In this article on secure privacy email options, we look at different ways to make your email more, well … secure and private. We pay close attention to the relatively new breed of end-to-end encrypted web messaging services, but we are also studying the pros and cons of more traditional alternatives.
Email is neither private nor secure
As a technology, email was not designed for privacy or security. In fact, the need for such an approach never crossed the minds of the early pioneers of networking. So when it later became apparent that Internet consumers were unwilling to pay for the extremely expensive and complex technologies they use everyday and with barely a second thought, email providers had a easy way to monetize their services.
The most successful business model was developed by Google, which realized that an individual's personal data was extremely valuable. The more you collect, the more valuable it is.
After all, if you have a good idea of what a person likes and dislikes, where they go, what their hobbies are, and who they hang out with, it's easy to target them with products and services it is. likely to be interested in purchasing. Cha Ching!
In addition to using its search engine to track user interests, Google analyzes all emails sent through its Gmail service. Note that this means not only emails belonging to Gmail users, but all emails sent to Gmail users from other email services!
In 2017, Google made a somewhat sincere announcement that it would no longer scan emails to target users with personalized ads, but that doesn't mean it stopped scanning emails to other purposes. Its intelligent response function based on the much-vaunted artificial intelligence undoubtedly proves it, as does its complete list of everything you have bought from any online retailer since 2015!
Whatever the situation with Google, it is normal for email services to analyze user emails for advertising purposes.
And what can be collected for advertising revenue is also extremely valuable for “collecting all” security agencies such as the NSA.
Google has been cooperating with the NSA to spy on its users for years and only stopped when it was caught in its pants by Edward Snowden's revelations in 2013. Or at least, complaints to have stopped. Yahoo, on the other hand, continued to betray its users to the NSA until at least October 2016.
Pay for it!
As the old saying goes, “if you don't pay for a product, then you are the product.”
There are free secure messaging services out there, but they often have data limits and don't include all of the features offered by the premium version of the service.
Running an email service costs a lot of money and time, so you need to look very carefully at how that service is funded. Services like RiseUp and Autistici are run by politically motivated activists and are primarily designed to ensure the privacy of like-minded activists.
These services are ready to suffer a financial loss thanks to the political ideology of their founders. As such, they are small and not very well funded. Users should definitely consider donating to them if they can afford it.
PGP encrypted emails can be sent securely via any regular email service, but the simple reality is that very few of your contacts (if any) will also use PGP. This means that you will still need a private messaging service for daily use…
All browser-based encryption is not secure
Indeed, a compromised server or a man-in-the-middle attack can send compromised encryption keys both to you and to your recipient's browsers.
Does this make webmail services useless? No. It all depends on your threat model. For most users, they are probably fine. But no webmail service will be as secure as using PGP with a dedicated email client.
If you access an encrypted webmail service through its mobile app or a dedicated email client only (i.e. do not via a browser), this problem does not apply.
Use the signal instead
I recently came to the conclusion that email is fundamentally insecure. The things we want from email and an email system are not easily compatible with encryption. I advise people who want communications security not to use email, but rather to use an encrypted message client like OTR or Signal.
Encrypted email applications are much easier to use than PGP (what is not ?!), and are much more secure than any type of email. The signal messenger is widely regarded as the safest way to communicate with another person you have imagined, unless you whisper something in their ear.
Signal is therefore the best solution currently available to secure the real content of messages. OTR is also a good option for desktop users.
End-to-end (e2e) privacy messaging services
Why use a privacy-focused email service?
If you need a conversation to be as private as possible, then use Signal instead of email. But e-mail does not disappear and remains the most popular means of communication on the planet. Using a private and secure messaging service of the type described below means:
- The service will not analyze your emails (for advertising or any other purpose)
- They use end-to-end encryption (e2ee). You encrypt and decrypt your emails on your own device so that neither your email provider nor the NSA can access them.
- No ads
The best private messaging services
ProtonMail was the first of a “new wave” of post-Snowden web mail services that aims to provide all the functionality of Gmail and its ilk, but respect user privacy and provide full end-to-end encryption (e2ee) for emails.
Users can send encrypted email to anyone, and they can also reply securely.
ProtonMail is based in Switzerland, which has strict privacy laws and is outside the direct area of influence of the NSA and GCHQ. Being based there is therefore generally considered a strong characteristic of the service.
The recently passed government surveillance laws are worrisome, however, and despite ProtonMail's assurances, it is still unclear whether these laws affect services such as ProtonMail.
The good news is that ProtonMail introduced full support for OpenPGP in 2018. This means that users can send PGP encrypted emails to non-ProtonMail contacts and open PGP encrypted emails sent to their ProtonMail account. .
Please see our ProtonMail review for an in-depth review of this service.
Tutanota is similar in many ways to ProtonMail, they are based in Germany. He has strict privacy laws, but also practices extensive surveillance on his own, provides the basis for the vast European operations of the NSA, and is known to collaborate with the NSA. But all emails are stored encrypted e2e, so this should not matter.
Tutanota encrypts messages with AES-128 encryption, an RSA-2048 handshake and perfect transmission secret, rather than using PGP. This allows it to encrypt the subject lines of emails when they are sent to other Tutanota users, but it does mean that the system is not interoperable with “regular” PGP users.
Also based in Germany, Posteo is a somewhat different beast from Tutanota and ProtonMail. It is a secure messaging service which encrypts its server connections with TLS (using DANE and complete confidentiality) and stores all e-mails on AES encrypted hard disks (unknown key size ).
By default, Posteo is not an e2e encrypted service. Encryption of e2e emails is however supported via OpenPGP and S / MIME support “in one click” in the browser. Recipients must have the same type of encryption software installed on their computers (OpenPGP or S / MIME, as the case may be), but do not necessarily have to be Posteo users.
Posteo also maintains its own PGP key directory, which is more private than conventional PGP key servers. The Roundcube Web interface works well in mobile browsers, but Posteo does not have dedicated mobile applications. However, IMAP support means that third-party messaging applications can be used with the service.
In 2013, this service proved itself by respecting the police requirements regarding the identity of a Posteo account holder who is supposed to use the service for illicit purposes. The fact that it does not store any data on the identity of its customers has made it impossible to transmit this information.
Mailfence is based in Belgium, a country with strict privacy laws and no history of cooperation with the NSA and GCHQ. ISPs are required to keep complete general data, but access to this data is strictly regulated and requires a guarantee.
Mailfence uses easy “one-click” OpenPGP encryption to secure emails and emails sent to other Mailfence users are encrypted automatically (and do not leave Mailfence servers).
Emails to non-members can be sent encrypted by PGP, or sent unencrypted but digitally signed with a PGP key. Alternatively, symmetrically encrypted emails can be sent to non-PGP users using a shared secret to secure them.
And since Mailfence uses a standard implementation of OpenPGP with full key management available, the service is interoperable with “regular” PGP users. The mailbox runs its own key server. PGP keys are generated in the browser and stored on Mailfence servers using AES-256 encryption.
Browser-based PGP encryption is open source, but much of the backend environment is closed source. Deleted messages are kept for two weeks for backup purposes. More worryingly, Mailfence records all email metadata, including “IP addresses, message IDs, addresses of senders and recipients, subjects, browser versions, countries and timestamps”.
A big advantage of this service is that it provides secure and exportable calendars and secure document storage.
Unfortunately, Mailfence currently does not offer any mobile apps, although messages can be synchronized with iOS and Android devices using Microsoft Exchange ActiveSync and supports POP and IMAC means that you can use third-party applications with the service (paid users only). It also offers a reduced web interface specially designed for mobile devices.
StartMail is a privacy-focused email service operated by people who also run the StartPage privacy search engine.
Due to its integrated use of PGP, StartMail is fully interoperable with other PGP users. It is also possible to send encrypted emails to non-PGP users, who must know a secret chosen by you to open the email.
This is not made easier by the fact that StartPage uses a mixture of open source and closed source components.
StartMail is based in the Netherlands. Like Switzerland, it is a country traditionally considered privacy-friendly, but which has recently passed alarming new surveillance laws.
One thing we really like about StartMail is the ability to create unlimited disposable email addresses. There are no dedicated mobile apps, but full IMAP and SMTP support means you can use any third-party messaging app with the service.
Like Tutanota, mailbox.org is based in Germany. He has strict privacy laws, but also practices extensive surveillance on his own, provides the basis for the vast European operations of the NSA, and is known to collaborate with the NSA.
PGP encryption can be done on the server side for convenience, but not end-to-end. mailbox.org alleviates this problem by also requiring a password to access encrypted email, which is only known to the account user. A certain level of confidence is however still necessary.
Alternatively, you can encrypt e2e PGP emails in your browser using the Mailvelope browser add-on, which has been preconfigured to work with mailbox.org without requiring other configuration steps.
All sent and received emails are optionally stored in a PGP encrypted Guard mailbox. Unencrypted emails are still vulnerable to interception during transit, but must be secured at rest. As with its full PGP server-side encryption of individual emails, Guard mailboxes are further secured by a password that only the user knows.
There are no mobile apps, but mailbox.org supports IMAP and POP for use with third-party messaging apps. Contacts and calendars can be synchronized on mobile via ActiveSync.
Disroot and Runbox are privacy-friendly email services that store emails on encrypted hard drives. However, they do not offer any form of end-to-end encryption. Kolab Now is also a privacy-friendly email service, but does not store encrypted emails.
When we published this article about three years ago, the recently resurrected Lavabit service looked promising. However, most of the promised privacy and security features have yet to materialize, and we have a hard time recommending a service based in the United States (as fairly dramatically evidenced by Lavabits' own initial demise!).
Fairly good confidentiality (PGP)
PGP was developed as a secure email encryption protocol, and although the original standard is no longer open source (it is now owned by Symantec), the Free Software Foundation took over the open source banner in the form of 100% interoperable OpenPGP Standard.
The most traditional (and still the safest) way to use PGP is GNU Privacy Guard (also known as GnuPG or simply GPG). This is available for Windows, macOS and Linux, with a standalone email client such as Claw-Mail or Thunderbird.
Although the base program uses a simple command line interface, more sophisticated versions are available for Windows (Gpg4win) and Mac (GPGTools). We have a guide to secure your email with the Gpg4win guide somewhere else. It may be worth reading it to understand how OpenPGP works.
Note that with PGP, the metadata – sender and recipient email addresses, date and time of sending, and subject line of the email – are not encrypted. Just the body and the attachments. And any service that wishes to be compatible with PGP will necessarily have the same limitations.
Another problem with PGP is that it doesn't use Perfect Forward Secrecy (PFS). Thus, once the keys of an encrypted email are broken, all other emails encrypted using the same keys will also be compromised. This is an area where e2e PGP web messaging services shine because the use of Diffie-Hellman or ECDE key exchanges in their TLS connections introduces PFS.
We should note that this is an issue that affects all implementations of PGP, including the email providers listed in this article.
Postal envelope – making PGP easier
A casual look through our Gpg4win Guide will fully demonstrate why PGP failed to speak to the public. It is complex to the point of being confusing and difficult to understand. Most of the e2e webmail services listed above use PGP, but aim to make it as user-friendly and “dumb-proof” as possible.
In this, they are largely successful, but at a safe price. As already discussed, browser-based cryptography is deeply flawed. There is however a third option which offers a kind of “middle way”.
Mailvelope is an OpenPGP browser plugin which is a lot easier to use than the more traditional configuration (although it is not as simple as one-click webmail solutions).
A more extreme option for all of the above is to self-host your own mail server. This can be done on your own PC or on a rented server. This pretty much guarantees that Google and other large companies won't be spying on your emails (at least directly – they will still be able to read unencrypted emails sent to other users of their services) .
Setting up and maintaining your own mail server, however, is a non-trivial job, even for the most technically inclined. And it is even more difficult to guarantee its safety. In fact, if not done correctly, running your own mail server can be very dangerous, as it can provide a false sense of security.
That's not to say it's impossible, and there are certainly privacy fanatics who swear by self-hosting their email. This is certainly a topic on which we could write a guide at some point in the future!
Software such as Post box and Mailcow make work easier by automating the process, but for maximum security, you need to build your own server from scratch (so to speak). Great tutorials on how to do it can be found here and here.