When talking about secure and private email services, Mailfence is one of the top names that comes to mind. They are based in Belgium and have become one of the most popular email services among security minded people and privacy enthusiasts.
Mailfence is developed and maintained by ContactOffice, who provides a collaborative e-mail platform for private businesses and educational institutions. The service came into existence following the Snowden Revelations under a belief that users have an absolute and irrevocable right to internet privacy.
During the 15 years of ContactOffice’s operation, the company’s policy has always been that tracking and profiling users for the sake of ‘government surveillance’ or ‘commercialisation of data’ is obscene and an unacceptable breach of privacy.
Mailfence Secure And Private Email – Main Features
- End-to-end encryption – OpenPGP (supports both PGP/MIME and inline-PGP)
- Digital signatures – OpenPGP (supports both PGP/MIME and inline-PGP) + S/MIME
- Signature validation (for inbound messages)
- Servers location – Locally hosted in Brussels-Belgium
- Protocols supported: IMAP, POP, WebDAV, CalDAV, LDAP support (enterprise offering)
- Connection security: TLS 1.2, Perfect Forward Secrecy, HSTS, prioritizes AEAD cipher
- Suites. SSL Labs results: A+
- Import and export (reversibility) modules for email, contacts, calendar, docs
- Mobile access: ActiveSync, Web interface (pocket version)
- Spam/Virus filtering, SPF, DKIM, DMARC
- IP address in mail headers: No
- Own domain hosting: Yes
The secure email service was developed with the goal of providing an easy to use end-to-end encrypted email service with digital signatures. In order to achieve this, the Mailfence team decided to avoid any 3rd-party apps or plugins.
MAILFENCE IS THE ONLY WEBMAIL SOLUTION THAT PROVIDES AN INTEGRATED KEY STORE FOR ADVANCE KEY-MANAGEMENT THAT GIVES USER FULL CONTROL IN MANAGING ENCRYPTION KEYS WITHOUT ANY THIRD-PARTY PLUG-IN/ADDON.
Mailfence uses the well-known email encryption standard OpenPGP, which has been around for almost two decades but hasn’t become mainstream due to usage complexity. Mailfence took on the challenge to make OpenPGP easy-to-use. They leveraged their ‘crystal’ interface designed to better suit all devices with optimum security and usability.
Security And Privacy Features
Mailfence, provides a number of security and privacy features to better protect the end-users and help them in keeping their mailfence account secure and private.
MAILFENCE END-TO-END ENCRYPTION AND DIGITAL SIGNATURE FUNCTIONALITY IS FULLY INTEROPERABLE WITH ANY PGP COMPLIANT SOLUTION IN THE WORLD AND SUPPORTS BOTH PGP/MIME AND INLINE-PGP FORMATS.
A few other security and privacy features worth mentioning are the following:
- Enforcing strong password and key passphrase policy
- Two-factor authentication
- Authentication log for every connection
- Stripping IP address from the email headers by default
- User-side blacklisting (filters)
- Attachment scanning and spam protection
- DKIM and much more.
A Complete Collaborative Suite
Mailfence is a complete solution, that provides much more than email. Each Mailfence account gives access to following tools:
- Instant Messaging
- Contact management.
Mailfence is also broad in terms of syncing with a local client or mobile devices via IMAP, CalDAV, CARDAV or ActiveSync.
A big advantage of Mailfence versus other secure email services is the group functionality, where users can create a group and share, mailboxes, calendars, contacts, and documents. This makes Mailfence a secure and private collaboration tool for businesses. Mailfence thus fulfills the requirements for both private users and professional customers.
Furthermore, the service also supports custom domains, plus addressing and many other features useful in a professional context.
Easy-to-use ‘Crystal’ Interface
The Mailfence webmail interface is clean, intuitive, smooth and easy-to-use. Moreover, it is one of the fastest and responsive web interfaces we have seen.
This highly contributes in the overall UI experience of the user. An extensive ‘Online Help’ and ‘info-graphic user guide for encryption and signing’ is also present.
Transparency And Electronic Freedom
Mailfence has not only been at the forefront in terms of security and privacy but the company also donates 15 percent of their annual Pro subscription revenue to the Electronic Frontier Foundation (EFF) and the European Digital Rights Foundation (EDRi) to support their fight for digital rights and electronic freedom.
Since its inception, the company has put much effort in maintaining a transparent and honest communication with its users.
MAILFENCE has clearly defined their design philosophy, threat model and maintains an up-to-date warrant canary.
Mailfence has planned to go open-source and has kept their doors open for independent audits from reputable academic/research institutions. They have implemented an SSL certificate which contains no American issuers in the certificate chain, and use a European certification authority – just so to better protect their SSL certificate legalities (under European laws) for e.g., in case of an advanced MiTM or if someone issued a rogue certificate for their product.
Mailfence offers a free subscription, along with an ‘Entry’ and a ‘Pro’ subscription based on increased data storage, email sending limit, and other features.
Furthermore, customized plans for businesses and enterprise customers are also available.
An Effective Customer Support
Our Mailfence review wouldn’t be complete if we didn’t mention the customer service.
While using complex cryptosystems for essential tasks like email, calendaring etc – it is vital for users to have robust and effective customer support at their disposal.
In our experience, Mailfence has shown professionalism, efficiency and honesty while providing assistance to their users. The response has even been in a matter of minutes on several occasions. This is pretty quick, and the representatives have always been helpful and knowledgeable.
Mailfence Review – Do We Recommend It?
Mailfence has designed a secure email application to give the user freedom, control over their key management, and full reversibility (i.e., users can export all their data, export their keypair and leave the service at any time). They have also made it incredibly easy to sign or sign & encrypt e-mails, as well as maintain a keystore.
In our opinion, they have thus set a new benchmark in the market.
Their webmail interface is stunning, responsive, and easy to use – and is suitable for both individual and professional users. All of this including their excellent customer support makes them the best of the best among the secure and private email providers available.
If you subscribe to any its subscription plan (free or paying), you will surely not regret it. Moreover, through their yearly donation, you will be contributing to the fight for online privacy.
Mailfence Co-Founder Patrick De Shutter Interview
Patrick De Schutter is Co-Founder and Managing Director at Mailfence. Through his company, he actively supports the fight for digital rights. Mailfence is a secure and private email service and one of the top player in this industry. We recently reviewed the Mailfence service. In this interview, Patrick De Schutter gives us more insight into its company and shared his thought on personal privacy and anonymity.
Anonymster: Can you please give us an overview of what is Mailfence and what your company does?
Mailfence is a secure and private email suite, that offers an ‘interoperable’ end-to-end encrypted email service with digital signing. Mailfence gives users full control over their key management without any restrictions.
It was launched in November 2013 by ContactOffice Group, which operates an online collaboration suite since 1999. We try to be cautious, reliable, stable and honest.
We do serious things but with fun and are among the pioneers of cloud software in Europe. Our main business is licensing our email and collaboration application to universities in Europe.
Anonymster: What has prompted you to develop the Mailfence project?
At ContactOffice we have always believed that users have an absolute and irrevocable right to Internet privacy.
That is why we have never commercialized our user databases. During more than 15 years of business, users have always been spared advertising and have never been tracked or profiled.
Following Snowden’s revelations about massive government surveillance in the summer of 2013, it became clear that users privacy on the Internet was seriously threatened. This was unacceptable to us!
Thus, in the midst of 2013, right after the mass surveillance disclosure, we felt a great need of a dedicated platform that would allow users to regain their email privacy with easy-to-use security mechanisms. This is how Mailfence came into existence.
Anonymster: What technologies do you employ to guarantee privacy and security to your customers?
We believe, that the only reliable technology is end-to-end encryption (E2EE). It assures the sender that nobody in-between (including the service provider) will be able to access the message content. Only the desired recipient will be able to decrypt and read the message.
We have further leveraged this by providing the feature of Digital signatures, that gives a peace of mind to the recipient that a message sent to him was indeed sent by its claimed sender. Digital signatures also prove that the message was not tampered with during transit. Other security features to ensure the security and privacy of our users include SPF, DKIM, TFA, Spam protection, User-side blacklisting and much more.
Aside from keeping our platform privacy and secure, we also try to emphasize the end-device security. If a device of our user is compromised, it will circumvent all the security and privacy measures we take. This was recently further confirmed in the WikiLeaks publication of zero-day series, ‘vault 7’
We, therefore, have been increasing the awareness among our end-users through dedicated posts on our blog in order to help them understand the modern digital threats, and how to secure against them in the best possible way.
Anonymster: We often hear about privacy in connection to anonymity. Are they the same and does Mailfence guarantee anonymity?
No, they are not the same – and we have taken significant steps to strengthen both.
Regarding privacy: Mailfence helps users to reclaim their email privacy. We keep their account data private. Our end-to-end encrypted and digitally signed emails make it technically impossible for any of the intermediary to access or temper with the message content or claim its ownership.
Also, we have never commercialized our databases and are locally hosted in Belgium, where all of the users’ data legally falls under the tight umbrella of Belgian data protection laws. All of this combines with our strong privacy oriented belief ‘Privacy is a right’. We want to help our users to reclaim their online privacy.
Email protocols (as we use them today) leak a lot of meta-data (to, from, IP address…) which brings us to the second aspect of anonymity. Mailfence has taken several measures that apply to both end-to-end encrypted and plain-text emails. For e.g., stripping the IP address from emails, collecting as little information as possible, having strict log deletion policies, … Also, for better anonymity – we encourage users to use Tor over a reliable VPN.
Anonymster: Does Mailfence work in countries with a strong censorship like China?
Mailfence works in all regions, without any issues. In countries that may block Mailfence access, we advise users to access us via Tor network. We are strong believers of net neutrality and advocate all efforts to make the internet an open and sustainable place.
We donate 15% of our annual Pro plan revenue to Electronic Frontier Foundation and to the European Digital Rights Foundation to support the fight for online privacy and digital freedom.
Anonymster: Does Mailfence protect even against infected or malicious email?
We do have malware checking procedures, combined with spam protection systems in place that protect user’s messages. All of the third-party images are always filtered by default – and we also encourage users to enable TFA to better protect themselves against phishing attempts.
However, as we generally say – if an end-device is compromised (via a malware for e.g., a keylogger, …), all the application level protections will be of no use.
Anonymster: Mailfence has adopted the OpenPGP encryption which is a complex email encryption standard. Why did you decide to use OpenPGP and how did you make it easy-to-use for your customers?
OpenPGP is an open-standard that has been well-supported and well-audited by a number of reputed organizations, cryptologists and different parts of Academia. However, the reason it was not fairly adopted on a massive scale was the usability complexity that came with it.
Mailfence took on that challenge. In the past users used OpenPGP through command-line / console based interfaces or needed to install third-party add-ons/plugins. We converted this into a ‘single’ web experience packed with tons of other security features with a very lightweight & easy-to-use interface that works on any modern browser.
Also since OpenPGP is an open standard, it makes us ‘completely interoperable’ with other respective solutions while keeping our users completely independent from any third-party add-on/plugin with-in a very easy-to-use web interface.
Another aspect was providing advance key-management features with full control to the user without any restrictions. We achieved this via an integrated account keystore. Finally, to further enhance the usability experience, an easy-to-understand info-graphic user-guide and robust support team always remains at user disposal.
Anonymster: Who should use Mailfence?
We are in an age of global surveillance, sophisticated social engineering attacks, malware and other dedicated malicious tools. Everyone should use Mailfence. Yes, even if you don’t care about your email privacy. Mailfence will still protect you from a range of digital threats, account compromise, identity forgery, spamming concerns, …etc
Since Mailfence is a complete email-suite with calendars, documents, and other collaboration features, it will suit all type of individual or professional needs.
Anonymster: What if a customer has been using email for years without encryption, is Mailfence of any help to protect them?
Yes, even if you don’t plan on using end-to-end encryption and/or digital signatures and simply want to send email in plain-text. At mailfence, your data will be protected under our servers tight security measures, and will not stand liable to illegal subpoena’s. Only a valid court order from a Belgian judge can request some information.
Moreover, our application level security measures will give a ton of other security features that will protect your account’s data at all times.
Anonymster: What can we expect in the world of email security in the next years?
More encryption, and better encryption, aside from advancements in end-devices protection. Also, since traditional email protocols were not designed with security in mind, there now seems to be some projects working on re-designing the protocol, which as good it seems, is actually quite difficult to implement when it comes to widespread adoption.
Anonymster: Are there any new developments you are working on at Mailfence?
We continuously strive to make mailfence better and work hard day and night to improve our service. We also tend to rely on users feedback and use it as a driving factor for setting up our development priorities. Currently, we are working on Mobile Apps along with a lot of other incredible features, that will soon become part of Mailfence.
Anonymster: Finally, what sets you apart from other secure mail services?
To name a few:
- ‘True’ end-to-end encryption
- Digital signatures (based on your own keypair)
- Full PGP inter-operability
- Integrated key store (with advanced key management options)
- Multiple keypair support
- Seamless PGP public key server connection
- Users are not confined to use PGP on the same platform
- Full reversibility and key revocation
- IMAPS, POPS, ActiveSync, WebDAV support
- Collaboration suite (shared mailbox, calendars, contacts, documents, groups, chat, …)
Last but the not least, our robust support team always remains at your disposal to assist you with regard to your email privacy and security concerns.