A few weeks ago I wrote an article about Regaining Your Online Privacy where I discussed various tools and services you can use to ensure your sensitive information remains confidential and protected. In the article I mentioned several e-mail providers known for their privacy and security measures. One such provider is Mailfence. Incidentally, I have been using their service for nearly two months and felt their service worthy of an in-depth review. As you will read in my post about regaining one’s online privacy, I barely scratched the surface on Mailfence as a product & company, who have engineered an e-mail platform to be reckoned with.
Who Should Use Mailfence, and Why?
Simply put: Everyone. Everyone should be using Mailfence, even if you aren’t planning to use it’s advanced encryption features.
Mailfence doesn’t sell your information for advertising purposes, nor do they casually release it to third parties without valid documentation and court orders. Mailfence isn’t only for the security minded or the paranoid. In fact, they offer a number of features their competitors do not, such as a calendar and document storage, as well as group/team features, such as shared document storage and encrypted chat, which make it perfect for families and businesses. In addition to secure servers and mail storage, Mailfence offers an excellent user interface called Crystal, and of course, uncompromised, simplified digital signature and encryption features.
Who is Mailfence?
Mailfence is the brainchild of a Belgium-based company called ContactOffice. Since 1999, ContactOffice has provided a custom designed e-mail platform which they market to businesses and educational institutions. Their ContactOffice product is a complete groupware solution with more features than Mailfence, even. Sidenote: That’s to be expected. ContactOffice is marketed towards a different market segment than Mailfence.
Mailfence was created following the Snowden Revelations. The creators and staff behind Mailfence believe that users have an absolute and irrevocable right to internet privacy, as such, during the 15 years of ContactOffice and now Mailfence’s operation, they have never subjected users to advertising or commercialized their customer databases or proprietary customer information. They believe the tracking and profiling many people encounter across the Internet is obscene and unacceptable breaches of privacy.
Before we delve into what many may consider the ‘standard feature-set’ of a webmail service, let’s review some of the the security aspects Mailfence has integrated to protect you and your contacts.
First, Mailfence offers interoperable end to end encryption services which give the user full control. Mailfence have based their encryption technology on open standards, namely OpenPGP , making it easy to integrate with solutions other users may be using.
So, what are OpenPGP?
If you’re unfamiliar with security and encryption, don’t worry – you aren’t alone. I’m no expert on the subject either. PGP, or, Pretty Good Privacy, is a method of encryption data for the purposes of communications, such as e-mail. It was created in the early 90s by Phil Zimmermann, creator of Silent Circle. OpenPGP is the result of a dispute within the PGP Inc corporation over (possible) patent issues. Several years after the introduction of PGP, PGP Inc proposed to IETF, the Internet Engineering Task Force, requesting they be allowed to form their own standard referred to as OpenPGP. This was granted in 1997 and the project has carried on since. For you geeks, Mailfence is utilizing the variant of OpenPGP in RFC 4880.
How does it work?
Mailfence’s implementation of OpenPGP security is quite simple. Unlike other secure e-mail providers, ahem – ProtonMail, they allow you to import your existing PGP Keys, should you have them. This allows users to make the switch to Mailfence with ease, instead of having to update their keystores. With OpenPGP, each user has 2 keys. In this context, a key is essentially a password. One of these keys is the “public key” and the other is the “private key”. OpenPGP is designed for you to share your public key with anyone you wish, while your private key remains secret to you. If you send a message to a friend using your public key, they would use their private key to decrypt the message. Private/Public Keys are also useful in sending messages as they help digitally sign your message, ensuring to the recipient you are truly the one who sent this message. as your private key is required to sign before being sent.
Confused? Don’t worry, it’s really quite simple.
Let’s say you are logged into Mailfence, and have setup your public/private keys, and wish to send me an e-mail. When you compose a new message, your send button will have 3 options:
- Send, which sends an unencrypted and unsigned message.
- Sign and Send, which attaches your digital signature/public key to the message, but is unencrypted.
- Sign, Encrypt, and Send, which digitally signs and encrypts the message.
If you opt for the 3rd option – to Sign & Encrypt, you will be prompted for your private key passphrase. Assuming you have my Public Key in your “keystore”, the message will be sent.
You’re probably thinking this is complicated. If you’ve never used security features like this before, yes, it is quite complicated, as it’s very different than sending mail. For this to be successful, you would need to have the public keys of everyone you e-mail imported in your keystore.
What is a keystore?
If you’ve ever used a password manager, a keystore is similar. It’s a Rolodex of the public keys your contacts use. Keyphrases, whether public or private, are often long and full of random alphanumeric characters. They are nearly impossible to remember. A keystore keeps them organized and makes it easy to sign and encrypt mail you send.
Do I have to encrypt?
No. And for the most part, though I use an encrypted mail service, I don’t. Many of the people I e-mail are not familiar with this, and bringing them up to speed is an arduous task. I mostly sign my e-mails to provide a little relief to recipients that the message really came from me. But even signing isn’t required. You can still send/receive e-mail without the glitz and glamour of encryption and digital signatures.
Mailfence has designed their application to give the user freedom to choose. They have also made it incredibly easy to sign or sign & encrypt e-mails, as well as maintain a keystore. Perhaps more so than their contemporaries, which is the intent of Mailfence’s creators. For example, Hushmail, another encrypted e-mail service, uses an externally located keystore which increase the chance of messages signed with your public key with someone elses, which is bad verification and a security risk.
Can Mailfence intercept or read my mail? What about keystroke logging? Is it open sourced?
Someone asked me these questions just the other day. The answer is no. Mailfence cannot see into your mailbox. It is encrypted, and only you have the keys (passwords) to unlock it. While Mailfence does not guarantee anonymity for those who use their service for nefarious purposes (i.e. account termination; banishment), they are only able to see the information below:
- Date/Time the account was created
- IP address used to create the account
- How many e-mails, calendar items, contacts, documents are in the account
Regarding keystroke logging, this is something that is theoretically possible through the use of various scripts (albeit devious ones) running in the background of the webmail application or possibly your browser. However, the webmail uses scripting which does not submit meta-data or information in cleartext to the Mailfence server, eliminating the ability for sophisticated packet sniffers (applications which eavesdrop on your internet traffic) to intercept your mail. In addition, their cryptography application is Open Source and has been audited by a security penetration testing company, Cure53.
Interestingly, things like basic UI changes (for example) take a backseat to security at Mailfence. They are passionate about what they do and fight for the right to privacy for themselves and their users. Security is of the highest importance at Mailfence, a bright light in the otherwise dim world of commercialized e-mail providers.
With Mailfence’s end-to-end encryption solution, users can generate and manage their own crypto keys, digitally sign their e-mail, and digitally sign & encrypt their e-mail – a feature unique in this marketspace. By using a decentralized model, they are carrying the true essence of OpenPGP, something encryption purists will fancy, no doubt. Their solution is not proprietary, and allows you to communicate with any other OpenPGP or S/MIME based platform, for inbound messages. Perfect for those like me, who do not use webmail and instead prefer to send/receive mail, manage calendars and contacts from iOS or Outlook.
Unfortunately my use of Mailfence’s service came to an end as this review was being written. My decision to discontinue use of the service is not a reflection upon their customer service/technical support, service quality, or privacy/security issues. In fact, I still refer people to the service when they inquire about secure e-mail. My decision to no longer use the service as my primary e-mail account is because they don’t support S/MIME.
S/MIME, in brief, is a type of signing used by popular e-mail clients such as Outlook which allows the sender of a message to digitally sign without having to use encryption. This signature enables the recipient to have peace of mind the e-mail was sent by the person on the other end. It is a feature I use, and unfortunately one Mailfence doesn’t support (yet). The majority of people don’t use S/MIME in a home or small office environment, as it’s normally found in corporate environments where staff use it for sending/receiving e-mail, but also the signing of documents and spreadsheets to keep a log of exactly who modified what, and when.
Summarily, Mailfence has an excellent product and is truly innovating secure e-mail by making it easy for the average individual to understand and not be hindered by complicated security software. Their webmail interface is stunning, responsive, and easy to use. And there are real people behind the product, not a helpdesk with a fancy ticketing system and a different person replying each time. Though I have downgraded my account to a free tier, I still use the service when I need to e-mail something with a higher level of security, and will continue to do so.
If anyone has any questions, feel free to let me know!