Email encryption

Web based email encryption services

NeoMailBox: Supports OpenPGP encryption and digital signatures, it will hide your IP on the headers and you can choose to host your email in the US or Switzerland.

4SecureMail: Support for wemail PGP encryption and signing, all emails get scanned with a ICSA-Certified antivirus, your computer IP is hidden and not forwarded with the messages.

AnonymousSpeech: PGP email encryption supported, IP is hidden in the headers, the servers are located outside the US and Europe, guarantee not to reply to correspondence of foreign Governments.

Countermail: Supports OpenPGP encryption and digital signatures for webmail, it also hides your IP on the headers, servers located in Sweden.

HushMail: Web based support for PGP encryped email and digital signatures, computer IP hidden in the headers, company headquarters based in Canada.

Cryptoheaven: It uses its own encrypted servers instead of OpenPGP, the other user will need to have a CryptoHeaven email address too for the email messages to remain encrypted end to end.

S-Mail: PGP email encryption and digital signatures support.

SecureNym: Public/private key email encryption and digital signatures support.

Safe-Mail: It supports PGP email encryption and digital signatures as well as using of digital certificates for sending encrypted messages using the web interface. Safe-Mail DOES NOT  hide your computer IP on the headers.

KeptPrivate: All of your email messages are kept encrypted in their servers using the Blowfish algorithm, no support for PGP, the person you are emailing to will need a KeptPrivate email account too in order to sent emails encrypted.

Novo Ordo: Their webmail interface supports server side GPG/PGP message encryption, their servers are located outside the US and email stored in the host resides on special partitions encrypted using Truecrypt.

E-mail clients supporting OpenPGP encryption

Claws Mail: Claws Mail supports GnuPG email encryption and decryption installing the GPG plugin. This is a multi platform email client, it works in Windows and Linux.

The Bat!: Premium email client that allows PGP email encryption, spam filtering and scripting.

Sylpheed: Open source multi platform email client and newsgroup reader supporting GnuPG email encryption.

Thunderbird: To use GnuPG email encryption with Thunderbird you will need to add the free Enigmail plugin.

Pegasus Mail: Free Email client for Windows, you will need to download one of its Pegasus PGP plugins for email encryption.

Software to encrypt emails using GPG/PGP

PGP Desktop Email: Paid for business oriented application to encrypt all outgoing email communications with PGP.

Safester: Propietary mail client using OpenPGP, this tool lets you exchange encrypted messages with other users of the same software and invite non users.

ArticSoft: Premium OpenPGP encryption and digital signature software to encrypt emails and files.

GPG4Win: Windows GnuPG software for email and file encryption, you will need gnupg to make it work, this comes included in the package.

GnuPG: GnuPG, also known as GPG, is a command line tool for GPG encryption, you will need a front end GUI unless you are willing to use command line from C: to encrypt your emails.

Email encryption GnuPG

Email encryption GnuPG

 GnuPG GUI front ends: 

Note: Software below is only a graphical user interface, aka GUI, you will need to install GnuPG first, a command line GPG encryption software, these front ends will provide you with way to encrypt and decrypt emails using your mouse, ie point and click.

GPGShell: Windows graphical interface for GnuPG, you will need to install gnupg too.

GnuPGK: GnuPG Frontend GUI compatible with PGP.

Cryptophane: Windows application that works with GnuPG, Cryptophane serves of gnupg graphical interface to avoid having to use the command line interface.

GNU Privacy Assistant GPA:  A graphical user interface to use GnuPG, GPA works in various platforms.

PGP public Key servers list

Note that you only need to upload your public key to one of the servers and it will propagate to all the others, also note that all of the PGP/GnuPG encryption software comes with some predefined keyservers where to get encryption keys from.

Alternative to email encryption

Lockbin: Web application to send private email messages and files, use of AES256 symmetric encryption to secure your messages in the server with the site sending a link to your contact who will need to know the password beforehand. Online service to send encrypted messages to other users, able to create shared workspaces with folders where to invite other people to work collectively in a secure environment using client side encryption.

 SendInc: Fast and free way to send encrypted email through a web form, the site is secured with SSL. A paid for version gives you extra features like more space and big attachments.

Note: The services above will log your computer IP when you send an email, the IP might not be included in the message header but it can be recovered from the server logs in case of abuse.

9 thoughts on “Email encryption

  1. What, in your opinion the best paid for email service to use for a personal account? I am using GMail but just don’t truth the company anymore, even though they’re not getting any any ad money off me because of my filtering/blocking.

    I can use GnuPG, and have no secrets in my mail, but just want to be sure the US govt. cannot get to my stuff.

  2. I would not trust anyone with my encryption keys I would still use my own GPG keys, the only reason why I would want to use a paid for email service is if they protected stored emails from noisy third parties and regularly erased the logs, Countermail and Anonymous Speech both look good to me and are outside the US.


  3. as the nsa wiretaps on the tier1 devices and has computing capabilities to crack enrypted files there is no need for this anymore.

  4. Anonymousspeech is a good email service, but some of its claims don’t seem to hold up. For starters, it has a tendency to abruptly go offline for a couple of days at a time for “network issues” or “server migration.”

    More critically, it is NOT truly offshore and outside USA jurisdiction. During its last outage, its url redirected to its server default page, revealing that it’s actually hosted by “Server Intellect,” a USA-based company located in Florida! Does that sound “offshore” to you? And when we (several paid users) wrote to the company to ask for an explanation, we each got generic replies that avoided any response to this appalling security issue. Also, its server runs on Windows, not linux–another safety vulnerability.

    Last but not least, inquiries to its forums have to pass moderators before being posted. NONE of the (fair and deserved) questions about these HUGE gaping safety holes have ever been posted and answered; they’re just deleted.

    Beware; this company has had the curtain pulled back on its servers, and until they address these issues they’re not as safe as claimed! Claiming that they use a Panama-based host when their last outage “outed” them as using a USA-based host is a pretty severe blow to their credibility. And since you have to pay for features they turn out to not actually have, this is a BIG deal.

  5. Since Lavabit was shutdown last week, I personally switched over to non-USA based encrypted email SaluSafe

    Its also worth mentioning that Silent Circle destroyed its secure messaging service!

  6. Hello Freddy,

    I see from SaluSafe “About” page that they have links to CryptoHeaven in Canada. They are already on the list so I will not be adding them again under a different name.

    And Silent Circle email suspension has been announced as temporary.


  7. supports PGP (but you should use that locally once you’re familiar with it), Hides your source IP, Hides your From address in remote server logs (Metadata Mitigator), and has a TOR accessible site –

    PFS is supported in some scenarios, but not all, -yet- due to backwards compatibility requirements – see to test/verify any site.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>