Mailbox.org

Last updated
Mailbox.org
Mailbox.org - Logo RGB.svg
Available in English, German
Headquarters Berlin,
Germany
OwnerHeinlein Support GmbH [1]
URL mailbox.org
CommercialYes
RegistrationRequired
Launched2014;10 years ago (2014)
Current statusOnline

mailbox.org is an encrypted email service provider based in Germany. [2] The encryption system uses PGP like most other encrypted email providers. It also features address books, calendars, video conferencing, online office and tasks management. It competes against Microsoft 365 and Google Workspace as a German based provider. Its target customers include private, business, school and public authorities. [3]

Contents

History

In the wake of Snowden leaks, mailbox was started as a self-funded email provider in 2014 with aim to increase data protection and privacy. [4] [5] [6] Mailbox had been around in different forms since 1990. Mailbox's root lay in political provider JPBerlin since 1989. [7]

Since 2016, Mailbox.org has offered a Tor exit node for anonymizing connection data. [8] If Mailbox.org's services are accessed via the Tor anonymization network and the Tor exit server, Mailbox.org no longer logs IP addresses that would be suitable for data retention. [9] [10]

In January 2021, Berlin education department announced in press release to provide accounts for data-secure service emails for all of its approximately 33,000 Berlin public school teachers by the end of the year through a collaboration with mailbox.org. [11] But in December 2022, Berlin schools were again planned to convert from mailbox email to Microsoft exchange emails as reported by Der Tagesspiegel. [12]

Features

Pricing

Mailbox.org's basic offers 3 plans: light, standard and premium. Light is $1/month/user for 2 GB of email storage and 3 alias address. Standard is $3/month/user for 10 GB email storage, 2 GB drive storage and 25 mailbox alias and 50 custom domain email alias. The premium option gives 25 GB email storage, 5 GB cloud storage and 250 alias address to a custom domain as well as 25 mailbox alias address as well as priority email and telephone support. [6]

Security

Mailbox uses PGP encryption. Mailbox.org has received IT Security label from German federal office for Information Security. [13] Mailbox has a dedicated Tor Exit Node with an onion service address. [14]

Mailbox.org developed various new approaches to protect user data: for example, the provider was the first to introduce the option of subsequently encrypting all incoming e-mails with the user's public PGP key, thus providing special protection against access by third parties should the mailbox password be lost or compromised. [15]

When using the webmail offer, it is possible to encrypt and also decrypt one's e-mails using PGP without special client software (e-mail program with any plug-ins that may be required), without necessarily using a browser extension such as Mailvelope. Keys and the encryption process take place outside the user's sphere of influence on mailbox.org's servers, which, however, contradicts the principle of end-to-end encryption. However, according to Peer Heinlein, CEO of mailbox.org, the private keys are stored on the servers at all times with a password known only to the user, so they cannot be viewed by administrators. [16] In addition, this avoids the need to store private PGP keys on end devices that are perceived as insecure.

Video conferencing

The video conference service offered is based on open source OpenTalk software. [17] [18]

Others

Mailbox also has XMPP server for its users. [19] It also offers address books, calendars and online office. The office suit includes online word processor and spreadsheet. [17]

Transparency

Mailbox publishes annual report of the number of information request it received from various governments. [20]

Related Research Articles

<span class="mw-page-title-main">Email client</span> Computer program used to access and manage a users email

An email client, email reader or, more formally, message user agent (MUA) or mail user agent is a computer program used to access and manage a user's email.

<span class="mw-page-title-main">Mozilla Thunderbird</span> Free and open-source email client by Mozilla

Mozilla Thunderbird is a free and open-source email client software which also functions as a full personal information manager with a calendar and contactbook, as well as an RSS feed reader, chat client (IRC/XMPP/Matrix), and news client. Available cross-platform, it is operated by the Mozilla Foundation's subsidiary MZLA Technologies Corporation. Thunderbird is an independent, community-driven project that is managed and overseen by the Thunderbird Council, which is elected by the Thunderbird Community. The project strategy was originally modeled after that of Mozilla's Firefox Web browser and is an interface built on top of that Web browser.

An email address identifies an email box to which messages are delivered. While early messaging systems used a variety of formats for addressing, today, email addresses follow a set of specific rules originally standardized by the Internet Engineering Task Force (IETF) in the 1980s, and updated by RFC 5322 and 6854. The term email address in this article refers to just the addr-spec in Section 3.4 of RFC 5322. The RFC defines address more broadly as either a mailbox or group. A mailbox value can be either a name-addr, which contains a display-name and addr-spec, or the more common addr-spec alone.

Hushmail is an encrypted proprietary web-based email service offering PGP-encrypted e-mail and vanity domain service. Hushmail uses OpenPGP standards. If public encryption keys are available to both recipient and sender, Hushmail can convey authenticated, encrypted messages in both directions. For recipients for whom no public key is available, Hushmail will allow a message to be encrypted by a password and stored for pickup by the recipient, or the message can be sent in cleartext. In July 2016, the company launched an iOS app that offers end-to-end encryption and full integration with the webmail settings. The company is located in Vancouver, British Columbia, Canada.

<span class="mw-page-title-main">Onion routing</span> Technique for anonymous communication over a computer network

Onion routing is a technique for anonymous communication over a computer network. In an onion network, messages are encapsulated in layers of encryption, analogous to the layers of an onion. The encrypted data is transmitted through a series of network nodes called "onion routers," each of which "peels" away a single layer, revealing the data's next destination. When the final layer is decrypted, the message arrives at its destination. The sender remains anonymous because each intermediary knows only the location of the immediately preceding and following nodes. While onion routing provides a high level of security and anonymity, there are methods to break the anonymity of this technique, such as timing analysis.

S/MIME is a standard for public-key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFC 8551. It was originally developed by RSA Data Security, and the original specification used the IETF MIME specification with the de facto industry standard PKCS #7 secure message format. Change control to S/MIME has since been vested in the IETF, and the specification is now layered on Cryptographic Message Syntax (CMS), an IETF specification that is identical in most respects with PKCS #7. S/MIME functionality is built into the majority of modern email software and interoperates between them. Since it is built on CMS, MIME can also hold an advanced digital signature.

Disposable email addressing, also known as DEA, dark mail or masked email, refers to an approach that involves using a unique email address for every contact or entity, or for a limited number of times or uses. The benefit is that if anyone compromises the address or utilizes it in connection with email abuse, the address owner can easily cancel it without affecting any of their other contacts.

The Internet Messaging Program or IMP is a webmail client. It can be used to access e-mail stored on an IMAP server. IMP is written in PHP and a component of the collaborative software suite Horde.

The following tables compare general and technical information for a number of notable webmail providers who offer a web interface in English.

Email forwarding generically refers to the operation of re-sending a previously delivered email to an email address to one or more different email addresses.

Email encryption is encryption of email messages to protect the content from being read by entities other than the intended recipients. Email encryption may also include authentication.

A mailbox is the destination to which electronic mail messages are delivered. It is the equivalent of a letter box in the postal system.

mail.com is a web portal and web-based email service provider owned by the internet company 1&1 Mail & Media Inc., headquartered in Philadelphia, Pennsylvania, United States. 1&1 Mail & Media Inc. is a subsidiary of United Internet Group, a publicly listed internet services company based in Montabaur, Germany.

De-MailGerman pronunciation:[deːˈeːmɛɪ̯l] is a German e-government communications service that makes it possible to exchange legal electronic documents between citizens, agencies, and businesses over the Internet. The project was originally called Bürgerportal and has been implemented by the German government in cooperation with private business partners in an effort to reduce the communication costs of public administration and companies.

<span class="mw-page-title-main">Proton Mail</span> End-to-end encrypted email service

Proton Mail is a Swiss end-to-end encrypted email service founded in 2013 headquartered in Plan-les-Ouates, Switzerland. It uses client-side encryption to protect email content and user data before they are sent to Proton Mail servers, unlike other common email providers such as Gmail and Outlook.com. The service can be accessed through a webmail client, the Tor network, Windows, macOS and Linux (beta) desktop apps and iOS and Android apps.

<span class="mw-page-title-main">SIGAINT</span>

SIGAINT was a Tor hidden service offering secure email services. According to its FAQ page, its web interface used SquirrelMail which does not rely on JavaScript. Passwords couldn't be recovered. Users received two addresses per inbox: one at sigaint.org for receiving clearnet emails and the other at its .onion address only for receiving emails sent from other Tor-enabled email services. Free accounts had 50 MB of storage space and expired after one year of inactivity. Upgraded accounts had access to POP3, IMAP, SMTP, larger size limits, full disk encryption, and never expired.

<span class="mw-page-title-main">Mailfence</span> Encrypted email service

Mailfence is secure encrypted email service that offers OpenPGP based end-to-end encryption and digital signatures. It was launched in November 2013 by Belgium-based company ContactOffice Group that has been operating an online collaboration suite since 1999.

Autocrypt is a cryptographic protocol for email clients aiming to simplify key exchange and enabling encryption. Version 1.0 of the Autocrypt specification was released in December 2017 and makes no attempt to protect against MITM attacks. It is implemented on top of OpenPGP replacing its complex key management by fully automated exchange of cryptographic keys between peers.

A virtual private network (VPN) service provides a proxy server to help users bypass Internet censorship such as geo-blocking and users who want to protect their communications against data profiling or MitM attacks on hostile networks.

References

  1. "Linux höchstpersönlich. | Heinlein Support GmbH". www.heinlein-support.de (in German). Retrieved 2024-06-07.
  2. Brinkmann, Martin (Feb 24, 2014). "Mailbox.org: German email provider offering full inbox encryption". Archived from the original on 2023-07-27. Retrieved 2023-07-27.
  3. Huber, Mathias (2014-02-21). "Mailbox.org: Heinlein startet modernisiertes Mail-Angebot". Linux-Magazin (in German). Archived from the original on 2023-07-27. Retrieved 2023-07-27.
  4. Sobiraj, Lars (2021-03-19). "mailbox.org entstand wegen Edward Snowden: Peer Heinlein im Gespräch". Tarnkappe.info (in German). Archived from the original on 2023-07-27. Retrieved 2023-07-27.
  5. "About mailbox.org - Our team, our history, our mission | mailbox.org". mailbox.org. Archived from the original on 2023-06-28. Retrieved 2023-07-27.
  6. 1 2 updated, Desire Athow last (2020-11-11). "Mailbox.org secure email review". TechRadar. Archived from the original on 2023-07-27. Retrieved 2023-07-27.
  7. dmon. "Das sichere E-Mail-Postfach für 1 €/Monat". JPBerlin - Politischer Provider (in German). Archived from the original on 2023-07-27. Retrieved 2023-07-27.
  8. "Tor Good Exit Nodes". www.privacy-handbuch.de. Archived from the original on 2023-07-27. Retrieved 2023-07-27.
  9. professional, com!. "Mailbox.org betreibt eigenen Tor Exit Node". com! - Das Computer-Magazin (in German). Archived from the original on 2023-07-27. Retrieved 2023-07-27.
  10. online, heise (2016-02-04). "Mailbox.org betreibt Tor-Exit-Node". Security (in German). Archived from the original on 2023-07-27. Retrieved 2023-07-27.
  11. "Datensichere Dienstmails für Lehrkräfte kommen: Die Testphase läuft bereits". www.berlin.de (in German). 2021-01-19. Archived from the original on 2023-07-27. Retrieved 2023-07-27.
  12. "Anbieterwechsel empört Abgeordnete: Berlins Lehrkräfte bekommen neue Mail-Adressen". Der Tagesspiegel Online (in German). ISSN   1865-2263. Archived from the original on 2023-07-27. Retrieved 2023-07-27.
  13. "Secure e-mail for private and business customers | mailbox.org". mailbox.org. Archived from the original on 2023-07-25. Retrieved 2023-07-27.
  14. "Security features & encryption | mailbox.org". mailbox.org. Archived from the original on 2023-07-10. Retrieved 2023-07-27.
  15. "Stiftfilm: Das verschlüsselte Postfach | mailbox.org – Ihr sicherer E-Mail-Anbieter". 2015-11-17. Archived from the original on 2015-11-17. Retrieved 2023-07-27.
  16. "Holger Bleich: Webmail mit PGP bei Mailbox.org". Archived from the original on 2022-04-22. Retrieved 2023-07-27.
  17. 1 2 "Our product: Secure e-mail and more | mailbox.org". mailbox.org. Archived from the original on 2023-08-21. Retrieved 2023-07-27.
  18. "OpenTalk · GitLab". GitLab. Archived from the original on 2023-08-19. Retrieved 2023-08-19.
  19. "Golem.de: IT-News für Profis". www.golem.de. Archived from the original on 2023-07-27. Retrieved 2023-07-27.
  20. "About mailbox.org - Our team, our history, our mission | mailbox.org". mailbox.org. Archived from the original on 2023-06-28. Retrieved 2023-07-27.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.