<strong>Our recommended providers operate outside of the US, adopt modern email technology, and meet <ahref="/providers/email/#criteria">our other criteria</a> for listing.</strong> We also have a <ahref="https://privacywiki.org/view/Comparison_of_email_providers#Provider_comparison">detailed comparison table</a> of the below providers on the wiki.
<p><strong><ahref="https://protonmail.com">ProtonMail.com</a></strong> is an email service with a focus on privacy, encryption, security, and ease of use. They have been in operation since <strong>2013</strong>. ProtonMail is based in Genève, <spanclass="flag-icon flag-icon-ch"></span> Switzerland. Accounts start with 500 MB storage with their free plan.</p>
<p>Free accounts have some limitations, such as not being able to search body text and not having access to <ahref="https://protonmail.com/bridge">ProtonMail Bridge</a>, which is required to use a <ahref="/software/email">recommended desktop email client</a> (e.g. Thunderbird). Paid accounts are available starting at <strong>€48/y</strong> which include features like ProtonMail Bridge, additional storage, and custom domain support.</p>
<p>Paid ProtonMail users can use their own domain with the service. <ahref="https://protonmail.com/support/knowledge-base/catch-all/">Catch-all</a> addresses are supported with custom domains for Professional and Visionary plans. ProtonMail also supports <ahref="https://protonmail.com/support/knowledge-base/creating-aliases/">subaddressing</a>, which is useful for users who don't want to purchase a domain.</p>
<p>ProtonMail supports <ahref="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a><ahref="https://protonmail.com/support/knowledge-base/two-factor-authentication/">two factor authentication</a> only. The use of a <ahref="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key is not yet supported. ProtonMail is planning to implement U2F upon completion of their <ahref="https://reddit.com/comments/cheoy6/comment/feh2lw0/">Single Sign On (SSO)</a> code.</p>
<p>ProtonMail has <ahref="https://protonmail.com/blog/zero-access-encryption">zero access encryption at rest</a> for your emails, <ahref="https://protonmail.com/blog/encrypted-contacts-manager">address book contacts</a>, and <ahref="https://protonmail.com/blog/protoncalendar-security-model">calendars</a>. This means the messages and other data stored in your account are only readable by you. </p>
<p>ProtonMail has <ahref="https://protonmail.com/support/knowledge-base/how-to-use-pgp">integrated OpenPGP encryption</a> in their webmail. Emails to other ProtonMail users are encrypted automatically, and encryption to non-ProtonMail users with an OpenPGP key can be enabled easily in your account settings. They also allow you to <ahref="https://protonmail.com/support/knowledge-base/encrypt-for-outside-users">encrypt messages to non-ProtonMail users</a> without the need for them to sign up for a ProtonMail account or use software like OpenPGP.</p>
<p>ProtonMail also supports the discovery of public keys via HTTP from their <ahref="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a>. This allows users outside of ProtonMail to find the OpenPGP keys of ProtonMail users easily, for cross-provider E2EE.</p>
<p>ProtonMail's login and services are accessible over Tor, <ahref="https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion/">protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion</a></p>
<p>ProtonMail offers a "Visionary" account for €24/Month, which also enables access to ProtonVPN in addition to providing multiple accounts, domains, aliases, and extra storage.</p>
<p><strong><ahref="https://mailbox.org">Mailbox.org</a></strong> is an email service with a focus on being secure, ad-free, and privately powered by 100% eco-friendly energy. They have been in operation since <strong>2014</strong>. Mailbox.org is based in Berlin, <spanclass="flag-icon flag-icon-de"></span> Germany. Accounts start with 2 GB of storage, which can be upgraded as needed.</p>
<p>Mailbox.org lets users use their own domain and they support <ahref="https://kb.mailbox.org/display/MBOKBEN/Using+catch-all+alias+with+own+domain">catch-all</a> addresses. Mailbox.org also supports <ahref="https://kb.mailbox.org/display/BMBOKBEN/What+is+an+alias+and+how+do+I+use+it">subaddressing</a>, which is useful for users who don't want to purchase a domain.</p>
<p>Mailbox.org doesn't accept Bitcoin or any other cryptocurrencies as a result of their payment processor BitPay suspending operations in Germany. However, they do accept Cash by mail, cash payment to bank account, bank transfer, credit card, PayPal and couple of German-specific processors: paydirekt and Sofortüberweisung.</p>
<p>Mailbox.org supports <ahref="https://kb.mailbox.org/display/MBOKBEN/How+to+use+two-factor+authentication+-+2FA">two factor authentication</a> for their webmail only. You can use either <ahref="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> or a <ahref="https://en.wikipedia.org/wiki/YubiKey">Yubikey</a> via the <ahref="https://www.yubico.com/products/services-software/yubicloud">Yubicloud</a>. Web standards such as <ahref="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> and <ahref="https://en.wikipedia.org/wiki/WebAuthn">WebAuthn</a> are not yet supported.</p>
<p>Mailbox.org allows for encryption of incoming mail using their <ahref="https://kb.mailbox.org/display/MBOKBEN/The+Encrypted+Mailbox">encrypted mailbox</a>. New messages that you receive will then be immediately encrypted with your public key.</p>
<p>However, <ahref="https://en.wikipedia.org/wiki/Open-Xchange">Open-Exchange</a>, the software platform used by Mailbox.org, <ahref="https://kb.mailbox.org/display/BMBOKBEN/Encryption+of+calendar+and+address+book">does not support</a> the encryption of your address book and calendar. A <ahref="/software/calendar-contacts/">standalone option</a> may be more appropriate for that information.</p>
<p>Mailbox.org has <ahref="https://kb.mailbox.org/display/MBOKBEN/Send+encrypted+e-mails+with+Guard">integrated encryption</a> in their webmail, which simplifies sending messages to users with public OpenPGP keys. They also allow <ahref="https://kb.mailbox.org/display/MBOKBEN/My+recipient+does+not+use+PGP">remote recipients to decrypt an email</a> on Mailbox.org's servers. This feature is useful when the remote recipient does not have OpenPGP and cannot decrypt a copy of the email in their own mailbox.</p>
<p>Mailbox.org also supports the discovery of public keys via HTTP from their <ahref="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a>. This allows users outside of Mailbox.org to find the OpenPGP keys of Mailbox.org users easily, for cross-provider E2EE.</p>
<p>You can access your Mailbox.org account via IMAP/SMTP using <ahref="https://kb.mailbox.org/display/MBOKBEN/The+Tor+exit+node+of+mailbox.org">their .onion service</a>. However, their webmail interface cannot be accessed via their .onion service, and users may experience TLS certificate errors.</p>
<p>All accounts come with limited cloud storage that <ahref="https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive">can be encrypted</a>. Mailbox.org also offers the alias <ahref="https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely">@secure.mailbox.org</a>, which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports <ahref="https://en.wikipedia.org/wiki/Exchange_ActiveSync">Exchange ActiveSync</a> in addition to standard access protocols like IMAP and POP3.</p>
<p><strong><ahref="https://posteo.de">Posteo.de</a></strong> is an email provider that focuses on anonymous, secure, and private email. Their servers are powered by 100% sustainable energy. They have been in operation since <strong>2009</strong>. Posteo is based in <spanclass="flag-icon flag-icon-de"></span> Germany and has a free 14-day trial. Posteo comes with 2 GB for the monthly cost and an extra gigabyte can be purchased for €0.25 per month.</p>
<p>Posteo does <ahref="https://posteo.de/en/site/faq">not allow the use of custom domains</a>, however users may still make use of <ahref="https://posteo.de/en/help/what-is-an-email-alias">subaddressing</a>.</p>
<p>Posteo does not accept Bitcoin or other cryptocurrencies as a form of payment, however they do accept cash-by-mail. They also accept credit/debit cards, bank transfers, and PayPal, and remove PII (personally identifiable information) <ahref="https://posteo.de/en/site/payment">that they receive</a> in connection with these payment methods.</p>
<p>Posteo supports <ahref="https://posteo.de/en/help/what-is-two-factor-authentication-and-how-do-i-set-it-up">two factor authentication</a> for their webmail only. You can use either <ahref="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> a <ahref="https://en.wikipedia.org/wiki/YubiKey">Yubikey</a> with TOTP. Web standards such as <ahref="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> and <ahref="https://en.wikipedia.org/wiki/WebAuthn">WebAuthn</a> are not yet supported.</p>
<p>Posteo has <ahref="https://posteo.de/en/site/encryption#cryptomailstorage">zero access encryption</a> for email storage. This means the messages stored in your account are only readable by you.</p>
<p>Posteo also supports the encryption of your <ahref="https://posteo.de/en/site/features#featuresaddressbook">address book contacts</a> and <ahref="https://posteo.de/en/site/features#featurescalendar">calendars</a> at rest. However, Posteo still uses standard <ahref="https://en.wikipedia.org/wiki/CalDAV">CalDAV</a> and <ahref="https://en.wikipedia.org/wiki/CardDAV">CardDAV</a> for calendars and contacts. These protocols do not support <ahref="https://en.wikipedia.org/wiki/End-to-end_encryption">E2EE (End-To-End Encryption)</a>. A <ahref="/software/calendar-contacts/">standalone option</a> may be more appropiate.</p>
<p>Posteo has <ahref="https://posteo.de/en/site/encryption#pgp_webmailer">integrated encryption</a> in their webmail, which simplifies sending messages to users with public OpenPGP keys. They also support the discovery of public keys via HTTP from their <ahref="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a>. This allows users outside of Posteo to find the OpenPGP keys of Posteo users easily, for cross-provider E2EE.</p>
<p>Posteo allows users to <ahref="https://posteo.de/en/help/does-posteo-offer-mailing-lists">set up their own mailing lists</a>. Each account can create one list for free.</p>
<p><strong><ahref="https://disroot.org/en/services/email">Disroot</a></strong> offers email amongst <ahref="https://disroot.org/en/#services">other services</a>. The service is maintained by volunteers and its community. They have been in operation since <strong>2015</strong>. Disroot is based in <spanclass="flag-icon flag-icon-nl"></span> Amsterdam. Disroot is free and uses open source software such as Rainloop to provide service. Users support the service through donations and buying extra storage. The mailbox limit is 1 GB, but extra storage can be purchased 0.15€ per GB per month paid yearly.</p>
<p>Disroot lets users use their own domain. They have aliases, however you must <ahref="https://disroot.org/en/forms/alias-request-form">manually apply</a> for them.</p>
<p>Disroot accepts Bitcoin and Faircoin as payment methods. They also accept PayPal, direct bank deposit, and Patreon payments. Disroot is a not-for-profit organization that also accepts donations through Liberapay, Flattr, and Monero, but these payment methods cannot be used to purchase services.</p>
<p>Disroot supports <ahref="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> two factor authentication for webmail only. They do not allow <ahref="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key authentication.</p>
<p>Disroot uses full disk encryption. However, it doesn't appear to be "zero access", meaning it is technically possible for them to decrypt the data they have.</p>
<p>Disroot also uses the standard <ahref="https://en.wikipedia.org/wiki/CalDAV">CalDAV</a> and <ahref="https://en.wikipedia.org/wiki/CardDAV">CardDAV</a> protocols for calendars and contacts, which do not support E2EE. A <ahref="/software/calendar-contacts/">standalone option</a> may be more appropriate.</p>
<p>Disroot allows for encrypted emails to be sent from their webmail application using OpenPGP. However, Disroot has not integrated a <ahref="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a> for users on their platform.</p>
<p>They offer <ahref="https://disroot.org/en/#services">other services</a> such as NextCloud, XMPP Chat, Etherpad, Ethercalc, Pastebin, Online polls and a Gitea instance. They also have an app <ahref="https://f-droid.org/packages/org.disroot.disrootapp/">available in F-Droid</a>.</p>
<p><strong><ahref="https://tutanota.com">Tutanota.com</a></strong> is an email service with a focus on security and privacy through the use of encryption. Tutanota has been in operation since <strong>2011</strong> and is based in Hanover, <spanclass="flag-icon flag-icon-de"></span> Germany. Accounts start with 1GB storage with their free plan.</p>
<p>Tutanota <ahref="https://tutanota.com/faq/#imap">doesn't allow</a> the use of third-party <ahref="/software/email/">email clients</a>. There are plans to allow Tutanota pull email from <ahref="https://github.com/tutao/tutanota/issues/544">external email accounts</a> using the <ahref="https://en.wikipedia.org/wiki/Internet_Message_Access_Protocol">IMAP</a> protocol. <ahref="https://github.com/tutao/tutanota/issues/630">Email import</a> is currently not possible.</p>
<p>Emails can be exported <ahref="https://tutanota.com/howto#generalMail">individually or by bulk selection</a>. Tutanota does not allow for <ahref="https://github.com/tutao/tutanota/issues/927">subfolders</a> as you might expect with other email providers.</p>
<p>Tutanota is working on a <ahref="https://tutanota.com/blog/posts/desktop-clients/">desktop client</a> and they have an app <ahref="https://f-droid.org/packages/de.tutao.tutanota">available in F-Droid</a>. They also have their app in conventional stores such as <ahref="https://apps.apple.com/us/app/tutanota/id922429609">App Store</a> on iOS and <ahref="https://play.google.com/store/apps/details?id=de.tutao.tutanota">Google Play</a> for Android.</p>
<p>Paid Tutanota accounts can use up to 5 <ahref="https://tutanota.com/faq#alias">aliases</a> and <ahref="https://tutanota.com/faq#custom-domain">custom domains</a>. Tutanota doesn't allow for <ahref="https://tutanota.com/faq#plus">subaddressing (plus addresses)</a>, but you can use a <ahref="https://tutanota.com/howto#settings-global">catch-all</a> with a custom domain.</p>
<p>Tutanota supports <ahref="https://tutanota.com/faq#2fa">two factor authentication</a>. Users can either use <ahref="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> or <ahref="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a>. U2F support is <ahref="https://github.com/tutao/tutanota/issues/443">not yet available on Android</a>.</p>
<p>Tutanota has <ahref="https://tutanota.com/faq#what-encrypted">zero access encryption at rest</a> for your emails, <ahref="https://tutanota.com/faq#encrypted-address-book">address book contacts</a>, and <ahref="https://tutanota.com/faq#calendar">calendars</a>. This means the messages and other data stored in your account are only readable by you. </p>
<p>Tutanota <ahref="https://www.tutanota.com/faq/#pgp">does not use OpenPGP</a>. Tutanota users can only receive encrypted emails when external users send them through a <ahref="https://www.tutanota.com/howto/#encrypted-email-external">temporary Tutanota mailbox</a>.</p>
<p>Tutanota <ahref="https://github.com/tutao/tutanota/issues/198">does have plans</a> to support <ahref="https://autocrypt.org">AutoCrypt</a>. This would allow for external users to send encrypted emails to Tutanota users as long as their email client supports the AutoCrypt headers.</p>
<p>Tutanota offers the business version of <ahref="https://tutanota.com/blog/posts/secure-email-for-non-profit">Tutanota to non-profit organizations</a> for free or with a heavy discount.</p>
<p>Tutanota also has a business feature called <ahref="https://tutanota.com/secure-connect/">Secure Connect</a>. This ensures customer contact to the business uses E2EE. The feature costs €240/y.</p>
<p><strong><ahref="https://startmail.com">StartMail.com</a></strong> is an email service with a focus on security and privacy through the use of standard OpenPGP encryption. StartMail has been in operation since <strong>2014</strong> and is based in Boulevard 11, Zeist <spanclass="flag-icon flag-icon-nl"></span> Netherlands. Accounts start with 10GB. They offer a 30-day trial.</p>
<p>Personal accounts can use <ahref="https://support.startmail.com/hc/en-us/articles/360007297457-Aliases">Custom or Generated</a> aliases. Business accounts can use <ahref="https://support.startmail.com/hc/en-us/articles/360006840058">Domain aliases</a>.</p>
<p>StartMail accepts Visa, MasterCard, American Express and Paypal. StartMail also has other <ahref="https://support.startmail.com/hc/en-us/articles/360006620637-Payment-methods">payment options</a> such as Bitcoin (currently only for Personal accounts) and SEPA Direct Debit for accounts older than a year.</p>
<p>StartMail supports <ahref="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> two factor authentication <ahref="https://support.startmail.com/hc/en-us/articles/360006682158-Two-factor-authentication-2FA">for webmail only</a>. They do not allow <ahref="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key authentication.</p>
<p>StartMail has <ahref="https://www.startmail.com/en/whitepaper/#_Toc458527835">zero access encryption at rest</a>, using their "user vault" system. When a user logs in, the vault is opened, and the email is then moved to the vault out of the queue where it is decrypted by the corresponding private key.</p>
<p>StartMail supports importing <ahref="https://support.startmail.com/hc/en-us/articles/360006495557-Import-contacts">contacts</a> however, they are only accessible in the webmail and not through protocols such as <ahref="https://en.wikipedia.org/wiki/CalDAV">CalDAV</a>. Contacts are also not stored using zero knowledge encryption, so a <ahref="/software/calendar-contacts/">standalone option</a> may be more appropriate.</p>
<p>StartMail has <ahref="https://support.startmail.com/hc/en-us/sections/360001889078-Encryption">integrated encryption</a> in their webmail, which simplifies sending messages to users with public OpenPGP keys.</p>
<p>StartMail allows for proxying of images within emails. If a user allows the remote image to be loaded, the sender won't know what the user's IP address is.</p>