail, when they are not accepting new clients and have not for years!? The only way to get an account is to happen to know another paranoid freak that happens to be using it.
Handsom Sven
A must watch Video. By Rob Braxxman
Protonmail a Flawed Privacy Strategy?
https://youtu.be/3v6bvqiErWQ
No need to pay for Proton Mail. Just use Multiple emails from free providers to segment your usage.
Anyway most of the email remains unencrypted with proton mail because of the nature of email protocols and it is more important to use a VPN while sending and receiving emails. For a sensitive use case just create a new email account for a single time use like Snowden did.
Move your most important conversations from email to secure chat applications like session, which is better than signal because it does not require a phone number.
OldGuyinUS
Sorry….one more quick comment before the end of the year. A BIG issue with Countermail right now is that they require an invitation code to get in, which can only be given by another member. There are Reddit threads out there of people looking for an invitation code, which it seems to me presents an open invitation for scamming. It’s a shame, because they otherwise sound like a good option. It’s worth nothing that every one of these recommended services are within one of the 14-eyes countries other than the Swiss ones, and given ProtonMail’s issues lately, even Swiss-based companies seem suspect of late.
Would love to see NordVPN offer secure email one of these days, given where they’re based.
OldGuyinUS
I’m curious about what happened to Cyberfear. I believe it was once mentioned on this site as “one to watch as a possibility” or words to that effect. Now it’s not mentioned at all. Any background on them? There are several complaints on Reddit about the service being slow/down altogether, though the website itself is still up and running.
CyberFear
We’re ongoing a hardware upgrade to resolve the “slow website” issues.
It will soon be completed.
With respect,
Alex, CyberFear.com
Considering Encryped Email
I just read the privacy and about pages on your website.
Are you an American company located in California?
What countries are your servers located? Saying that they are stored outside of the US is not enough information for me.
Note: I just tried to check out the blog and the latest version of Safari on a M1 machine says it can’t open the page because it can’t establish a secure connection.
CyberFear
Hi,
Our servers are located in Poland.
We are not an American company, and we are not located in California.
With respect,
Alex, CyberFear.com
Cyberfear User
I use cyberfear and love the product. Well worth the cost and admittedly the occasional downtime or slow service. I would really like to see a review of it in this site.
Mighty Chipmunk
Google introduces end-to-end encryption for Gmail on the web
https://www.bleepingcomputer.com/news/security/google-introduces-end-to-end-encryption-for-gmail-on-the-web/
Lightening Turtle
Sven Sir Phishing is a big cyber security threat. Even experts and tech employees in big tech firms many a times fall victim to such attacks which can be based on by sophisticated social engineering.
So it is not hard to understand how vulnerable non-technical and unaware common populace is to phishing attacks.
Thus users need a good antivirus and an email service which has effective protection against spam and phishing emails. I am not sure small email providers who are privacy focused can offer as good protection as google offers.
.
arstechnica:
I’m a security reporter and got fooled by a blatant phish –
https://arstechnica.com/information-technology/2022/08/im-a-security-reporter-and-got-fooled-by-a-blatant-phish/
Also Email Protocols are inherently – by design unsafe and not private and thus even email services like proton mail can’t do much. Email protocols were designed at the beginning of internet era and were not designed to keep security and privacy in mind and these legacy protocols have been in continuous use since then.
Protonmail a Flawed Privacy Strategy?
Email is unfortunately a necessary evil.
https://www.youtube.com/watch?v=3v6bvqiErWQ
Is Protonmail Safe for Security and Privacy?
This video explains the risks of emails in general and then discusses the specifics of Protonmail (which are the same as Tutanota, Startmail and other privacy email platforms). Are you in fact made safer by these platforms?
https://www.youtube.com/watch?v=8Ppl62Bl9RE
I would definitely like my bank email to be a dedicated gmail account to get complete protection from Google’s advance proprietary technology and machine learning. And I would prefer a number of separate email accounts for services, general communication, banking, newsletters etc. This helps to reduce data collection and also increases privacy and security.
I would use a VPN when sending emails to hide my real ip address and would avoid using emails at all for sensitive and personal communication for which I would use secure chat applications like Signal.
Saint Revolution
Google is NSA .
Do your damn homework .
You can segment and provision your eMail(s) with as many Gmail accounts as you wish and still, in the end, your are simply, AND DIRECTLY, handing over ALL your information, first-generation, firsthand, directly to the US spook industrial complex, VPN or no VPN, Google “encryption” or no Google “encryption” . Google’s “encryption(s)” algorithm(s) code has/have MASSIVE backdoor access for the treasonous traitorous unConstitutional illegal criminal spooks .
bud
I have stopped paying for protonmail. In my opinion based on the number of cookies it now creates, based on the length of time it connects and disconnects, it has joined the dark side. If you have a program that can show you a cookie log, go to protonmail and then check the list of cookies. sign up for mailfence (just trying it now) and compare the above mentioned points. You will be surprised.
SR
Yah, especially with that long connection time, somebody’s grabbin’ n downloadin’ a bunch of sumthin’ from yer device during login. Put a packet sniffer on your internet connect ports, physical AND virtual, and audit your protocol packets n frames n see what types are on the move n where they’re comin’ from n goin’ to.