If you are interested in a reasonable level of email privacy — email that is securely stored and not scanned — consider FastMail.
Details on Non-Tracking Email Providers
Almost all of us would prefer our emails to remain private or at least not routinely scanned by large corporations and government entities. There are email companies (listed below) that provide a service where your email will remain fairly secure and not scanned.
Note, however, that regular email is an inherently insecure medium. This is because email is always sent to someone else — thus releasing them into unknown hands. For example, if you email someone who uses Gmail, your email will be scanned by Google and the NSA.
If you want to avoid this situation, you’ll have to encrypt all your emails and send them to people who also have encrypted email installed (see “Encrypted Email Providers” below).
FastMail: Reliable Email With No Tracking
If you want a reliable, independent email service that doesn’t scan your messages like Gmail or Hotmail, I recommend using a provider like FastMail.
Based in Australia, FastMail has been running for 17 years, and they have a good privacy policy regarding email storage. Here’s what they say:
- we use encrypted SMTP for sending your mail when the receiving server supports it
- we mandate encrypted access for webmail, IMAP, and POP
- we use Perfect Forward Secrecy where possible for all encrypted connections
- we encrypt all email while at rest on our servers
- we encrypt communications between our data centers
After testing this service for years, I found this company to be a reliable provider. FastMail has well-designed apps for iOS and Android.
Other Non-Tracking Encrypted Email Providers
Here are similar services that provide end-to-end encrypted email:
- Protonmail – recommended for encrypted email
- Tuta
- PrivateRelay
- RunBox
- Unspyable
“tradeKey” is a B2B marketplace where companies sell products or services to other businesses. tradekey is the website that connects you with tissue holder suppliers for your only online store.
https://www.tradekey.com/popular/tissue-holder.html
Pingback: private email Accesso – infocakes.com
Pingback: Www best private email account Sign In Your Online Account - loginrecords.com
I’m trying to find a private email service that integrates calendar and contact with iOS. Currently using Fastmail which does a good job of it so I can constantly sync both between the app and my devices. But I’d prefer more email privacy with these other features if possible. Which, if any, of the above providers do this? If none of them do, are there other privacy-friendly services that provide this kind of integration?
I believe Protonmail can do the same integration and offers encrypted email protection too.
I am DuckDuckGo searching the Internet for list of headquartered in Denmark companies that provide the best free E-Mail accounts, for public users’ privacy. I have not been able to find any, I usually do find it had find Internet based services & companies that are headquartered in Denmark, even within website of Denmark’s gov.. Can you provide me the website(s) that has such a list?
is there any email services that doesnt require running javascript?
Hushmail might be an option?
Near the bottom of the page “Binfer has been listed as top 50 upcoming startups in Chicago.” USA is a 5 Eyes country. https://diigo.com/0jmmty
Finaly, somebody who KNOW!!! People do not know nothing about 5, 9 and 14 Eyes Alliance! Some “experts” recommending providers located in one of these alliance states, telling people they are safe!!! EVEN Proton is currently NOT safe. Proton is located in Switzerland!!!! People, educate yourselves, before make your decision. Use common sense!!
True for some people. My emphasis in on privacy services that suit most people who want avoid tracking and hackers, etc.
Switzerland is not a member of any of the alliances. Here are the countries: The Fourteen Eyes countries are the US, the UK, Canada, New Zealand, Australia, Denmark, France, the Netherlands, Norway, Germany, Belgium, Italy, Sweden, Spain.
what ports are used with the emails you are promoting as being encrypted? and are they using pop3, IMAP, or STMP ?
Most people use the encrypted web interface.
I had Proton mail for almost 2 years and had one major issues that made me stop using it. Long story short, when you forget your password and have to change it, your emails will become encrypted. According to Proton mail the only way to decrypt them is to enter your original password. You can’t enter something you forgot.
Unfortunately for me, I had some older emails that were very important and there was no way to retrieve them. So I decided to part ways with Proton mail.
If you go with Proton mail just be aware of this issue and don’t ever forget your password.
You can set a recovery email:
I keep typing my changed password in and it keeps saying login credentials incorrect and when I put in my old password in it says the same and I am sure the new password I typed in is the one I changed it to using Proton Mail’s procedure. I am fortunate that I have a rescue email that they can respond to..but the problem is all I want to do is change my password not reset it. So what happens if you type in the new password and it wont work
These questions are best directed at Protonmail support.
if i make this my email and send out email to some who does not have this as their provider will they be able to read my emails
That is correct, unless your receiver also has a Protonmail account. Protonmail does provide an option to send a password-protected email to any recipient.
One of main reasons I use encrypted email is because it provides protection if Protonmail is hacked, and it also provides some protection from eavesdroppers.
its prob right pass and u prob gave it to ur rival ops.
code name prism
ask ur alexa smh
He could setup also FreeOTP app [one use codes] for proton 2FA [two factor authetication] on his mobile phone. There are additionaly one use codes if he would ever forget password to reset it into new one. For passwords it is better to not trust password manager softwares or apps. How can you be sure that a developer behind it or company do not secretly have decrypting backdoor for secret access into yours passwords/credit card numbers and so on? You cannot be sure that password managers will not send background data into them servers? It is more secure to create your own password and login keeping simple system. For example if you have proton account and some other account you can write down your logins in simple text file in some combination known only for you. Like e.g. if login is ‘greycoder’ then for simplification you can always add some addition like ‘greycoderproto01’ or greycodergoog01 and so on for easy way to remember your logins with different websites, forums, email providers and so on. Similarly password can be created with fixed part and memorised part. For example: if your login for protonmail is ‘greycoderproto01’ then password could be e.g ‘greycode123###’ and this can be just part of full password. You can easely remember it. So ‘greycode123###’ is kept in your mind and this is fixed part of the password. But at itself this would be easy for brute force to crack, so you have to add some complex addition at the end e.g. ‘4*$Tkjafdouoy45t5ou53hsjD{DGda_hf’. This is too complex to remember so you can just keep it in simple txt file which have to be kept securely in a few copies in different locations (e.g. encrypted in some container encryption software like veracrypt). If someone would find out your file with logins and passwords and even if he would be able to decrypt it, then he would found incomplete logins and incomplete passwords, because fixed part of passwords only you remember. So your login for protonmail could be ‘greycoderproto01’ and password would be ‘greycode123###4*$Tkjafdouoy45t5ou53hsjD{DGda_hf’. By using this kind of combination you have to just remember fixed part of password ‘greycode123###’. Login ‘greycoderproto01’ and second part of your password ‘4*$Tkjafdouoy45t5ou53hsjD{DGda_hf’ can be copy and paste quickly from your text file. This method can be done for infinite combinations and you can use very long passwords impossible to remember without need for trusting password manager applications. This is simple example, so your fixed part remembered in mind can be much more complex and can be added in different places of the ‘copy-pasted’ part of password. For example your fixed part of password could be placed always after 6th place and then at 11th place you can have some additional fixed part. So in this combination your login would be the same ‘greycoderproto01’ but password would be much complex ‘4*$Tkjgreycode123###afdougreycode123###oy45t5ou53hsjD{DGda_hf’.
In result you can create random look passwords very complex but still easy for yourself to know, as only you understand your combination in your password. You would have to count into 6th and 11th place to write there your fixed parts of passwords. This is just simple example, but using this method of logins and passwords you can quickly use complex passwords by ‘copy-paste’ from text file and then add your fixed part. In your text file (kept in encrypted container using e.g.veracrypt) this would look like this:
PROSwiii1: greycoderproto01 4*$Tkjafdouoy45t5ou53hsjD{DGda_hf
Goe1: greycodergoo02 hu5i35yaSEGTH^JaghSDFG5tahjddjc$QD
So, for this example (‘PROSwiii1’ means ProtonSwitzerland account no.1) and (Goe1 means Googlemail no.1 ). And even if someone would somehow get access to your text file and could look into it, he would could not be able to figure out what it is for and even if so, without fixed part of your password kept only in your mind memory there would be no way to get access into your accounts.
You can even print your text file and send it for NSA but without your fixed part of password which you store in your brain memory, they would have no use of it. Of course someone can spy on you with keyloggers or with other ways, but it is still more secure way from password managers which also can be hacked with keyloggers.
very nice..
I don’t see this as an issue, but an issue for you. On the contrary, it seems like this is an A+ for Proton Mail as that is exactly the purpose of encryption, that no one can access it. It’s like buying the best vault and then complaining you can’t open it because you forgot the code.
Two thumbs up! Security is not supposed to be easy to circumvent.
It’s 2021, time everyone should be using a password manager.
Yes like in Opera browser when browser looses my passwords & logins entirely and i can not get it back ! So now i seek an new email account to recover logins (luckily the bookmarks still exists) that Opera”forgot” !? There is no digital manager what so ever that can protect from loosing all your valuable information ! I didn’t know that browsers are so crap coded shit and no browser is truly portable that preserve all your information if OS crashes – u run it everywhere – yes – but password u loose !!! Whats the point to have it secure and encrypted if u can not access it due MS OS/other OS malfunction ? I have learned this the hard way ! All your logins u should have in txt file somewhere on some thumbs key just in case or printed out ! Now some would say that is huge security risk – but when all goes south (encryption is then level up trouble of non recover possibility) u have your logins ! And there is no password manager that can help u !!! And always have a more that one backup ! Shiny new technology in 21 century not so shiny any more – more like cucumber some crappy non trusted/reliable ones ! Why is that so ? Developers want you to be static, glasstrough transparent, geolocated, profiled … etc … that’s way crappy code their products !
If you use a password manager like Bitwarden, all your passwords are backed up into the cloud every night.
Opera browser is own by China! Good luck.
Owned by Chinese corp AND they sell your data. Time to stop drinking the koolaid and read that TOS and Privacy Policy. It’s heartbreaking, I know. I was in your shoes not too very long ago.
Vivaldi.
Or, if you want something for Android, I really like Bromite.
my problem is when I reset my password because my email account has been hacked I changed my password using their protocol and know I can not sign into my account using either the old password or the new one using the procedure Proton says you should use
I would say it is almost as bad when you type in your new password that you have changed per Proton Mail and it does not recognize it but says log in credentials not recognized and you use the old password which you know and will not work and you have a recovery emails…so never retype the new password in wrong and your old password wont work and you are fortunate to have a recovery email…you still might have to reset your password instread of change it after all of this…not much better the Firefox browser is the most current version as well
Protonmail IS, ..WITHOUT QUESTION.. interconnected with the NSA ..AND..the CIA. This is NOT conjecture.
Wake up People. ‘Safe’ email does—not—exist. If you think it does, you are fool.
Protonmail Does Not Provide “End to End Encryption”
Professor Nadim Kobeissi mathematically proved that Protonmail does not provide End to End Encryption. Meaning, Protonmail has the ability to decrypt their own user’s data. When this was shown to be true, Protonmail users were outraged they had been lied to. Protonmail was forced to issue a public statement. Their statement begins like you would expect it would.. by shitting on the security researcher that revealed their dishonesty. Then they continued to say: “We lied to our users because other email companies did”. No apologies. They can decrypt any of their user’s data be sending them scripts that allow them to do so. However they advertise that they can not. Protonmail’s admission proves they offer the same security that Gmail offers. Both Gmail and Protonmail offer encryption that they can decrypt whenever they want.
3. Protonmail’s Was Created Under CIA/NSA Oversight
Gmail & Protonmail were both created in CIA/NSA funded departments with their oversight. Protonmail has tried to hide this part of their history. We wrote a whole article about it here.
4.Protonmail is Part Owned by CRV and the Swiss Government
After a successful crowdfunding campaign with promises to “remain independent” Protonmail sold equity ownership to CRV and FONGIT. At the time of the equity sale a CRV founder, Mr Ted Ditersmith, was working for the US State Department closely with President Obama. His position as a delegate required close contact with CIA & NSA administration. Mr. Ted Ditersmith had also witnessed the Edward Snowden revelations and made statements that he planned to use his corporate knowledge to “fight terrorism”. FONGIT is a Non Profit organization that is financed by the Swiss Government. Protonmail staff member, Antonio Gambardella, also works for the Swiss Government.
5. CRV, In-Q-Tel & the CIA
The CIA openly operates a front company, In-Q-Tel, whose stated purpose is to invest in tech companies on behalf of the CIA. In-Q-Tel has stated they have a specific interest in the information contained in e-mails and encrypted communication. In-Q-Tel has been shown to be the bridge between the CIA and Gmail. An analysis of staff members reveals CRV & In-Q-Tel connections. The US media confirms these connections when they interview CRV so that they can understand In-Q-Tel. Additionally, The mastermind, cryptographer & back end developer that created Protonmail, Wei Sun, now works for Google.
6. Protonmail Follows CIA Email format & Metadata Requirements
Leaked documents at Wikileaks show that the CIA requires emails to be stored as an EML filetype. There are several ways to store emails, and Protonmail has selected the format that the CIA requires. Protonmail offers no protection for users’ metadata and has officially stated that they turn metadata over to Law Enforcement. Edward Snowden revealed that the US government cares least about the content of emails. Mr. Snowden revealed the US Law Enforcement cares most about who a person is talking to, the dates & times of the emails, and the subject of the email. Subject and metadata encryption are not difficult to provide. However, Protonmail refuses to offer any protection on data that is most valuable to the CIA & FBI and they store it as plain text (No encryption). Edward Snowden stated the NSA “isn’t able to compromise the encryption algorithms underlying these technologies. Instead, it circumvents or undermines them by forcing companies to cooperate in other ways. Protonmail has refused to protect the information the NSA wants, this is a concern.
7. Swiss MLAT Law Could Give the NSA Full Access
Protonmail’s Servers Reside In Switzerland, a country with an MLAT treaty that could allow the NSA to continue it’s the mission of recording “nearly everything” about a person’s internet communication. Any doubts the MLAT treaty applies are removed when you take into account that Protonmail is part-owned by FONGIT, a Swiss Government-financed company. Protonmail has also recently revised its Privacy Policy to include wording and requirements from the MLAT treaty. Their actions show they are capitulating with the MLAT treaty. Revisions include a change to their privacy policy allowing them to track your location while you use their service in some situations.
Carl, this is great information. Do you have any suggestions for an alternative to ProtonMail?
Perfect question
He makes a lot of conspiratorial claims but provides no sources or alternatives.
We are a small private email provider with no corporate or government ties, https://i3.net we actually do what proton says they do.
Larry, where is i3.net located? Paying for subscription by PayPal, I can say goodbye to anonymity.
Do you have respectable, unbiased sources for all of these claims?
Greetings,
I have been with protonmail for like 3 years has a subscriber plus and I’m really satisfied with them i have it bridged mode with Mozilla Thunderbird and have my domain prvt email with them I have never had problems with this service and it’s very reliable and i know that my emails are safe I don’t get much spam email with my email Alias
Cheers
Marko
Other countries that are part of 14 eyes making it 18 Eyes.
https://www.my-private-network.co.uk/vpn-provider-14-eyes-country-something-know/
Israel (Suspected – Reported observer for 5 Eyes)
Japan (Suspected – Fibre optic tapping request)
Singapore and South Korea (Confirmed – Revealed in Snowden leak)
This article talks about many “secure” email providers in 14 Eyes Countries that should totally be avoided. After the list of providers there is some other information I found more interesting than the list of providers.
Secure and Private Email Services
https://restoreprivacy.com/email/secure/
Any email provider located in these countries should not be trusted regardless of how good they say their security is: Australia, Canada, New Zealand, United Kingdom, United States, Denmark, France, Netherlands, Norway, Germany, Belgium, Italy, Sweden, Spain https://restoreprivacy.com/5-eyes-9-eyes-14-eyes/
“Switzerland have the toughest privacy laws throughout the world”
Maybe, but the law is related to Swiss citizens only, not to other nationalities. GDPR additionally covers EU citizens.
And a bit of reality on Swiss privacy laws: https://digitalcourage.de/blog/2015/swiss-surveillance-full-monty
Having been a Protonmail and VPN user for several years all of the information shared here about Protonmail is of great interest. I did a web search for the title of the article shared by Dr.S and found another article denying what is said in that article. Hard to know what or who to believe, a lawyer that doesn’t have any direct access to Protonmail programming and architecture to see what is really going on “behind the curtain” or the provider Protonmail who denies the lawyers claims.
https://www.hackread.com/protonmail-denies-that-it-offer-real-time-surveillance-assistance/
It has been well established throughout history that companies and governments routinely deny, lie and obfuscate. The more these violations of trust are exposed it is harder for the general public to know when/if a company or government is telling the truth. Even if we assume they both lie more than they tell the truth it is quite difficult to get enough people to care to cause a positive change. The most important thing is to continue sharing information, like the comments here, that is both for and against and hopefully as time passes enough information will become available that reasonable guesses can be made for what information to follow.
Pingback: What Is WordPress One-Click Install And Why You May Not Want It – Gregory J Development
I love ProtonMail, but I have had trouble with them accepting payment after a fraud alert on my card. I was wondering has anyone else had technical issues with them?
It’s probably your specific card. As a US resident with US credit and debit cards over the years I have used both a debit and credit card to pay for my Protonmail and VPN membership without a problem. On the website or app for both credit and debit cards there might be options enabled to limit oversea’s or foreign transactions, that would be the first thing to check. Try calling the card provider and ask if they can see the denied transaction. From my experience of having a few transactions denied if they can see the transaction they can approve it and when the transaction for the same amount is performed again it will be approved.
Check with your phone provider whether it be landline or cell phone that there are no Scam blocking services enabled on your phone account. It could be that your a fraud alert system for your financial institution tried calling to verify the Protonmail transaction and the call was blocked.
I use T-Mobile prepaid for my cell phone provider. Three or four times in 2020 I did some large online purchases with two new credit cards. For both cards I received an auto-dialed call from the fraud alert system asking me to verify my recent transaction plus other transactions to confirm my identity. When my smart phone rang for one of the calls it said Scam Likely on the screen. I figured it was a fraud alert call because of my transaction I did a few minutes earlier, answered the phone and I was correct. Confirmed the transaction and it was processed a couple days later. I’ve also received a wrong number phone call from another cell phone mislabeled as Scam Likely.
Here’s some things I learned talking with T-Mobile tech support about their Scam Likely system. 1) There’s no way to report a phone number that has been mislabeled as Scam Likely because a few of the triggers that cause the Scam Likely alert is an auto-dialed call, or it could be a call with a number that is unavailable or blocked from showing. 2) It’s common for phone numbers that were previously identified as Scam Likely to be reassigned to another customer when they activate a new account and there’s no way to change or update the T-Mobile system to remove the Scam Likely label. 3) Saved the fraud alert phone number for my credit card that was labeled with Scam Likely to my contacts so next time it should appear with that name and not Scam Likely. I haven’t received another call from that number to confirm that.
T-Mobile also has Scam Block. If the T-Mobile system identifies a phone number as a scam it won’t allow the call to even ring your phone or leave a voicemail, you’ll never know that a call was blocked or denied by the system. After my bad experience with Scam Likely I certainly didn’t want to have Scam Block enabled because that would be even worse than a call being mislabeled as Scam Likely. I had the Scam Likely disabled and had the T-Mobile rep helping me leave the Scam Block disabled so I wouldn’t have to worry about missing any legitimate phone calls from business or places I shop with online.
Please remove Jumble from your list. That website is jailed in CloudFlare’s walled garden of privacy abuse. It’s absurd to trust a CloudFlare site for this sort of thing.
You’re looking for email providers hosted in countries like Switzerland, Sweeden, Norway, Belgium, Iceland and even Germany yes Germany. their privacy laws are not as bad as you think. When choosing an email provider jurisdiction, encryption and whether or not they keep logs or not or even strip off email headers and ips to anonymize things for their clients.
1. Tutanota-is a German based secure mail service run by a small team of privacy enthuisiasts with no outside investors or owners. They have good strong encryption to other Tutanota users or a non user is provided with a link to the decrypted email.
2. Proton Mail only makes the list because its base is in Switzerland and they have the toughest privacy laws throughout the world. That being the reason i use Threema end to end encrypted chat and voice calls. Based in Switzerland your info is safely away from prying eyes and you would’ve had to of committed a major serious federal crime for authorities to even start the process of trying to acquire any info off Swiss servers if there is any info stored on them as both companies claim to store nada. With the flaws Proton mail does have it was still named in America as the only email provider in the world that the NSA couldn’t crack which was around the time Lavabit was shut down for cooperating with the US Government.
3. Mailbox.org- Private email in Germany and they still have strong privacy laws albeit what you might think. I been through the System over there and the prosecutors couldn’t get a court order to release my privet encrypted correspondence with my so called co accused. Mailbox. org is a fully featured provider with calendars, events, address book, drive, portal;, spreadsheet, presentation and web chat. They also offer various form of encryption and are PGP encryption supported.
4. Poseo – Privacy focused email in Germany. They go thr extra mile with regards to privacy of their clients with strong end to end encryption, totally anonymous registration, they keep no logs or messeges on their servers and even strip all identifying Headers, Subjects, recipients and IP addresses while in the sending process. With strong encryption and PGP supported no logs or digital trail of their customers, this is one of my favs.
5. Mailfence- Fully featured secure email in Belgium.Features secure email and storage on encrypted servers, file storage, PGP support and being Based in Belgium which is a good privacy jurisdiction with strict data protection laws.
6.RunBox – Private and sustainable mail in Norway. \running for over 20 years now from a privacy perspective Norway is a great jurisdiction with constitutionally guaranteed privacy rights. Comes with good encryption options, supports numerous mail clients and they give you 100 aliases per mail box.
7. Countermail -Private and secure Swedish email service.Operating for over 10 years they boast the most secure online email service on the internet, wit excellent free support, PGP encryption with 4096 bit encryption keys along with no logs, diskless servers and they anonymize all identifying parts of an email so it is sent totally anonymously. They also protect users from identity leaks and man in the middle attacks with RSA and AES-CBC encryption on top of SSL.
8. Finally we arrive at CTemplar- A new Armored email service in Iceland.They claim to be the most secure email providers in the world with the most restrictive privacy laws regarding personal data than anywhere in the world. With Strong encryption standards, PGP support, toughest privacy laws behind them and some strange features such as bare metal servers which don’t store any personal info or emails that have been stripped of identifying headers , subjects, IPs and recipients. They seem like a strong contender for the most secure email providers anywhere.
Tutanota is German based all emails in Germany are reported as a text file to authorities, there is no such thing as a secure email,not from NSA and Govt spying world wide, same thing anyway.
I read the article and tried all of mentioned mails.
None of them is secure or private as they all use javascript, which is oxymoron to security and privacy.
Does anyone know about a freemail, that is not using javascript?
Looking forward to your answers.
Please add Normail to your list of encrypted providers. thanks
No, they really shouldn’t add it to the list.
First: you are promoting your own product.
Second: The website provides nearly no information about what’s provided.
Third: The sign up process requires you to pay first “Then email jc@normail.co with the username you would like”. You can’t check the username first?!
I wish you luck with your service. For now it looks like it’s still in development and a long way from being something any consumer would want.
Unironically, check out cock.li. I think it’s also javascript free.
Cock.li is in Florida, United States. They have a page on their web site with several warrant requests from various levels of law enforcement they received and complied with. Don’t trust or use any email provider located in the USA not even providers that claim to be secure, private etc. Don’t use any email provider located in any of the 5 Eyes.
A web search for Normail shows nothing relevant. Going to normail.co and http://www.normail.co shows a page that says “This domain may be for sale. Click here to inquire.” Search on Whois.com shows normail.com is unavailable but the website http://www.normail.com doesn’t work or load anything. Whois shows normail.co is available for $119 USD. A web search for “James Campbell Normail” shows a lot of results for other people with the same name, but nothing for the James Campbell associated with Normail.co.
Gaining access into my wife’s device was not that easy, as my expertise wasn’t that much not until I told AFONKAPETROV@TUTANOTA.COM about this. He helped in cracking the AES (Advanced Encryption Standard) and EXPLOITING all VULNERABILITIES in the device hereby providing a thorough access to the mobile’s data. After all, it was not a waste of effort. There was SEVERE INFIDELITY on her part. Now, I guess I need the divorce immediately and child custody too.
ProtonMail CAN NOT be considered private and anonymous, the encryption happens on server, and they mandatory ask you for a confimation account on SMS, EMAIL or Money Transfer!How can this be a anonymous?
According to this page, the encryption happens before the email reaches the sever: https://protonmail.com/security-details.
Regarding privacy, they say: “No personal information is required to create your secure email account. By default, we do not keep any IP logs which can be linked to your anonymous email account.”
Privacy and anonymity is never perfect — it’s up to you to determine the level that is right for you.
Very helpful article for the non-techies like myself. Thank you!
And to prove just how unknowledgeable I am, I’m going to ask why there is no dictation feature available for these replies, something that’s somewhere btwn useful and vital for some of us disabled. (Oh, & the system is telling me I’ve already made thus comment –nope!
Sorry for any lack of dictionary feature — the comments are standard WordPress comment but perhaps the anti-spam feature is at fault here. Could you send me more details on the problem?
Hi,
I would not recommend Protonmail for various reasons:
I have been using them for a while and I am quite disappointed by a number of things:
– Bugs and technical issues on a regular basis (but as it is free, I can’t really complain).
– Email body might be ‘encrypted’ (if writing to another Protonmail address) but title and subjects are not.
– A number of emails end up in the wrong folders, there are issues creating and adding folders, and also some issues with spam and junk.
But mainly I have seen who is managing the company and I have also been in their main offices and seen its employees in action and I am not optimistic about their future:
1/ They are still not profitable while having been in business for quite a long time now
2/ They are still at the seed level, living off investment rounds, but, again they have been in business for a long time now.
3/ I don’t think the executive management has the right business model and vision.
4/Too many ‘tech’ people, not enough business people that could propel the company forward and help it move away from the ‘incubator’ it seems to be stuck with in Geneva.
Last but not least, Protonmail is not a real privacy respecting tool. It was when i started, I could create accounts without having to provide another email or a phone number.
Today, if you want to create an account, you have to provide (3 choices):
– A phone number (therefore, your privacy is not fully respected as they have your phone number).
– Another email (and they refuse disposable, anonymous emails), again no privacy here.
– And, worst of all, you have the option to donate by providing your credit card number (what kind of privacy is that )?
So, besides the lack of real privacy and recurrent tech issues, the current business and management of the company which might force them, one day or another, to become even less private than they pretend to be today or worse, disappear or be acquired .
I just signed up for Proton and I am not a technical person. If you’re looking for anything else, but privacy, I would never use proton. Everything I am speaking about is on a laptop, not mobile. Their support is generally in technical terms. I blocked an address and kept getting spam. Oh, that’s just blocking it from your inbox, not from getting it. You have to copy a code and paste it, and then add the address you want blocked, if you really want to block it. JMO,I shouldn’t have to anything with code. I used the bridge and have multiple email addresses, so I have to pay. Almost all of my incoming messages don’t go to the address I established; it goes to some mail box called all mail. The desktop version, in all mail, doesn’t tell you where all the emails reside…spam, inbox, draft, but the mobile app does. They told me to see if browser is using desktop or or mobile….and change it to mobile. HUH? I established the 5 email accounts so incoming emails would go to that address; it doesn’t. I did have 2 emails from Amazon that went to the right email address, and after I opened them on mac mail, they disappeared. Ah, they went to the all mail folder which I hate. I couldn’t send mail from the laptop and going around for 2 weeks…why. I tagged CEO Andy Yen, but he has more guys respond in technical terms…useless. I can’t get any answers, and asked 3 times, about why aren’t my incoming messages going to the right place. So I am looking for another provided…again I am not technically inclined as most of you are, but they have given me incorrect information, after following their advice
I sorry you guys have issues with the service. I use it daily without problems, and the company itself seems dedicated to providing a quality product.
One realy good email provider: https://runbox.com
runbox is located in Norway. Norway is member of 14 eyes Alliance! No privacy, kissing Norway government ass!
Fastmail is based in Australia, which is part of the “14 eyes” consortium (look it up). So… the US or UK or Germany or … could be spying on your emails stored in Australia. So… Fastmail may not scan your emails, but many governments might. Plus, the Australian govt could demand Fastmail turn over all emails at any time and Fastmail would not even have to tell you it happened. It is unlikely these govts are interested in 98% of us, but your emails are not safe from prying eyes in Australia. Protonmail and some others are very different. As far as VPNs and email providers are concerned, it is best to not do business in any of the “14 eyes” countries or (of course) Russia, China, Iran, etc (because those govts have no respect for any laws whatsoever, theirs own laws or international laws). Just want folks to really understand the landscape. Though I loves me some Aussies, your emails are not safe on Australian servers.
Indeed — I note this information in the article, and list the encrypted email alternatives.
The 14 eyes Govts have no respect for International laws either. The United Snakes bombs somebody or something every 12 minutes round the clock every day.And has sanctions on 70 countries, they are all wrong right?
The United Snakes is a Colony of Israel as is UK and Eu.
Stupid comment by a Nazi
Frodo, so far I didn’t find any email providers that are based in a country that’s outside of the “14 eyes”.
Further, Protonmail can’t be considered safe, because it generates keys on the server side, which is open to manipulation.
And yet further, Protonmail logs IP addresses and cooperates with Swiss authorities: https://web.archive.org/web/20190529151510/https:/steigerlegal.ch/2019/05/23/protonmail-real-time-surveillance/
Previously shared by the web master:
According to this page, the encryption happens before the email reaches the sever: https://protonmail.com/security-details.
Regarding privacy, they say: “No personal information is required to create your secure email account. By default, we do not keep any IP logs which can be linked to your anonymous email account.”
Privacy and anonymity is never perfect — it’s up to you to determine the level that is right for you.
Remaining part of my reply:
ProtonMail doesn’t comply with all legal requests, but they do comply with some and so do all other “secure” email providers. Secure email providers aren’t going to sacrifice years or decades building a “secure” email system only to randomly shut down their service to protect one individual user when hundreds-of-thousands or millions of people pay for and rely on that provider for personal and business email. If all the “secure” email providers took that approach users of these email providers would have to routinely be looking for replacement providers which be few and far between when considering the costs of running a “secure” email service.
“Protonmail and some others are very different” NO, they are not! Do your research. Protonmail gave French Socialist government data of some environmental activist! Go figure!
Great list, are any of these available on F-Droid? I’ve looked around a bit, but couldn’t find any of them. Would be a huge improvement if you don’t want to be tracked by Google.
I’m using Tutanota and couldn’t be happier. The app recently dropped on F-Droid: https://tutanota.com/blog/posts/open-source-email
It’s also good for anonymity: https://tutanota.com/blog/posts/anonymous-email
servermx.com
protonmail.com
CryptoHeaven.com
lockbin.com
Servermx located in 14 Eyes Italy.
CryptoHeaven.com located in Dominica with a mailing address in Ontario Canada.
Lockbin.com located in 5 Eyes USA (Boca Raton, Florida USA).
Check the Contact or FAQ pages first for location info. If it’s not there read through the rest of the website to see if it’s mentioned or go to Whois.com and type in the website address to see what information shows.
Don’t use any email provider located in the 5 Eyes countries, preferably not any of the 14 Eyes countries.
5 EYES: United States, United Kingdom, Canada, New Zealand, Australia
9 EYES: 5 Eyes + Denmark, France, Netherlands (Holland), Norway
14 EYES: 9 Eyes + Germany, Belgium, Italy, Sweden, Spain
The intelligence sharing program created a few alliances, but the details are murky. In addition to the 14 Eyes nations, here are other countries that may be part of this secretive alliance.
14 Eyes + these countries = 18 Eyes (my unofficial name)
Israel (Suspected – Reported observer for 5 Eyes)
Japan (Suspected – Fiber optic tapping request)
Singapore and South Korea (Confirmed – Revealed in Snowden leak)
Aha, this page was discovered by the rusky trolls and immediately started campaigning. Who will be the next president?
Please review https://soverin.net/ as this is a private & secure by design email service targeted at non-technical people – so very intuitive / easy to set up and use. No tracking, no advertising and no profiling. 25GB, calendar, personal profile page and contacts. Love to be in this list the next update.
I am trying to contact the soverin.net customer support via twitter,contact form but never received a reply. The email provider without any customer support is not worth to consider
Another one worth consideration:
https://www.thexyz.com/
I found a spam filter that offers end-to-end encryption as well https://www.everycloudtech.com/everycloud-email-encryption
And don’t forget http://zoho.com. A full, free suite, no ads, and no snooping your email!
I’ve been using zoho for a couple months. I like it so far, but you’re only allowed 1 email free and I need others for business.
Not only is Zoho in the 5 Eyes capitol the USA but they also have offices in the country of a 5 Eyes partner Australia and 9 Eyes Netherlands. Zoho (Location page on website: headquarters in Pleasant, CA USA. Offices in other 8 countries: Netherlands, Australia, India, China, Japan, Mexico, United Arab Emirates). Don’t use an email provider located in 5 Eyes country and preferably not even in a 14 Eyes country.
5 EYES: United States, United Kingdom, Canada, New Zealand, Australia
9 EYES: 5 Eyes + Denmark, France, Netherlands (Holland), Norway
14 EYES: 9 Eyes + Germany, Belgium, Italy, Sweden, Spain
The intelligence sharing program created a few alliances, but the details are murky. In addition to the 14 Eyes nations, here are other countries that may be part of this secretive alliance.
14 Eyes + these countries = 18 Eyes (my unofficial name)
Israel (Suspected – Reported observer for 5 Eyes)
Japan (Suspected – Fiber optic tapping request)
Singapore and South Korea (Confirmed – Revealed in Snowden leak)
Thexyz.com is located in 5 Eyes Canada
Pingback: Saying goodbye to Yahoo. Taking back my privacy a little at a time.. | Roberts Thoughts 2
Hi
Thanks for the list.
nowadays the privacy issues are more than important: are critical.
Anyway I suggest you, in case of any further upgrading of this article, to take a look also at :
http://www.zixcorp.com
http://www.servermx.com
Max
Servermx is located in 14 eyes Italy. ZixCorp is located in 5 Eyes USA with their home office in Texas along with an office in Michigan, Minnesota and Ontario Canada another 5 Eyes country. Don’t use any email provider located in a 5 Eyes country. Not even a provider that claims “privacy” and “security.”
Hey! You’ve created awesome list!
I would like to add all “10 minutes email” services. They are really useful to use them when we don’t want to receive suspicious messages 🙂
Temporary email systems are quite useful, I review some here: https://greycoder.com/use-a-disposal-email-address-when-you-dont-want-to-give-out-your-real-one/
Fun article makes me LOL, and only for the ‘easy to believe everything’ people.
ProtonMail based in Switzerland and (?nutral?), founded by people who went to Harvard and work at CERN! lol
Others are all based in the European Union or United States! (nothing is safe here)
No matter what encription, they own it all! 😉 Don’t get foolded people. It is all B*ullCrapp, and its Bad for ya!
If you want secure Email – Server Hosting – Websites etc, i suggest you look in countries that don’t screw up our freedom of security. Example: Panama — Russia — Brazil — China.
Search for ”’Hosting providers PANAMA”’, you’ll get the best and only FREEDOM of SECURITY and PRIVACY there is!
PS: Use !!VPN!! And PAY for it, things for free doesnt fly, nothing is for free in this world 😉 😀
What makes a Russian provider more trustworth than a Swiss provider? If you don’t trust encryption, you should probably be looking for something other than email to communicate.
Seriously, you need to ask this question…
NSA rings a bell? All European traffic goes true there mate 😉
They also walk into your Windows/Apple/Android computer or telephone any time they want to.
I suggest; Linux OS – Pre-Paid(cash) telephone – ‘Russian’ Kaspersky security suite including VPN -GPS blocker – Encrypted E-Mail provider in ‘Panama’ who doesn’t screw up our PRIVACY!
Why Europe and the USA cancel the use for Kaspersky you think on government computers.
I don’t mind the Russians look at my stuff if they want or do so, atleast they are honest about it and don’t use the info against me. Anti Russian propaganda b*llCr*p! Like hackers need that stuff lol
Read George Orwell 1984, then atleast you know how it all ends for us in the west.
Dude, even the NSA has MUCH, MUCH, MUCH, MUCH, MUCH more respect for your privacy and security than do Russia or China. And Kaspersky has close ties to Russia’s FSB, and actively assists them. Kaspersky himself is former Russian Millitary intleligence, and graduated from a cryptography school supported by the KGB, and you are recommending him but worrying about people who graduated from Harvard and worked at CERN?
And China ranks worst in *the world* when it comes to internet freedom. Brazil is better, but even there they have banned What’s Ap and jailed a Facebook executive just because What’s Ap uses encryption which prevents the government from accessing user messages.
Panama isn’t a bad suggestion. But if you are paranoid about the NSA, under US law, there are very few restrictions on what they can do outside of the US. So I’d still rather use a service in a country like Switzerland, with strong legal privacy protections of it’s own.
There’s a synophobia and russophobia unjustified.
But you possibly…. can enumerate the wars, procuration wars, colored revolutions, assassinations, millions of families destroyed by those 2 countries…?
For some reason americans and british are world know has US of Assassins and there parents has United Killers.
I strongly suggest you to read your own History… everything is there!
Don’t forget to look for the fiscal paradises.
Happy hunting!
I think that after Snowden’s revelations, I can’t possibly agree with you vis a vis the NSA. That massive database they put together was *outside* the law. And you’ll notice that our top gvt. officials haven’t exactly said, ‘gee, Ed, thanks a bunch for showing us how egregiously outside the law our public officials have been operating. Time to give that man the Freedom Medal.’
To my mind, the poster’s alternatives are not meant to guarantee your absolute anonymity, but your anonymity vis a vis the NSA. If the poster’s intent is to say that Russia or China are less invasive, then I think you have a point.
As a person living in the US, it is the NSA I worry about, primarily. If I were in Russia, then I’d probably worry about their spying, first and foremost.
I understand your opinion and yet you give little detail as to why your opinion is proof of the noted email systems in question are so bad. Then, of course, you talk about “Panama hosting server”. Where are the details?
I was responding to the previous comment from “Anonymous”. They discounted my email provider selections, because they were based in Switzerland.
In regards to Panama or Russia — it depends on what type of service/privacy you are seeking out.
Sir, I am curious why you did not list or describe S-MAIL.com. It has been around for a while, and I’ve been interested in pursuing them, but the lack of mention in your assessment or any of the follow-on replies cause me pause. I am a relative novice on the topic.
S-Mail is located in US! US is proud member of 14 eyes Alliance!!!
Slying, lying, violating US CODES (laws). That’s these days USA. Current administration is doing the same.
Indeed an informative list – but a do not include some of the other remarkable players. However, it seriously is incomplete without the following player:
> https://mailfence.com/ (a pure end-to-end encryption service – that does not only provide confidentiality and integrity but also authentication via the capability of digital signatures, based on OpenPGP – it provides user full control over their keys and does it all in a very user-friendly manner)
Now, the ultimate tool when it comes to OpenPGP and end-to-end encryption – is always have been GnuPG, though the reason it never really get lifted up is due to its complexity in terms of usability from a typical user standpoint (however, implementations like Gpg4Win, GPGSuite, Seahorse does come in handy).
Lastly, the article is not bad at all, the only loose-end is not mentioning one of the key player. Nevertheless, it always drops down to one’s preferences and requirements (I personally use mailfence which is free, interoperable, without ads, completely locally hosted and provides an entire collaboration suite i.e. messages, contacts, calendar, documents, polls, tags ….)
Again, its a matter of personal preference and the extent to which one understand end-to-end encryption technologies (OpenPGP, S/MIME etc, which most of the people don’t) – that contributes in the rightness and wrongness of their online privacy decisions.
Hello there, try migadu.com, they are great and protect your privacy too. Free plan also avalable and you can use your own domain name.
https://www.migadu.com/procon/ This may come as a surprise, but we do not host our servers in Switzerland. Current data centers are located in (the 9 Eyes country) France. We may in the near future add Swiss data centers too but this is not our priority.
We find EU privacy laws much more elaborate and restrictive than the Swiss ones. Switzerland used to be famous for banking secrecy, but that has nothing to do with digital data.
I am looking for an email service where both sender and receiver download email service, emails are encrypted between sender and receiver, emails are not stored on the company’s servers, but are stored on users’ devices. Only two people have the email — sender and receiver. Once both delete the email it is gone. Any recommendations?
You can heck out decentralized messaging via bitmessage, or I2P-Bote.
These apps allow you send encrypted text messages: Telegram, TextSecure (Android) by Open Whisper Systems, Wickr (Android and iOS), Cryptocat (iOS),
Take it a step further and get control of your email with this easy-to-deploy mail server in a box. Mail-in-a-Box lets you become your own mail service provider in a few easy steps. It’s sort of like making your own gmail, but one you control from top to bottom. Technically, Mail-in-a-Box turns a fresh cloud computer into a working mail server. But you don’t need to be a technology expert to set it up. More: https://mailinabox.email/
https://www.thexyz.com supports both hardware and software token 2fa – https://twofactorauth.org/
What are your thoughts on a paid Google for Work email account. Google says it does not scan those accounts and there are no ads.
I did not see Sub Rosa at novo-ordo.com mentioned. Server is located in Panama, works with POP3, IMAP, or webmail over the clear web or the dark web, with no javascript. Lots of features. $34 per year so you know how they make their money.
a part of me still won’t trust it
Moved over to Thexyz last year… Privacy, reliability, etc. improvements aside — the iOS app alone is worth it.
Thanks for all the helpful info on your site —
but I’m very curious to know —
why is there no mention of StartMail in this article?
or at least in any Replies? article is dated 2014,
I think StartMail is officially released in 2015
I’ve had a fastmail account since they were fastmail.fm (pre-Opera),
but I’m always interested in possibly better alternatives.
TIA for sharing your perspective on StartMail.
* bump * Truly, would sincerely appreciate your assessment of StartMail,
as I requested a week ago. Just purchased a FastMail account for a client-friend,
but I have more stringent needs than what FastMail may be able to provide at this time.
Thank you for your Attention —
I haven’t tested StartMail — looks like a reasonable offering, but it doesn’t offer much more that Fastmail in terms of privacy. One interesting feature is the one‐click PGP encryption through the webmail client.
Startmail also offers Perfect Forward Secrecy, but Fastmail offers that too.
StartMail is located in Netherlands, 14 eyes country.
Senior citizen here. Ignorant today. Could use some advice about privacy. Years ago with dialup, I had IMAP-POP email and used Pegasus mail. Now I have hughesnet for satellite and use yahoomail because a former wireless provider didn’t provide an email address.
I’ve never used gmail, and I would like to get rid of yahoo. Given that I use hughesnet, what are my options of secure email services? I know that hughesnet will not work with VPNs because it uses its own proxy, but what about email?
If you want to get away from Gmail and Yahoo and keep your every day email reasonably private, Fastmail would be your best bet. For more privacy, Tutanota is one of the better encrypted email services.
Are there any secure email providers that allow you to have nested conversations (like Gmail)? I’m told you can do it via Thunderbird but I don’t like the idea of having my email stored on my computer.
Fastmail will group messages by thread, but it’s not fully threaded like Gmail.
Your mother gives transgenders a bad name
Hi there!
I just read your blog post about privacy conscious webmail service
and if it’s ok for you I would suggest you another website to add to the list.
I’m Niko, nice to meet you!
I’m the owner of “https://digitalenvelopes.email”, I’m a geek guy, FLOSS fanatic and a
linux system administrator. I made up this website to give a chance to my friends,
and actually to all the people that wanna try it, to use something different from big email providers.
We all know privacy is a big problem with big email providers 😉
It’s built 100% using open source software.
With digitalenvelopes.email you can choose between 3 different webmail interfaces
(Horde, Roundcube, Rainloop) and all of them come with the possibility to use pgp encryption,
although unencrypted messages can also be sent.
Horde, Roundcube, Rainloop are all at last version and keep updated.
There are six available domains.
An email is required to register, but registration is immediate so this can be a disposable one.
Although the service is technically ‘free’, digitalenvelopes.email is run just by me,
and therefore relies on donations.
Ads: no
Aliases: up to 5
Terminated if inactive for: 180 days
Encrypted by default: yes
Inbox size: 1GB but effectively unlimited (support for more)
POP/IMAP: yes
Based: Italy
Perfect Forward Secrecy: yes
Privacy policy (https://digitalenvelopes.email/blog/index.php/privacy-policy/)
Antivirus/spam filtering: Clam AV, SpamAssasin
User IP in mail headers: No (webmail & SMTP)
Signup through Tor: No
Max attachment: 50MB (support for more)
Severs in: France, Canada
Connection Security: TLS 1.2, AES256 GCM and SHA384 with ECDHE RSA
Beware of sigma.email! They are way too unreliable. I’ve been using them for a few weeks but have only got a handful of the emails that I was supposed to. Of course the most inconvenient and deadline oriented emails were the ones that were MIA. Same thing with Safe-mail.
“William Smith says
February 26, 2015 at 6:42 am
Try https://sigma.email , encrypts using AES 256 in transit and on server clusters with unknown random keys. Its free and unlimited space, users can have their own domains as well.”
I cant find any review on sigma.email. The interface looks really good along with calendar and note build in. Very nice layout overall on signmal email. i’m currently using runbox but the interface is out dated even for just simple thing as e-mailing. Filter in Runbox is a pain and it just not as handy as i want in sigma.
Before switching all my account to sigma i would like more review and reliability source of this server. Google and nothing came up.
Try https://sigma.email , encrypts using AES 256 in transit and on server clusters with unknown random keys. Its free and unlimited space, users can have their own domains as well.
I was using https://sigma.email and it seemed to work pretty well but it seems complete dead now. I just get
Error establishing a database connection
trying to access their server the last day or so.
lighten up for gods sake. what can someone get
from my email? the tons of porn solicitors and male enhancement offers?
jeez.
Your email account should be your most protected account, because hackers can use it to break into your other accounts. For example, a hacker can request password resets, and then click on the link in an email to complete the reset.
Also, companies can gain vast amount of personal information by scanning your email. They can then sell that information to other companies, and link all the information together.
Another great alternative is Posteo.de
It’s hosted in Germany and offers the latest security standards alongside a data frugality approach i.e. they don’t ask you for your name, adress or other unnecessary details, you can even have an anonymous account if you pay with cash, the service costs 1€/month which I find very reasonable.
If you are seeking trusted, hacker safe, secure encrypted communication features you don’t have to look further.
Emails stored on external servers are not secure. Binfer is a great way to send secure email. It does not store emails anywhere so is very secure. The link is http://www.binfer.com.
Another option to consider is hosting your own email by running Mailpile.
http://mailpile.is/
It focuses on encryption and a great web mail interface.
https://www.binfer.com/company/about-us/ Near the bottom of the page “Binfer has been listed as top 50 upcoming startups in Chicago.” USA is a 5 Eyes country.