When talking about secure and private email services, Mailfence is one of the top names that comes to mind. They are based in Belgium and have become one of the most popular email services among security minded people and privacy enthusiasts.
Mailfence is developed and maintained by ContactOffice, who provides a collaborative e-mail platform for private businesses and educational institutions. The service came into existence following the Snowden Revelations under a belief that users have an absolute and irrevocable right to internet privacy.
During the 15 years of ContactOffice’s operation, the company’s policy has always been that tracking and profiling users for the sake of ‘government surveillance’ or ‘commercialisation of data’ is obscene and an unacceptable breach of privacy.
Table of Contents
Mailfence Secure And Private Email – Main Features
- End-to-end encryption – OpenPGP (supports both PGP/MIME and inline-PGP)
- Digital signatures – OpenPGP (supports both PGP/MIME and inline-PGP) + S/MIME
- Signature validation (for inbound messages)
- Servers location – Locally hosted in Brussels-Belgium
- Protocols supported: IMAP, POP, WebDAV, CalDAV, LDAP support (enterprise offering)
- Connection security: TLS 1.2, Perfect Forward Secrecy, HSTS, prioritizes AEAD cipher
- Suites. SSL Labs results: A+
- Import and export (reversibility) modules for email, contacts, calendard, docs
- Mobile access: ActiveSync, Webinterface (pocket version)
- Spam/Virus filtering, SPF, DKIM, DMARC
- IP address in mail headers: No
- Own domain hosting: Yes
The secure email service was developed with the goal of providing an easy to use end-to-end encrypted email service with digital signatures. In order to achieve this, the Mailfence team decided to avoid any 3rd-party apps or plugins.
MAILFENCE IS THE ONLY WEBMAIL SOLUTION THAT PROVIDES AN INTEGRATED KEY STORE FOR ADVANCE KEY-MANAGEMENT THAT GIVES USER FULL CONTROL IN MANAGING ENCRYPTION KEYS WITHOUT ANY THIRD-PARTY PLUG-IN/ADDON.
Mailfence uses the well-known email encryption standard OpenPGP, which has been around for almost two decades but hasn’t become mainstream due to usage complexity. Mailfence took on the challenge to make OpenPGP easy-to-use. They leveraged their ‘crystal’ interface designed to better suit all devices with optimum security and usability.
Security And Privacy Features
Mailfence, provides a number of security and privacy features to better protect the end-users and help them in keeping their mailfence account secure and private.
MAILFENCE END-TO-END ENCRYPTION AND DIGITAL SIGNATURE FUNCTIONALITY IS FULLY INTEROPERABLE WITH ANY PGP COMPLIANT SOLUTION IN THE WORLD AND SUPPORTS BOTH PGP/MIME AND INLINE-PGP FORMATS.
A few other security and privacy features worth mentioning are the following:
- Enforcing strong password and key passphrase policy
- Two-factor authentication
- Authentication log for every connection
- Stripping IP address from the email headers by default
- User-side blacklisting (filters)
- Attachment scanning and spam protection
- DKIM and much more.
A Complete Collaborative Suite
Mailfence is a complete solution, that provides much more than email. Each Mailfence account gives access to following tools:
- Instant Messaging
- Contact management.
Mailfence is also broad in terms of syncing with a local client or mobile devices via IMAP, CalDAV, CARDAV or ActiveSync.
A big advantage of Mailfence versus other secure email services is the group functionality, where users can create a group and share, mailboxes, calendars, contacts and documents. This makes Mailfence a secure and private collaboration tool for businesses. Mailfence thus fulfills the requirements for both private users and professional customers.
Furthermore, the service also supports custom domains, plus addressing and many other features useful in a professional context.
Easy-to-use ‘Crystal’ Interface
The Mailfence webmail interface is clean, intuitive, smooth and easy-to-use. Moreover it is one of the most fast and responsive web interfaces we have seen.
This highly contributes in the overall UI experience of the user. An extensive ‘Online Help’ and ‘info-graphic user guide for encryption and signing’ is also present.
Transparency And Electronic Freedom
Mailfence has not only been at the forefront in terms of security and privacy but the company also donates 15 percent of their annual Pro subscription revenue to the Electronic Frontier Foundation (EFF) and the European Digital Rights Foundation (EDRi) to support their fight for digital rights and electronic freedom.
Since its inception, the company has put much efforts in maintaining a transparent and honest communication with its users.
MAILFENCE has clearly defined their design philosophy, threat model and maintains an up-to-date warrant canary.
Mailfence has planned to go open-source, and has kept their doors open for independent audits from reputable academic/research institutions. They have implemented an SSL certificate which contains no American issuers in the certificate chain, and use a European certification authority – just so to better protect their SSL certificate legalities (under European laws) for e.g., in case of an advanced MiTM or if someone issued a rogue certificate for their product.
Mailfence offers a free subscription, along with an ‘Entry’ and a ‘Pro’ subscription based on increased data storage, email sending limit and other features.
Furthermore, customized plans for businesses and enterprise customers are also available.
An Effective Customer Support
Our Mailfence review wouldn’t be complete if we didn’t mention the customer service.
While using complex crypto systems for essential tasks like email, calendaring etc – it is vital for users to have a robust and effective customer support at their disposal.
In our experience, Mailfence has shown professionalism, efficiency and honesty while providing assistance to their users. The response has even been in a matter of minutes on several occasions. This is pretty quick, and the representatives have always been helpful and knowledgeable.
Conclusion For Mailfence Review
Mailfence has designed a secure email application to give the user freedom, control over their key management, and full reversibility (i.e., user can export all their data, export their keypair and leave the service at any time). They have also made it incredibly easy to sign or sign & encrypt e-mails, as well as maintain a keystore.
In our opinion they have thus set a new benchmark in the market.
Their webmail interface is stunning, responsive, and easy to use – and is suitable for both individual and professional users. All of this including their excellent customer support makes them the best of the best among the secure and private email providers available.
If you subscribe to any its subscription plan (free or paying), you will surely not regret and through their yearly donation you will be contribution to the fight for online privacy.