mirror of
https://github.com/privacyguides/privacyguides.org
synced 2024-12-11 20:33:31 +01:00
236 lines
25 KiB
HTML
236 lines
25 KiB
HTML
<h1 id="email" class="anchor"><a href="#email"><i class="fas fa-link anchor-icon"></i></a> Recommended Email Services</h1>
|
|
|
|
<div class="alert alert-success" role="alert">
|
|
<strong>Our recommended providers operate outside of the US, adopt modern email technology, and meet <a href="/providers/email/#criteria">our other criteria</a> for listing.</strong> We also have a <a href="https://wiki.privacytools.io/view/Comparison_of_email_providers#Provider_comparison">detailed comparison table</a> of the below providers on the wiki.
|
|
</div>
|
|
|
|
<div class="container-fluid">
|
|
|
|
<div class="row mb-2">
|
|
<div class="col-lg-3 col-sm-12 pt-lg-5">
|
|
<img
|
|
src="/assets/img/svg/3rd-party/protonmail.svg"
|
|
height="70"
|
|
width="200"
|
|
class="img-fluid d-block mr-auto ml-auto align-middle"
|
|
alt="ProtonMail">
|
|
</div>
|
|
<div class="col">
|
|
<h2 id="protonmail" class="anchor"><a href="#protonmail"><i class="fas fa-link anchor-icon"></i></a> ProtonMail <span class="badge badge-info">Free</span></h2>
|
|
<p><strong><a href="https://protonmail.com">ProtonMail.com</a></strong> is an email service with a focus on privacy, encryption, security, and ease of use. They have been in operation since <strong>2013</strong>. ProtonMail is based in Genève, <span class="flag-icon flag-icon-ch"></span> Switzerland. Accounts start with 500 MB storage with their free plan.</p>
|
|
|
|
<p>Free accounts have some limitations and do not allow the use of the <a href="https://protonmail.com/bridge">ProtonMail Bridge</a>, which is required to use a <a href="/software/email">recommended email client</a> (e.g. Thunderbird) or to search email by body text. Paid accounts are available starting at <strong>€48/Year</strong> which include features like ProtonMail Bridge, additional storage, custom domain support, and more. The webmail and mobile apps can only search <code>To:</code>, <code>From:</code>, <code>Date:</code> and <code>Subject:</code> (this is likely to change when <a href="https://reddit.com/comments/cqwk2a/comment/ex21b4e">v4.0</a> of ProtonMail is released).</p>
|
|
|
|
<h5><span class="badge badge-success">Domains and Aliases</span></h5>
|
|
<p>Paid ProtonMail users can use their own domain with the service. <a href="https://protonmail.com/support/knowledge-base/catch-all/">Catch-all</a> addresses are supported with custom domains for Professional and Visionary plans. ProtonMail also supports <a href="https://protonmail.com/support/knowledge-base/creating-aliases/">subaddressing</a>, which is useful for users who don't want to purchase a domain.</p>
|
|
|
|
<h5><span class="badge badge-success">Payment Methods</span></h5>
|
|
<p>ProtonMail accepts Bitcoin in addition to accepting credit/debit cards and PayPal.</p>
|
|
|
|
<h5><span class="badge badge-success">Account Security</span></h5>
|
|
<p>ProtonMail supports <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> <a href="https://protonmail.com/support/knowledge-base/two-factor-authentication/">two factor authentication</a> only. The use of a <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key is not yet supported. ProtonMail is planning to implement U2F upon completion of their <a href="https://reddit.com/comments/cheoy6/comment/feh2lw0/">Single Sign On (SSO)</a> code.</p>
|
|
|
|
<h5><span class="badge badge-success">Data Security</span></h5>
|
|
<p>ProtonMail has <a href="https://protonmail.com/blog/zero-access-encryption">zero access encryption at rest</a> for your emails, <a href="https://protonmail.com/blog/encrypted-contacts-manager">address book contacts</a>, and <a href="https://protonmail.com/blog/protoncalendar-security-model">calendars</a>. This means the messages and other data stored in your account are only readable by you. </p>
|
|
|
|
<h5><span class="badge badge-success">Email Encryption</span></h5>
|
|
<p>ProtonMail has <a href="https://protonmail.com/support/knowledge-base/how-to-use-pgp">integrated OpenPGP encryption</a> in their webmail. Emails to other ProtonMail users are encrypted automatically, and encryption to non-ProtonMail users with a OpenPGP key can be enabled easily in your account settings. They also allow you to <a href="https://protonmail.com/support/knowledge-base/encrypt-for-outside-users">encrypt messages to non-ProtonMail users</a> without the need for them to sign up for a ProtonMail account or use software like OpenPGP.</p>
|
|
<p>ProtonMail also supports the discovery of public keys via HTTP from their <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a>. This allows users outside of ProtonMail to find the OpenPGP keys of ProtonMail users easily, for cross-provider E2EE.</p>
|
|
|
|
<h5><span class="badge badge-success">.onion Service</span></h5>
|
|
<p>ProtonMail is accessible via Tor at <a href="https://protonirockerxow.onion/">protonirockerxow.onion</a>.</p>
|
|
|
|
<h5><span class="badge badge-info">Extra Functionality</span></h5>
|
|
<p>ProtonMail offers a "Visionary" account for €24/Month, which also enables access to ProtonVPN in addition to providing multiple accounts, domains, aliases, and extra storage.</p>
|
|
</div>
|
|
</div>
|
|
<div class="row mb-2">
|
|
<div class="col-lg-3 col-sm-12 pt-lg-5">
|
|
<img
|
|
src="/assets/img/svg/3rd-party/mailboxorg.svg"
|
|
height="70"
|
|
width="200"
|
|
class="img-fluid d-block mr-auto ml-auto align-middle"
|
|
alt="Mailbox">
|
|
</div>
|
|
<div class="col">
|
|
<h2 id="mailbox" class="anchor"><a href="#mailbox"><i class="fas fa-link anchor-icon"></i></a> Mailbox.org <span class="badge badge-info">€12/Year</span></h2>
|
|
<p><strong><a href="https://mailbox.org">Mailbox.org</a></strong> is an email service with a focus on being secure, ad-free, and privately powered by 100% eco-friendly energy. They have been in operation since <strong>2014</strong>. Mailbox.org is based in Berlin, <span class="flag-icon flag-icon-de"></span> Germany. Accounts start with 2 GB of storage, which can be upgraded as needed.</p>
|
|
|
|
<h5><span class="badge badge-success">Domains and Aliases</span></h5>
|
|
<p>Mailbox.org lets users use their own domain and they support <a href="https://kb.mailbox.org/display/MBOKBEN/Using+catch-all+alias+with+own+domain">catch-all</a> addresses. Mailbox.org also supports <a href="https://kb.mailbox.org/display/BMBOKBEN/What+is+an+alias+and+how+do+I+use+it">subaddressing</a>, which is useful for users who don't want to purchase a domain.</p>
|
|
|
|
<h5><span class="badge badge-warning">Payment Methods</span></h5>
|
|
<p>Mailbox.org doesn't accept Bitcoin or any other cryptocurrencies as a result of their payment processor BitPay suspending operations in Germany. However, they do accept Cash by mail, cash payment to bank account, bank transfer, credit card, PayPal and couple of German-specific processors: paydirekt and Sofortüberweisung.</p>
|
|
|
|
<h5><span class="badge badge-success">Account Security</span></h5>
|
|
<p>Mailbox.org supports <a href="https://kb.mailbox.org/display/MBOKBEN/How+to+use+two-factor+authentication+-+2FA">two factor authentication</a> for their webmail only. You can use either <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> or a <a href="https://en.wikipedia.org/wiki/YubiKey">Yubikey</a> via the <a href="https://www.yubico.com/products/services-software/yubicloud">Yubicloud</a>. Web standards such as <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> and <a href="https://en.wikipedia.org/wiki/WebAuthn">WebAuthn</a> are not yet supported.</p>
|
|
|
|
<h5><span class="badge badge-warning">Data Security</span></h5>
|
|
<p>Mailbox.org allows for encryption of incoming mail using their <a href="https://kb.mailbox.org/display/MBOKBEN/The+Encrypted+Mailbox">encrypted mailbox</a>. New messages that you receive will then be immediately encrypted with your public key.</p>
|
|
<p>However, <a href="https://en.wikipedia.org/wiki/Open-Xchange">Open-Exchange</a>, the software platform used by Mailbox.org, <a href="https://kb.mailbox.org/display/BMBOKBEN/Encryption+of+calendar+and+address+book">does not support</a> the encryption of your address book and calendar. A <a href="/software/calendar-contacts/">standalone option</a> may be more appropriate for that information.</p>
|
|
|
|
<h5><span class="badge badge-success">Email Encryption</span></h5>
|
|
<p>Mailbox.org has <a href="https://kb.mailbox.org/display/MBOKBEN/Send+encrypted+e-mails+with+Guard">integrated encryption</a> in their webmail, which simplifies sending messages to users with public OpenPGP keys. They also allow <a href="https://kb.mailbox.org/display/MBOKBEN/My+recipient+does+not+use+PGP">remote recipients to decrypt an email</a> on Mailbox.org's servers. This feature is useful when the remote recipient does not have OpenPGP and cannot decrypt a copy of the email in their own mailbox.</p>
|
|
<p>Mailbox.org also supports the discovery of public keys via HTTP from their <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a>. This allows users outside of Mailbox.org to find the OpenPGP keys of Mailbox.org users easily, for cross-provider E2EE.</p>
|
|
|
|
<h5><span class="badge badge-warning">.onion Service</span></h5>
|
|
<p>You can access your Mailbox.org account via IMAP/SMTP using <a href="https://kb.mailbox.org/display/MBOKBEN/The+Tor+exit+node+of+mailbox.org">their .onion service</a>. However, their webmail interface cannot be accessed via their .onion service, and users may experience TLS certificate errors.</p>
|
|
|
|
<h5><span class="badge badge-info">Extra Functionality</span></h5>
|
|
<p>All accounts come with limited cloud storage that <a href="https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive">can be encrypted</a>. Mailbox.org also offers the alias <a href="https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely">@secure.mailbox.org</a>, which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all.</p>
|
|
</div>
|
|
</div>
|
|
<div class="row mb-2">
|
|
<div class="col-lg-3 col-sm-12 pt-lg-5">
|
|
<img
|
|
src="/assets/img/svg/3rd-party/posteo.svg"
|
|
height="70"
|
|
width="200"
|
|
class="img-fluid d-block mr-auto ml-auto align-middle"
|
|
alt="Posteo">
|
|
</div>
|
|
<div class="col">
|
|
<h2 id="posteo" class="anchor"><a href="#posteo"><i class="fas fa-link anchor-icon"></i></a> Posteo <span class="badge badge-info">€12/Year</span></h2>
|
|
<p><strong><a href="https://posteo.de">Posteo.de</a></strong> is an email provider that focuses on anonymous, secure, and private email. Their servers are powered by 100% sustainable energy. They have been in operation since <strong>2009</strong>. Posteo is based in <span class="flag-icon flag-icon-de"></span> Germany and has a free 14-day trial. Posteo comes with 2 GB for the monthly cost and an extra gigabyte can be purchased for €0.25 per month.</p>
|
|
|
|
<h5><span class="badge badge-warning">Domains and Aliases</span></h5>
|
|
<p>Posteo does <a href="https://posteo.de/en/site/faq">not allow the use of custom domains</a>, however users may still make use of <a href="https://posteo.de/en/help/what-is-an-email-alias">subaddressing</a>.</p>
|
|
|
|
<h5><span class="badge badge-warning">Payment Methods</span></h5>
|
|
<p>Posteo does not accept Bitcoin or other cryptocurrencies as a form of payment, however they do accept cash-by-mail. They also accept credit/debit cards, bank transfers, and PayPal, and claim that PII (personally identifiable information) that they receive in connection with these payment methods is not linked to your account.</p>
|
|
|
|
<h5><span class="badge badge-success">Account Security</span></h5>
|
|
<p>Posteo supports <a href="https://posteo.de/en/help/what-is-two-factor-authentication-and-how-do-i-set-it-up">two factor authentication</a> for their webmail only. You can use either <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> a <a href="https://en.wikipedia.org/wiki/YubiKey">Yubikey</a> with TOTP. Web standards such as <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> and <a href="https://en.wikipedia.org/wiki/WebAuthn">WebAuthn</a> are not yet supported.</p>
|
|
|
|
<h5><span class="badge badge-warning">Data Security</span></h5>
|
|
<p>Posteo has <a href="https://posteo.de/en/site/encryption#cryptomailstorage">zero access encryption</a> for email storage. This means the messages stored in your account are only readable by you. </p>
|
|
<p>Posteo also supports the encryption of your <a href="https://posteo.de/en/site/features#featuresaddressbook">address book contacts</a> and <a href="https://posteo.de/en/site/features#featurescalendar">calendars</a> at rest. However, Posteo still uses standard <a href="https://en.wikipedia.org/wiki/CalDAV">CalDAV</a> and <a href="https://en.wikipedia.org/wiki/CardDAV">CardDAV</a> for calendars and contacts. These protocols do not support <a href="https://en.wikipedia.org/wiki/End-to-end_encryption">E2EE (End-To-End Encryption)</a>. A <a href="/software/calendar-contacts/">standalone option</a> may be more appropiate.</p>
|
|
|
|
<h5><span class="badge badge-success">Email Encryption</span></h5>
|
|
<p>Posteo has <a href="https://posteo.de/en/site/encryption#pgp_webmailer">integrated encryption</a> in their webmail, which simplifies sending messages to users with public OpenPGP keys. They also support the discovery of public keys via HTTP from their <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a>. This allows users outside of Posteo to find the OpenPGP keys of Posteo users easily, for cross-provider E2EE.</p>
|
|
|
|
<h5><span class="badge badge-danger">.onion Service</span></h5>
|
|
<p>Posteo does not operate a .onion service.</p>
|
|
|
|
<h5><span class="badge badge-info">Extra Functionality</span></h5>
|
|
<p>Posteo allows users to <a href="https://posteo.de/en/help/does-posteo-offer-mailing-lists">set up their own mailing lists</a>. Each account can create one list for free.</p>
|
|
</div>
|
|
</div>
|
|
<div class="row mb-2">
|
|
<div class="col-lg-3 col-sm-12 pt-lg-5">
|
|
<img
|
|
src="/assets/img/svg/3rd-party/soverin.svg"
|
|
height="70"
|
|
width="200"
|
|
class="img-fluid d-block mr-auto ml-auto align-middle"
|
|
alt="Soverin">
|
|
</div>
|
|
<div class="col">
|
|
<h2 id="soverin" class="anchor"><a href="#soverin"><i class="fas fa-link anchor-icon"></i></a> Soverin <span class="badge badge-info">€29/Year</span></h2>
|
|
<p><strong><a href="https://soverin.net">Soverin.net</a></strong> is an email provider which focuses on being private, ad-free, and powered by sustainable energy. They have been in operation since <strong>2015</strong>. Soverin is based in <span class="flag-icon flag-icon-nl"></span> Amsterdam and does not have a free trial. Accounts start at 25 GB.</p>
|
|
|
|
<h5><span class="badge badge-success">Domains and Aliases</span></h5>
|
|
<p>Soverin lets users use their own domain. Soverin users can also use <a href="https://support.soverin.net/hc/en-us/articles/115004811093-How-can-I-setup-a-catch-all-on-my-domain-">catch-all</a> and <a href="https://support.soverin.net/hc/en-us/articles/115004811073-How-can-I-add-an-alias-to-my-domain-">aliases</a> for domains they own. Soverin also allows for <a href="https://support.soverin.net/hc/en-us/articles/115004811033-Do-support-the-plus-syntax-subaddressing-">subaddressing</a>, which is useful for users who don't want to purchase a domain.</p>
|
|
|
|
<h5><span class="badge badge-success">Payment Methods</span></h5>
|
|
<p>Soverin accepts Bitcoin as payment. They also accept credit/debit cards, PayPal, and the Netherlands-specific payment gateway iDEAL.</p>
|
|
|
|
<h5><span class="badge badge-success">Account Security</span></h5>
|
|
<p>Soverin supports <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> two factor authentication <a href="https://support.soverin.net/hc/en-us/articles/360008819553-Setting-up-2-Factor-Authentication-2FA-Webmail-only">for webmail only</a>. They do not allow <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key authentication.</p>
|
|
|
|
<h5><span class="badge badge-warning">Data Security</span></h5>
|
|
<p>Soverin has <a href="https://support.soverin.net/hc/en-us/articles/115004810713-Technical-details-about-Soverin">encryption at rest</a> however it doesn't appear to be "zero access", meaning it is technically possible for them to decrypt the data they have.</p>
|
|
<p>Soverin also uses the standard <a href="https://en.wikipedia.org/wiki/CalDAV">CalDAV</a> and <a href="https://en.wikipedia.org/wiki/CardDAV">CardDAV</a> protocols for calendars and contacts, which do not support E2EE. A <a href="/software/calendar-contacts/">standalone option</a> may be more appropriate.</p>
|
|
|
|
<h5><span class="badge badge-success">Email Encryption</span></h5>
|
|
<p>Soverin has integrated encryption in their webmail, which simplifies sending messages to users. However, Soverin has not integrated a <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a> for users on their platform.<p>
|
|
|
|
<h5><span class="badge badge-danger">.onion Service</span></h5>
|
|
<p>Soverin does not operate a .onion service.</p>
|
|
|
|
<h5><span class="badge badge-info">Extra Functionality</span></h5>
|
|
<p>Soverin also providers users with space for a personal webpage.</p>
|
|
</div>
|
|
</div>
|
|
<div class="row mb-2">
|
|
<div class="col-lg-3 col-sm-12 pt-lg-5">
|
|
<img
|
|
src="/assets/img/svg/3rd-party/disroot.svg"
|
|
data-theme-src="/assets/img/svg/3rd-party/disroot-dark.svg"
|
|
height="70"
|
|
width="200"
|
|
class="img-fluid d-block mr-auto ml-auto align-middle"
|
|
alt="Disroot">
|
|
</div>
|
|
<div class="col">
|
|
<h2 id="disroot" class="anchor"><a href="#disroot"><i class="fas fa-link anchor-icon"></i></a> Disroot <span class="badge badge-info">Free</span></h2>
|
|
<p><strong><a href="https://disroot.org/en/services/email">Disroot</a></strong> offers email amongst <a href="https://disroot.org/en/#services">other services</a>. The service is maintained by volunteers and its community. They have been in operation since <strong>2015</strong>. Disroot is based in <span class="flag-icon flag-icon-nl"></span> Amsterdam. Disroot is free and uses open source software such as Rainloop to provide service. Users support the service through donations and buying extra storage. The mailbox limit is 1 GB, but extra storage can be purchased 0.15€ per GB per month paid yearly.</p>
|
|
|
|
<h5><span class="badge badge-success">Domains and Aliases</span></h5>
|
|
<p>Disroot lets users use their own domain. They have aliases, however you must <a href="https://disroot.org/en/forms/alias-request-form">manually apply</a> for them.</p>
|
|
|
|
<h5><span class="badge badge-success">Payment Methods</span></h5>
|
|
<p>Disroot accepts Bitcoin and Faircoin as payment methods. They also accept PayPal, direct bank deposit, and Patreon payments. Disroot is a not-for-profit organization that also accepts donations through Liberapay, Flattr, and Monero, but these payment methods cannot be used to purchase services.</p>
|
|
|
|
<h5><span class="badge badge-success">Account Security</span></h5>
|
|
<p>Disroot supports <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> two factor authentication for webmail only. They do not allow <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key authentication.</p>
|
|
|
|
<h5><span class="badge badge-warning">Data Security</span></h5>
|
|
<p>Disroot uses full disk encryption. However, it doesn't appear to be "zero access", meaning it is technically possible for them to decrypt the data they have.</p>
|
|
<p>Disroot also uses the standard <a href="https://en.wikipedia.org/wiki/CalDAV">CalDAV</a> and <a href="https://en.wikipedia.org/wiki/CardDAV">CardDAV</a> protocols for calendars and contacts, which do not support E2EE. A <a href="/software/calendar-contacts/">standalone option</a> may be more appropriate.</p>
|
|
|
|
<h5><span class="badge badge-success">Email Encryption</span></h5>
|
|
<p>Disroot allows for encrypted emails to be sent from their webmail application using OpenPGP. However, Disroot has not integrated a <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a> for users on their platform.</p>
|
|
|
|
<h5><span class="badge badge-danger">.onion Service</span></h5>
|
|
<p>Disroot does not operate a .onion service.</p>
|
|
|
|
<h5><span class="badge badge-info">Extra Functionality</span></h5>
|
|
<p>They offer <a href="https://disroot.org/en/#services">other services</a> such as NextCloud, XMPP Chat, Etherpad, Ethercalc, Pastebin, Online polls and a Gitea instance. They also have an app <a href="https://f-droid.org/packages/org.disroot.disrootapp/">available in F-Droid</a>.</p>
|
|
</div>
|
|
</div>
|
|
<div class="row mb-2">
|
|
<div class="col-lg-3 col-sm-12 pt-lg-5">
|
|
<img
|
|
src="/assets/img/svg/3rd-party/tutanota.svg"
|
|
data-theme-src="/assets/img/svg/3rd-party/tutanota-dark.svg"
|
|
height="70"
|
|
width="200"
|
|
class="img-fluid d-block mr-auto ml-auto align-middle"
|
|
alt="Tutanota">
|
|
</div>
|
|
<div class="col">
|
|
<h2 id="tutanota" class="anchor"><a href="#tutanota"><i class="fas fa-link anchor-icon"></i></a> Tutanota <span class="badge badge-info">Free</span></h2>
|
|
<p><strong><a href="https://tutanota.com">Tutanota.com</a></strong> is an email service with a focus on security and privacy through the use of encryption. Tutanota has been in operation since <strong>2011</strong> and is based in Hanover, <span class="flag-icon flag-icon-de"></span> Germany. Accounts start with 1GB storage with their free plan.</p>
|
|
<p>Tutanota <a href="https://tutanota.com/faq/#imap">doesn't allow</a> the use of third-party <a href="/software/email/">email clients</a>. There are plans to allow Tutanota pull email from <a href="https://github.com/tutao/tutanota/issues/544">external email accounts</a> using the <a href="https://en.wikipedia.org/wiki/Internet_Message_Access_Protocol">IMAP</a> protocol. <a href="https://github.com/tutao/tutanota/issues/630">Email import</a> is currently not possible.</p>
|
|
<p>Emails can be exported <a href="https://tutanota.com/howto#generalMail">individually or by bulk selection</a>. Tutanota does not allow for <a href="https://github.com/tutao/tutanota/issues/927">subfolders</a> as you might expect with other email providers.</p>
|
|
<p>Tutanota is working on a <a href="https://tutanota.com/blog/posts/desktop-clients/">desktop client</a> and they have an app <a href="https://f-droid.org/packages/de.tutao.tutanota">available in F-Droid</a>. They also have their app in conventional stores such as <a href="https://apps.apple.com/us/app/tutanota/id922429609">App Store</a> on iOS and <a href="https://play.google.com/store/apps/details?id=de.tutao.tutanota">Google Play</a> for Android.</p>
|
|
|
|
<h5><span class="badge badge-success">Domains and Aliases</span></h5>
|
|
<p>Paid Tutanota accounts can use up to 5 <a href="https://tutanota.com/faq#alias">aliases</a> and <a href="https://tutanota.com/faq#custom-domain">custom domains</a>. Tutanota doesn't allow for <a href="https://tutanota.com/faq#plus">subaddressing (plus addresses)</a>, but you can use a <a href="https://tutanota.com/howto#settings-global">catch-all</a> with a custom domain.</p>
|
|
|
|
<h5><span class="badge badge-danger">Payment Methods</span></h5>
|
|
<p>Tutanota accepts only credit cards and PayPal.</p>
|
|
|
|
<h5><span class="badge badge-success">Account Security</span></h5>
|
|
<p>Tutanota supports <a href="https://tutanota.com/faq#2fa">two factor authentication</a>. Users can either use <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> or <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a>. U2F support is <a href="https://github.com/tutao/tutanota/issues/443">not yet available on Android</a>.</p>
|
|
|
|
<h5><span class="badge badge-success">Data Security</span></h5>
|
|
<p>Tutanota has <a href="https://tutanota.com/faq#what-encrypted">zero access encryption at rest</a> for your emails, <a href="https://tutanota.com/faq#encrypted-address-book">address book contacts</a>, and <a href="https://tutanota.com/faq#calendar">calendars</a>. This means the messages and other data stored in your account are only readable by you. </p>
|
|
|
|
<h5><span class="badge badge-warning">Email Encryption</span></h5>
|
|
<p>Tutanota <a href="https://www.tutanota.com/faq/#pgp">does not use OpenPGP</a>. Tutanota users can only receive encrypted emails when external users send them through a <a href="https://www.tutanota.com/howto/#encrypted-email-external">temporary Tutanota mailbox</a>.</p>
|
|
<p>Tutanota <a href="https://github.com/tutao/tutanota/issues/198">does have plans</a> to support <a href="https://autocrypt.org">AutoCrypt</a>. This would allow for external users to send encrypted emails to Tutanota users as long as their email client supports the AutoCrypt headers.</p>
|
|
|
|
<h5><span class="badge badge-danger">.onion Service</span></h5>
|
|
<p>Tutanota does not operate a .onion service but <a href="https://github.com/tutao/tutanota/issues/528">may consider</a> it in the future.</p>
|
|
|
|
<h5><span class="badge badge-info">Extra Functionality</span></h5>
|
|
<p>Tutanota offers the business version of <a href="https://tutanota.com/blog/posts/secure-email-for-non-profit">Tutanota to non-profit organizations</a> for free or with a heavy discount.</p>
|
|
|
|
<p>Tutanota also has a business feature called <a href="https://tutanota.com/secure-connect/">Secure Connect</a>. This ensures customer contact to the business uses E2EE. The feature costs €240/year.</p>
|
|
</div>
|
|
</div>
|
|
</div>
|