The Complete Guide to Secure Email Providers

If you’re looking for a webmail provider in a pinch, Gmail, Outlook or Yahoo will do — that is, if you don’t mind entities such as Google and the United States government having access to your email data. Despite their popularity, these systems offer virtually nothing in the way of privacy and security, which is problematic regardless of whether you intend to use them for personal or professional reasons.

Fortunately, there are plenty of secure email systems, both paid and free, that can offer you the privacy and security you need — and we’ve compiled this truly comprehensive list of the top solutions on the market to help you find the right one. Before we get to that list, though, let’s go over some of the features you should look for when comparing solutions:

Encryption: The process by which messages or information are encoded so that they can only be accessed by authorized parties. There are multiple types of encryption standards available, each with their own advantages and disadvantages.
Two-factor authentication (2FA): Also known as two-step verification, 2FA requires users to provide two different authentication factors to verify their credentials.
End-to-end encryption (E2EE): A communication system that only allows the direct user and recipient to view messages in order to prevent third parties from accessing data as it’s being transferred.
IMAP/POP support
Strict privacy laws
Integration with Gmail, Yahoo and Outlook

Don’t have time to read through the whole list? Scroll to the bottom of this page to see our handy table, which provides a snapshot of each secure email provider’s pricing structure and pros and cons.

Here is a quick link navigation to each of the top providers in detail:

1. ProtonMail
2. Hushmail
3. CounterMail
4. Tutanota
5. Mailfence
6. Runbox
7. Posteo
8. Kolab Now
9. LuxSci
10. SCRYPTmail

Top Secure Email Provider

1. ProtonMail

When it comes to email security, ProtonMail is the clear frontrunner. Created by researchers at CERN and based in Switzerland — a country known for its strict privacy laws — ProtonMail provides robust data security at no cost to the user. ProtonMail uses open source cryptography to create a secure email system with E2EE and privacy standards so strong that the company itself can’t decrypt your messages, which is a problem if you require data recovery services or forget your account password (a common frustration for users).

With data centers located in a nuclear bunker under 1,000 meters of granite, ProtonMail is just as dedicated to hardware-level security as it is to software-level. Each server within ProtonMail’s datacenter consists of fully encrypted hard disks with multiple password layers.

ProtonMail’s interface is similar to Gmail’s, as is its sign-up process, which makes it easy for new users to get started. ProtonMail offers four pricing packages, which you can see outlined below:

Free	Plus	Professional	Visionary
One user One address 500MB storage 150 messages per day Three folder/labels Limited support	One user Five addresses 5 GB storage 1,000 messages per day 200 folders/labels Normal support One custom domain	1-5,000 users 5 GB storage per user Unlimited messages Unlimited folders/labels Priority support Two custom domains	Six users 20 GB storage 50 addresses Unlimited messages Unlimited folders/labels Priority support 10 custom domains
Free	5 EUR per month / 48 EUR per year	8 EUR per month / 75 EUR per year	30 EUR per month / 288 EUR per year

Cost – 30 EUR per month / 288 EUR per year

2. Hushmail

Fans of ProtonMail might also be interested in Hushmail, a free encrypted email service that uses OpenPGP standards. Hushmail enables users to both send and read secure emails from recipients using any webmail client; it also enables users to add security questions on outgoing emails sent to non-Hushmail users.

Hushmail’s security philosophy revolves around simplicity — simple to use, simple to understand and simple to secure. Based on that principle, it only takes a few minutes to create and set up a Hushmail account; once you’ve set up your account, you can access Hushmail via the company’s desktop webmail and native iPhone app, or through a support desktop or smartphone email application.

The basic version of Hushmail is available for free — however, Hushmail also offers six paid versions for specific use cases:

Personal	Small Business	Healthcare	Law	Nonprofits	Enterprise
10 GB storage Two secure web forms Multiple layers of security Ad-free accounts Unlimited email aliases Mobility Dedicated customer support	10 GB storage per user Two secure web forms OpenPGP encryption Mobile/desktop access Use your own domain name Dedicated customer support Unlimited email aliases Email forwarding Catch-all email Administrative tools	10–15 GB storage per account 1–10 email accounts 2–10 web forms HIPAA Business Associate Agreement Email archiving Dedicated customer support	10 GB storage per user 2 secure web forms Support for attorney-client privilege Self-hosted secure forms Email archiving Dedicated customer support	10 GB storage per user Two secure web forms OpenPGP encryption Mobile/desktop access Use your own domain name Dedicated customer support Administrative tools	API access White label solutionAccess control lists Forced TLS encryption Enforced password complexity Email migrations
$49.98 per year	$5.99 – $7.99 per user/month	$9.99 – $29.99 per month	$9.99 per user/month	$9.99 per user/month	Available upon request

3. CounterMail

Though its website looks like it could be hosted on GeoCities, don’t be fooled — CounterMail is one of the leading secure email providers on the market today. Like Hushmail, CounterMail uses OpenPGP standards and, like ProtonMail, it provides complete E2EE. CounterMail only stores encrypted emails in its servers (which are based in Sweden) on CD-ROMs rather than hard disks; these diskless servers make it easier to prevent data leaks.

CounterMail supports IMAP, is Android-compatible, provides SSL server encryption and authentication and MTM protection, enables users to keep their own domain name and is one of the few secure email providers to use USB key dongles for added security. In the future, the developers at CounterMail intend to add an encrypted chat client, password-based encryption, time delayed sending and one-time messages to the service’s feature roster.

CounterMail is available at three subscription levels:

1,000 MB at $29 for six months
2000 MB at $49 for one year
2,000 MB at $79 for two years

CounterMail offers additional space for a one-time fee and a domain option for a $15 one-time setup fee; USB credits are included for free in all premium subscriptions.

4. Tutanota

According to the company’s website, Tutanota is a portmanteau of the Latin words “tuta” and “nota” and means “secure message.” The system lives up to its name, offering E2EE and 2FA. Based in Germany, Tutanota adheres to strict German privacy laws and enables users to send an unlimited number of messages per day, regardless of whether they have the free or premium version.

Compared to the other secure email systems featured on this list thus far, Tutanota uses AES-128 instead of PGP, which has merited some criticism from users. PGP is more secure than AES because it uses both symmetric and asymmetric keys to encrypt data (by comparison, AES only uses symmetric key encryption), which adds an additional layer of security.

Tutanota is available in three tiers:

Free	Premium	Pro
One user 1 GB storage Tutanota domains only Limited	1 GB storage per user Custom domains Unlimited search Five aliases Inbox rules Email support	10 GB storage Custom domains Unlimited search 20 aliases Inbox rules Priority support Custom domain login Custom logo and colors Contract forms (for an additional $22.74)
Free	12 EUR per year + 12 EUR for each additional user	60 EUR per year + 24 EUR for each additional user

5. Mailfence

According to the company’s site, Mailfence was founded in 1999 with the guiding principle that privacy is a right, not a feature. Mailfence stands behind that belief by restricting third-party advertising and marketing tracking and maintaining detailed transparency and warrant canary reports. Because the company is based in Belgium, it isn’t liable to U.S. gag orders or NSLs and its Transport Layer Security (SSL/TSL) certificate doesn’t include any U.S. certification authority in its certification chain.

From a security perspective, Mailfence uses OpenPGP E2EE, SSL/TSL encryption, 2FA, digital signatures and Sender Policy Framework and Domain Keys Identified Mail verification systems to prevent tampering of any kind.

It’s interesting to note that the website also makes a point of saying that “We cannot guarantee that the service is perfect — nothing ever is” — a sentiment some users might find refreshingly honest. To demonstrate its commitment to privacy, Mailfence donates 15 percent of revenue from its Pro plan subscriptions to the Electronic Frontier Foundation and the European Digital Rights Foundation, organizations dedicated to the protection of digital privacy and freedom of speech.

For those interested, Mailfence is available in four tiers:

Free	Entry	Pro	Business
500 MB storage (emails) 500 MB storage (documents) 1,000 events calendars One group Encryption/2FA Email support	5 GB storage (emails) 12 GB storage (documents) 10 aliases 10,000 events calendars Three groups Encryption/2FA Email and telephone support Supports POP, IMPA, SMTP, iOS, Android, Exchange Custom email domain	20 GB storage (emails) 24 GB storage (documents) 50 aliases 50,000 events calendars Five groups Encryption/2FA Priority email and telephone support Supports POP, IMAP, SMTP, iOS, Android Custom email domain	Create business plans according to your needs Encryption/2FA Supports POP, IMAP, SMTP, iOS, Android, Exchange Custom email domain LDAP, API, logo and service name
Free	2.50 EUR per month	8.50 EUR per month	Price available upon request

6. Runbox

Norwegian-based Runbox is somewhat unique in that its parent company, Runbox Solutions, is employee-owned — which means its employees are directly invested in the success of its products and services. This dedication is reflected in Runbox’s top-notch customer service, which consistently receives high marks from users.

In addition to providing excellent customer service, Runbox boasts universal access via Web, IMAP, POP3, SMTP (and more) and complete integration with other email providers, is completely ad-free and enables users to use their existing email address.

Unlike many of its competitors, Runbox doesn’t offer E2EE — instead, Runbox stores all data in a vault, located at its state-of-the-art DigiPlex data center. The DigiPlex data center features conditioned modules above and below ground, electromagnetic protection, fire suppression and on-site 24/7 manned security. Runbox reinforces these security measures with 2FA, SSL encryption intelligent virus and spam filtering systems and custom access control lists.

Runbox users can purchase a main account and additional sub-accounts; there are four storage/pricing options for each main and sub-account, listed below:

Main Account

Features & Cost

Single email account
100 email aliases
Files storage
Ability to purchase additional sub=-accounts
Micro: 1 GB email storage, 110 MB file storage | $19.95 per year
Mini: 5 GB email storage, 500 MB file storage, 5 domains | $34.95 per year
Medium: 10 GB email storage, 1 GB file storage, 10 domains | $49.95 per year
Max: 25 GB email storage, 2 GB file storage, 25 domains | $79.95 per year

Additional Accounts / Sub Accounts

Features & Cost

Micro: 1 GB email storage, 100 MB file storage, 100 MB size per message | $7.95 per year
Mini: 5 GB email storage, 500 MB file storage, 100 MB size per message | $14.95 per year
Medium: 10 GB email storage, 1 GB file storage, 100 MB size per message | $24.95 per year
Max: 25 GB email storage, 2 GB file storage, 100 MB size per message | $29.95 per year

7. Posteo

Eco-conscious consumers, take notice: Posteo’s secure email service is powered entirely by green energy from Greenpeace Energy, a German cooperative that specializes in providing renewable energy.

An emphasis on sustainability isn’t the only thing that makes Posteo stand out: Users have the ability to sign up and make payments anonymously, allowing for an additional layer of privacy. On the security side, Posteo offers TLS-encrypted access and transmission, encrypted hard disks, encrypted mail storage, advanced virus and spam filtering functionality, 2FA and inbound encryption with S/MIME or OpenPGP.

Despite all of its positive qualities, users have criticized Posteo for being less secure than other services included on this list due to its lack of E2EE — something prospective customers should consider before making their decision.

Prices for Posteo are as follows:

Full account (includes two aliases, three calendars): 1 EUR per month
Additional storage: 0.25 EUR per GB/month
Additional alias addresses: 0.10 EUR per month
Additional calendars: 0.10 EUR per month

8. Kolab Now

Swiss-based Kolab Now specializes in providing secure email systems for small-to-medium-sized businesses. Like Posteo, both Kolab Now and its parent company, Kolab Systems, uses green energy to power its systems — specifically a mix of hydroelectricity, solar energy and wind power. In an effort to be transparent with its users, Kolab operates in a Swiss data center without foreign capital, ensures physical control of hardware and builds its software stack without proprietary components.

Despite this purported dedication to transparency, Kolab is surprisingly cagey about its security measures, only sharing that it uses S/MIME and OpenPGP encryption and secures all connections against attackers with Perfect Forward Secrecy. That said, the company does an excellent job of securing its customers privacy data, making it a popular option among users.

A Kolab Now individual account costs $4.42 per month; a group account costs $5.39 per month.

9. LuxSci

Of all the secure email providers included on this list, LuxSci is one of the only ones based in the United States. Understandably, this has warranted some skepticism from prospective customers due to the fact that the U.S.’s privacy laws are relatively lax — but LuxSci holds up under scrutiny. Another key differentiator is LuxSci’s approach to encryption. Rather than install encryption software on servers, LuxSci uses hosted solutions and web portals for encryption. Although effective, some reviews have said that this method “jeopardizes direct navigation and local compatibility.”

LuxSci’s main sell, though, is that it provides secure, HIPAA-compliant email, making it an ideal secure email option for health care organizations. LuxSci’s trademark SecureLine email encryption system enables users to secure emails with either SMTP TLS, PGP, S/MIME or Escrow for E2EE. Escrow, in particular, requires the recipient to verify their identity before they can access the contents of a message via secure web portal, which means users can securely communicate with anyone, regardless which email system they have.

Pricing and version options for LuxSci are listed below:

Shared Business	Shared Enterprise	Dedicated Business	Dedicated Enterprise
HIPAA compliance available U.S. – based 50 users 500 G disk space Multiple firewalls Backups included Single server	HIPPA compliance available US. – based 50 users 500 G disk space Full disk encryption Multiple firewalls Backups included Redundant cluster Ultra-reliable Server isolation	U.S. or custom-based Unlimited users Unlimited disk space Full disk encryption Multiple firewalls Backups included Custom backup/retention schedules Single server Account isolation	U.S. – based Unlimited users Unlimited disk space Full disk encryption Multiple firewalls Backups included Custom backup/retention schedules Redundant cluster Account isolation Ultra-reliable Server isolation
$10 per month starting price \| $40 per month starting price + HIPAA compliance \| $30 per month/100 GB additional disk space	$25 per month starting price \| $55 per month starting price + HIPAA compliance \| $60 per month/100 GB additional disk space	$67.50 per month starting price \| $96.25 per month starting price + HIPAA compliance \| $20 per month/100 GB additional disk space	$407.50 per month starting price \| $436.25 per month starting price + HIPAA compliance \| $40 per month/100 GB additional disk space

10. SCRYPTmail

There’s no such thing as true anonymity on the internet but when it comes to secure emails, SCRYPTmail is as close to anonymous as you can get. Like LuxSci, SCRYPTmail is a U.S.-based system, which means it lacks the privacy protections that certain European-based solutions can provide — however, it more than makes up for that with front-end encryption (information is never sent through the network) and metadata encryption. SCRYPTmail also offers other robust encryption capabilities, such as PGP-standard key exchanges, AES-256 encryption and ANSI passwords.

There are, however, a few peculiarities about SCRYPTmail. As one reviewer noted, SCRYPTmail appears to be a one-man shop. Also, though it boasts “continuous improvement,” the SCRYPTmail website’s progress log was last updated in 2014 — back when the solution was still in beta.

Formerly free, the basic version of SCRYPTmail now runs for $2 per month and the premium version goes for $15 per month.

Provider	Cost	Pros	Cons
Proton Mail	Basic version is free; multi-tiered pricing options run from 5 EUR per month/48 EUR per year to 30 EUR per month/288 EUR per year	Protected by strict Swiss privacy laws Complete E2EE Free version available	Limited storage capacity Expensive to upgrade Poor customer support
Hushmail	Multiple pricing option available, including $49.98 per year for Hushmail Premium or Personal Use and $5.99 per month/user for Hushmail for Small Business	No inbox ads Easy to use Doesn’t require crypto key management	Account is automatically deactivated after three weeks of inactivity Not compatible with MacOS Servers are based in Canada
CounterMail	Multi-tiered pricing options run from $29 for a six-month subscription to $79 for a two-year subscription	Complete E2EE Diskless data server Supports IMAP	Outdated user interface Can’t send encrypted emails to non-users Expensive
Tutanota	Basic version is free; Premium service starts at 12 EUR per year; Pro service starts at 60 EUR per year	Complete E2EE Supports all web browsers No inbox ads	Outdated user interface Uses AES-128 encryption Only supports plain-text formatting
Mailfence	Basic version is free; Entry service available for 2.50 EUR per month; Pro service available for 7.50 EUR per month	Protected by strict Belgian privacy laws No inbox ads Supports IMAP/POP	Limited storage space No dedicated mobile apps No proper alias management system
Runbox	Multi-tiered pricing options run from $19.95 per year to $79.95 per year; additional accounts and account upgrades cost extra	Protected by strict Norwegian privacy laws 24/7 live support Integrates with Outlook, Opera Mail, Gmail, Yahoo Mail, Apple Mail, etc.	Limited storage space Outdated user interface Does not provide E2EE
Posteo	1 EUR per month; additional storage available at 0.25 EUR per GB/month	Green-based email system AES-256 encryption No inbox ads	Does not provide E2EE Less secure than other services Poor customer service
Kolab Now	Individual accounts start at $4.42 per month; Group Manager accounts start at $5.39 per month	Protected by strict Swiss privacy Robust feature set Open source	Does not provide E2EE Unknown security systems
LuxSci	Multi-tiered pricing options run from $10 per month to $436.25 per month	HIPAA-compliant Complete E2EE Highly customizable	Servers are U.S.-based Issues with direct navigation and local compatibility Does not integrate well with established business apps
SCRYPTmail	Basic plan for $2 per month; premium plan for $15 per month	Complete E2EE AES-256 encryption No third-party server scripts	Doesn’t support IMAP or SMTP No multi-language interface Servers are U.S.-based

Privacy and security are just as important when archiving emails as they are when sending them — in addition to a secure email provider, you need a secure archiving system. Hosted email archiving security can safeguard your electronic communications — and any sensitive information contained within — against cyberattacks and data breaches. Intradyn specializes in providing secure email archiving services, so you can ensure that your email data is kept away from prying eyes. To learn more about our email archiving services, contact us today.

Adnan Olia

As the chief operating officer and co-founder of Intradyn, Adnan brings 20+ years of experience in the email retention and archiving space to shape Intradyn’s archiving solutions. As COO, Adnan oversees the company’s financial and human resources operations and takes the lead in managing the original equipment manufacturer relationship. Adnan provides wide-ranging oversight of Intradyn’s day-to-day operations to drive greater operational efficiency and grow the company’s global capabilities.

Along with his business partner, Adnan successfully spun out Intradyn’s archiving business from Mirapoint Software Inc., where he held the position of vice president. Mirapoint Software was primarily focused on archiving solutions for program offices, customer support, corporate infrastructure and the supply chain. Prior to that, Adnan managed complex Internet Channel group projects at eFunds Corporation (now Fidelity National Information Services).

Adnan holds a Bachelor of Science degree from Minnesota State University and a Master of Business Administration in IT and Finance from the University of St. Thomas.

Email Policy Template

Download our template to help write your own retention policy.

Get The Template Now