Privacy-conscious email providers to keep your correspondence safe

  • ProtonMail

    Freemium Linux Web Android iPhone iPad Website

    ProtonMail is an encrypted webmail service created in 2013 at the European Organization for Nuclear Research (CERN). The service distinguishes itself from other mail providers (such as Small Gmail iconGmail and Small by allowing users to encrypt emails end-to-end. The service can be used via a web browser on a computer (via webmail) or via dedicated Small iOS iconiOS and Small Android iconAndroid applications. ProtonMail is managed by Proton Technologies AG, a company based in the canton of Geneva, Switzerland. Its servers are located at two locations in Switzerland, which is outside the jurisdiction of the United States and the European Union. As of December 2015, ProtonMail had 1 million users. Initially available by invitation only, the service has been open to all since March 2016. The service is also accessible through the Tor network.

    Location: Switzerland πŸ‡¨πŸ‡­
    Price: ProtonMail offers a free version and three paid plans from 5€ to 30€ a month.


    ProtonMail icon
  • Tutanota

    Freemium Mac Windows Linux Web Android ... iPhone iPad Self-Hosted F-Droid Website

    Tutanota automatically encrypts all data on your device. Your emails and contacts remain private. You can easily communicate with your friends through end-to-end encrypted emails. The subject and attachments of your emails are also encrypted. Tutanota uses open source encryption to secure your email account and is licensed under GPL v3 - essential for a security service. It being open source means that it allows security experts to verify the code that protects your emails.

    Location: Germany πŸ‡©πŸ‡ͺ
    Price: Tutanota offers a free version and a paid version at 1€ per month. You can also buy more storage and aliases.


    Tutanota icon
  • Posteo

    Commercial Web Website

    Posteo is an independent email provider for whom durability, security, data protection and ease of use are essential. Posteo operates entirely without advertising and 100% with the green energy provided by Greenpeace Energy. In the era of Internet surveillance, Posteo protects the privacy of its users with its innovative encryption and security concept.

    Location: Germany πŸ‡©πŸ‡ͺ
    Price: The service costs 1€ per month.


    Posteo icon
  • StartMail

    Commercial Web Website

    StartMail was launched in 2013 by Small Startpage iconStartpage / , whose reputation is well known. Its "mission" is to ensure the confidentiality of its members by allowing them to communicate privately, without being spied on by governments. After a beta version on Invitation, StartMail is accessible to everyone in paid version.

    Location: Netherlands πŸ‡³πŸ‡±
    Price: For individuals and businesses, the service costs $ 59.95 a year.


    StartMail icon
  • Mailfence

    Freemium Web Android iPhone Android Tablet iPad Website

    Mailfence is a messaging company that favours the respect of privacy by encrypting communications between your computer and its servers via an SSL certificate issued by a European company. Storage of data and backups takes place exclusively in Belgium. There is no activity monitoring, no backdoors to your account, and there is total control over its servers. The service claims to provide full protection against the NSA and PRISM.

    Location: Belgium πŸ‡§πŸ‡ͺ
    Price: Mailfence offers a free version and two paid versions starting from 2€50 per month.


    Mailfence icon
  • Disroot

    Free Web Website

    Disroot is a project based in Amsterdam, that is maintained by volunteers and depends on the support of its community. They offer 4GB of free storage, accept Bitcoin, and offer built in encryption. Disroot is definitely a company worth checking out, as they have a great platform with a tremendous amount of options.

    Location: Netherlands πŸ‡³πŸ‡±
    Price: Disroot is completely free


    Disroot icon
  • Kolab Now

    Commercial Web Software as a Service (SaaS) DAVdroid Website

    Kolab Now is another open-source email service with servers fully hosted and managed in Switzerland (just like Small ProtonMail iconProtonMail), so your private data is never read by any other party. The service targets small- and medium-sized enterprises, in particular those wishing to transmit privileged or confidential information by e-mail. Just like Small Posteo iconPosteo, Kolab Now makes money by billing its users directly and has two plans for an individual account. Other features include an integrated note-taking application, email tagging support, contacts and calendar, shared folders, and more.

    Location: Switzerland πŸ‡¨πŸ‡­
    Price: Two paid plans starting at $5 a month.


    Kolab Now icon

    Commercial Web Website

    Mailbox is a Germany-based provider of email messaging, calendars, storage space and document editing services. Document editing is a big plus: it replaces Small Google Drive iconGoogle Drive or Small Microsoft 365 iconMicrosoft 365's Microsoft Outlook.

    Location: Germany πŸ‡©πŸ‡ͺ
    Price: The service costs 1€ per month but offers a free 30-day trial version.

  • Runbox

    Commercial Web OpenPGP Website

    Runbox is an independent public company based in Oslo, Norway. The Runbox email service was launched in September 2000. The company in its present form was founded in March 2011 and is owned by employees and members of the Board of Directors (76.2% in 2014) and close associates. As a Norwegian public limited company, Runbox Solutions is regulated by strong Norwegian consumer and privacy laws.

    Location: Norway πŸ‡³πŸ‡΄
    Price: The service offers several packages starting from $19.95 a year.


    Runbox icon
  • Neomailbox

    Commercial Web Website

    Neomailbox is a fast, secure and reliable email service with IP anonymity, protection against spam and viruses, unlimited disposable addresses, and more.

    Location: Switzerland πŸ‡¨πŸ‡­
    Price: The service is charged from $49.95 per year (you can pay more for more storage).


    Neomailbox icon
  • OpenMailBox

    Freemium Web Website

    OpenMailBox is an online solution that offers the hosting of free e-mail addresses for a wide audience who want to benefit from a quality service driven by a free and independent philosophy. Protection of users' privacy is emphasized, which is why OpenMailBox makes every effort to guarantee the security of the data entrusted to them.

    Location: France πŸ‡«πŸ‡·
    Price: The service offers a free version as well as a paid plan at 4.99€ per month.


    OpenMailBox icon
  • CounterMail

    Commercial Web Website

    Countermail is another email service provider with several unique features. It uses the OpenPGP encryption protocol with 4096 keys to protect your data and also offers end-to-end encryption. It offers a secure USB stick option that makes it impossible to access your account without your USB stick being inserted into a USB port. CounterMail supports Linux, Mac OS X, and Windows. It also supports IMAP if you want to use your own email client.

    Location: Sweden πŸ‡ΈπŸ‡ͺ
    Price: You can try Countermail for free for a week, after which prices start at $6.33 a month.


    CounterMail icon
  • Riseup

    Free Web Website

    Riseup provides online communication tools for individuals and groups who advocate for liberating social change. It's a project to create democratic alternatives and practice self-determination by controlling your own secure means of communication.

    Location: USA πŸ‡ΊπŸ‡Έ
    Price: The service is completely free.

    Be aware that β€œServices based in the United States are not recommended because of the country’s surveillance programs, use of National Security Letters (NSLs) and accompanying gag orders, which forbid the recipient from talking about the request. This combination allows the government to secretly force companies to grant complete access to customer data and transform the service into a tool of mass surveillance.” –


    Riseup icon

If you need a very high level of privacy in your email, all of the above services have a good reputation when it comes to protecting your data. One of the reasons they're so brilliant is that even if governments wanted to search you for whatever reason and companies had to transmit your information by law, it would be virtually impossible for them to get past their encryption systems.

Finally, note that an e-mail sent in clear text to or from Small Gmail iconGmail (or any other unsecured email service) may be stored securely by ultra-secured mail, but it will remain stored on Gmail servers if the receiver is using it. To be truly secure, exchanges must be secure from end to end.

Comments on Privacy-conscious email providers to keep your correspondence safe

· Jul 2018 · Helpful Not helpful 5 Helpful Report as spam

It makes sense that a lot of these companies are Swiss-based since Switzerland is out of the 14 eyes and is not a member of EU.


· Jul 2018 · Helpful Not helpful 1 Helpful Report as spam

As pointed out by @anonsubmitter, US-based services are a concern, so RiseUp should be added to the list of risky picks for those with state-level interests.

There is a so-called "canary" warrant, of sorts, with some rather bizarre omissions, according to this self-published question on their canary page:

" Q: Why does the new Canary not mention gag orders, FISA court orders, National Security Letters, etc?

" A: Our initial Canary strategy was only harming users by freaking them out unnecessarily when minor events happened. A Canary is supposed to signal important risk information to users, but there is also danger in signaling the wrong thing to users or leading to general fear and confusion for no good reason. The current Canary is limited to significant events that could compromise the security of Riseup users. "

I am also less than impressed with RiseUp's "About Us" page, which does not give any real names for its "alumni", presumably staff. Nine identities are given under "the collective", and but under cutesy bird names, in Latin. Only one gives a contact method, via a GPG key. Given the recent exposure of GPG and other related crypto tools as fundamentally flawed, this suggests a rather casual approach to privacy.


A Crunchbase profile on RiseUp gives Micah Anderson as the founder, a rather shy individual who is alone among fellow directors over at privacy-focused Calyx Institute in not having a board photo. Makes sense for a privacy guy .. I guess?


Finally, there are questions raised about RiseUp operating a TOR exit node, here .. .. PDF may take a moment or three to load. Search ctrl+F to search for RiseUp.


Thank you. I added a warning about RiseUp and any other US-based service.

Update: As might be expected, there are several rabbit holes to dive down into.

In the interests of fairness, here is an article claiming to debunk the last link from Arxiv:

The debunker criticises the many spelling and grammatical errors, but as the lead author is French I found that less interesting than the fact that the debunker article does not make any reference to Micah Anderson (mentioned in my comment above).

For those wanting to read more - and whether or not they should trust RiseUp and its involvement with TOR nodes, see author Yasha Levine at:

For a bit more back and forth on Levine's book:

· Jul 2018 · Helpful Not helpful Report as spam

Fantastic and insightful list, also very timely. Thank you, POX!


· Jul 2018 · Helpful Not helpful Report as spam is another

he seems to be a privacy / security focused kid (and probably a 4channer)


lavabit is another; they claim to be the first

The guy who runs is an American citizen, so even though he has moved to Romania, still follows US laws. There was a recording that he operator of posted in one of his transparency reports that pretty much shows that is within jurisdiction for US gag orders (though he found a workaround for now by having him take the call about the subpoena and gag order while he was live on Mumble and broadcasted it to everyone on his Mumble server). And if it's under US jurisdiction it's also vulnerable to National Security Letters.

There is also a small amount of logging:
The IP logging isn't a deal breaker for me, but the email service technically being under American jurisdiction is.

Lavabit is based in the US and is thus vulnerable to National Security Letters and gag orders. A National Security Letter is a legal demand from a law enforcement agency, for example "give us backdoor access to your online service". A gag order means that disclosing information about a specific law enforcement request is illegal for the website operator. Both of these were experienced by Lavabit and led to them having to shut down in the first place. and Lavabit are not bad email services, quite the opposite. They are however under an extremely bad legal jurisdiction.

· Aug 2018 · Helpful Not helpful Report as spam

Thanks @Pox for the overview. Just noticed that Tutanota is now also available on F-Droid, which is great if you want to move away from Google:


Yes it's great, we recently tweeted about that. :)

· Aug 2019 · Helpful Not helpful Report as spam

So, do you plan on adding Small Librem Mail iconLibrem Mail ?

The reason I ask is because the whole Librem suite seems pretty new. Saw it 'advertised' on your Twitter and I'm wondering what the word on the street about them is, given that their website honestly seems barren of important info regarding their products.

At $7.99/monthly for the whole suite -- mail + VPN + social network + chat -- they seem like a really great option, if only I knew more!

So, POX, any thoughts? Thanks in advance for all the contributions you make to this community.

EDIT: while we're on the subject: how the H do I get in touch with someone from the Librem One team? I can't see a contact e-mail ANYWHERE on their website. Cheers!

[Edited by coralinecastell, August 25]


I haven't used Librem One with Librem Mail yet, but yes I might add it to this list if it's proven to be a good secure and privacy-focused email service.
I think you can contact them on their website.

Thank you so much, POX! I somehow missed that section.

· Jul 2018 · Helpful Not helpful -3 Helpful Report as spam

You forgot Yahoo! :))


No I didn't forget. Yahoo is not what you would call a secure and privacy-conscious email provider. :)

(The ":))" indicates that it was a joke!)

I wasn't sure but I figured it was a pun. :)

Sign up to comment, it's simple!