Last Updated on February 4, 2026 by DarkNet
This review breaks down how Mailfence approaches secure email and a lightweight productivity suite, what it does well, where it trades off, and how it compares to Proton and Tutanota.
Mailfence is a privacy-focused email service based in Belgium that integrates OpenPGP encryption, calendar, contacts, and documents. It aims to strike a balance between standards-based interoperability and practical usability for everyday communication and light collaboration.
What is Mailfence and who is it for
Mailfence is a secure email and productivity suite that centers on OpenPGP-based end-to-end encryption for content, plus TLS for transport. It includes webmail, contacts, calendar, groups, and document storage. The service focuses on standards and compatibility rather than a fully closed ecosystem, which makes it attractive for users who need to interoperate with traditional email clients or exchange PGP messages with people outside the same provider.
Intended users and threat models
Mailfence fits individuals, small teams, journalists, privacy enthusiasts, and developers who value:
- OpenPGP compatibility with users on other providers.
- Custom domains and IMAP or SMTP access for traditional workflows.
- Minimal learning curve compared to full DIY PGP setups.
If your threat model includes nation-state monitoring of metadata, or if you require provider-side deniability or advanced anonymous account creation, you will still face the fundamental limits of email. Encrypted content helps, but email metadata remains exposed. Consider compartmentalization and using privacy-preserving network layers separately and legally when appropriate.
What Mailfence is not
Mailfence is not a drop-in replacement for fully anonymous messaging or for systems that hide metadata. It is also not a closed system that encrypts everything by default with proprietary mechanisms. It aims to stay compatible with open standards and traditional clients, which is a strength for interoperability but a compromise for metadata minimization.
Security and encryption model
OpenPGP content encryption
Mailfence implements OpenPGP for end-to-end encryption and digital signatures. You can generate keys, import your existing keys, and manage contacts with public keys. When both parties use OpenPGP and have exchanged keys, message content can be encrypted end-to-end. This protects the body and attachments from the provider and network observers, assuming your keys are handled safely and endpoints are secure.
For background, see the OpenPGP message format specification in RFC 4880 from the IETF: rfc-editor.org. OpenPGP is widely supported in the email ecosystem, which helps Mailfence interoperate with non-Mailfence users and legacy clients.
Key management and identity
Key management happens in the web interface. You can verify fingerprints, sign keys to express trust, and export or back up your private key material. Good hygiene matters: protect your private key with a strong passphrase, store backups offline, and verify public key fingerprints out of band when possible.
Transport security, TLS, and DKIM
Mailfence uses TLS for server-to-server and client-to-server transport when supported by the other party. This prevents passive interception in transit. Standard email security such as SPF, DKIM, and DMARC can help with spoofing resistance and deliverability, especially when using custom domains. These mechanisms do not encrypt content by themselves but reduce phishing and impersonation risk.
Two-factor authentication and account security
The service supports two-factor authentication to reduce account takeover risk. Options typically include TOTP apps. You should enable 2FA, store recovery codes, and regularly review active sessions and authorized devices.
Limits of email security: what is not hidden
Email is not a metadata-hiding protocol. Even with OpenPGP, headers, sender and recipient, and timing remain visible. Subject lines are often exposed unless you use specific protected headers approaches with compatible clients. Attachments are protected when encrypted, but filenames may leak if not wrapped in the encrypted payload by the sender. If your threat model is metadata sensitive, consider whether email is suitable for that communication at all, and compartmentalize accordingly.
Privacy model and data handling
Jurisdiction and policy
Mailfence is based in Belgium. Jurisdiction influences how lawful requests are processed and which protections or obligations apply. Review the provider privacy policy and transparency information to understand data handling and retention. See Mailfence policy pages for details: mailfence.com. Statements about data handling are policy claims and may change, so always verify current terms.
Metadata and logging reality check
Regardless of provider, email metadata exists. Providers typically retain logs for operational and security reasons as described in their policies. End-to-end content encryption does not remove metadata. If an adversary cares primarily about who contacted whom and when, email alone may not meet your goals.
Threat model alignment
If your risk profile involves account compromise, phishing, or routine ISP surveillance, Mailfence combined with OpenPGP, strong authentication, and safe device practices can be a significant improvement over traditional unencrypted email. If your adversary targets metadata patterns or account linkage, supplement with compartmentalization strategies and use legal, privacy-respecting network hygiene.
Productivity suite features beyond email
Calendar, contacts, and groups
Mailfence integrates contacts and calendar with sharing and group features. This helps small teams coordinate without leaving the environment. Contact management ties into PGP key handling, making it easier to keep identities and keys aligned.
Documents and file handling
The documents area provides simple storage and sharing. It is not a full office suite replacement, but it is sufficient for lightweight workflows and keeping attachments organized. For sensitive materials, consider encrypting files with OpenPGP or other tools before upload to maintain end-to-end control.
Secure messaging with non PGP recipients
Mailfence supports sending protected messages to recipients who do not use PGP by sharing a secure link protected by a secret or passphrase. This is convenient but involves tradeoffs. The recipient experience depends on the shared secret channel and their device security. It is not the same assurance as exchanging OpenPGP keys and verifying fingerprints.
Usability, setup, and interoperability
Web app workflow
The web interface is the primary way to manage PGP keys, encrypt and sign messages, and handle calendar and contacts. The UI aims to keep encryption flows visible without overwhelming new users. Key verification still requires user attention, especially when first establishing secure communication with a contact.
IMAP, SMTP, and POP
Mailfence supports standard IMAP, SMTP, and often POP access for compatibility with desktop and mobile clients. Using external clients for PGP typically requires separate plugins or native PGP support on that client. Remember that messages sent or received without PGP will be accessible to the provider as clear text on the server side. End-to-end guarantees apply only when you encrypt with your keys end to end.
Mobile and desktop clients
You can access Mailfence through the mobile web app or via IMAP in third-party clients. If you want PGP on mobile or desktop clients, consider apps with built-in OpenPGP support or add-ons that support key management and signing. The more places your private key lives, the greater your exposure, so keep the number of devices limited and secured.
Migration and portability
Mailfence supports custom domains and standard protocols, which eases migration to or from other providers. You can export mail via IMAP and export your OpenPGP keys. Key portability is a plus of OpenPGP, but handle exports carefully and keep backups offline.
Pricing and plans
Free tier and limits
Mailfence offers a free tier with reduced storage and features designed for personal use and testing. Free tiers typically limit storage, custom domain use, and advanced features. Check current limits on the official site, as plans can change.
Paid plans and custom domains
Paid tiers increase storage, add multiple aliases, support custom domains, and expand suite capabilities. The service positions itself as affordable compared to enterprise suites and competitive with other privacy-first providers. Prices and quotas evolve, so always verify on the provider site before committing.
Value considerations
Value depends on your needs. If you require custom domains, standards-based interop, and built-in PGP without a bridge app, Mailfence offers a pragmatic package. If you want the strongest metadata minimization or a closed encrypted ecosystem, you might prefer a different tradeoff.
Pros and cons
Pros
- Standards-based OpenPGP with key management built into the web app.
- Interoperable with non-Mailfence users and traditional email clients.
- Supports IMAP and SMTP, plus custom domains for flexible workflows.
- Integrated suite: contacts, calendar, groups, and documents.
- Two-factor authentication and standard anti-phishing controls.
- Reasonable learning curve for users new to PGP compared to DIY setups.
- Portability of keys and mail, which helps with vendor independence.
Cons
- Email metadata remains exposed by design of the protocol.
- PGP key verification still requires user attention and process discipline.
- Using external clients for PGP adds complexity and key sprawl risks.
- Not a closed ecosystem that auto-encrypts everything by default.
- Free tier storage and features are limited.
- Secure link messages to non PGP users depend on the shared secret channel.
How Mailfence compares to Proton Mail, Tutanota, Gmail, and self-hosted
High level comparison
Mailfence emphasizes standards and compatibility. Proton Mail leans into a closed encrypted ecosystem with bridges for external clients. Tutanota uses its own end-to-end model rather than OpenPGP. Gmail or Google Workspace focuses on productivity and deliverability with server-side controls, not end-to-end encryption by default. Self-hosted email gives you control but increases operational and security burden. None of these options remove email metadata. Your choice should reflect your balance between usability, interop, and risk tolerance.
Comparison table
| Feature | Mailfence | Proton Mail | Tutanota | Gmail or Workspace | Self-hosted |
|---|---|---|---|---|---|
| Encryption model | OpenPGP for end-to-end content in web app; TLS for transport | End-to-end within platform; PGP support; Zero-access storage claims | End-to-end with proprietary scheme, not standard OpenPGP | TLS in transit; optional S/MIME in some enterprise contexts | Depends on your setup; can use OpenPGP or S/MIME |
| Metadata exposure | Headers, sender and recipient, and timing visible as with email generally | Metadata remains visible across SMTP; some headers minimized inside platform | Metadata still present when crossing SMTP; within Tutanota some fields are protected | Metadata visible to provider and across SMTP | Metadata visible across SMTP; depends on server logging policy |
| IMAP and SMTP support | Yes, standard protocols supported | Via bridge app for desktop clients on paid plans | No traditional IMAP for encrypted mail; native apps or web only | Yes | Yes, you configure it |
| Custom domains | Supported on paid tiers | Supported on paid tiers | Supported on paid tiers | Supported | Fully under your control |
| Suite features | Email, contacts, calendar, documents, groups | Email, calendar, drive, VPN ecosystem | Email, calendar, contacts, secure notes | Comprehensive office suite and collaboration tools | Whatever you deploy and maintain |
| Ease of use | Moderate; PGP built into web app | Easy inside ecosystem; bridge adds steps | Simple within platform; limited interop can be a hurdle | Very easy; no end-to-end by default | Hard; you are the admin |
| Portability and interop | High due to OpenPGP and standard protocols | Good; strongest within Proton ecosystem | Moderate; less PGP interop | High for protocols; low for end-to-end content | High but depends on your expertise |
| Pricing posture | Free tier plus competitive paid plans | Free tier plus premium plans | Free tier plus premium plans | Free with ads for personal Gmail; paid for Workspace | Server costs and time burden vary |
For authoritative references on provider capabilities and security models, consult official documentation: Proton Mail support pages at proton.me and Tutanota FAQ at tutanota.com. Always verify current details since providers update features over time.
Practical setup and security checklist for Mailfence users
- Enable two-factor authentication immediately. Prefer an authenticator app. Store recovery codes offline.
- Create a strong, unique mailbox password and a distinct, strong passphrase for your OpenPGP private key.
- Generate your OpenPGP key pair in the web app or import an existing one. Record and safely store the fingerprint.
- Verify public keys out of band. Compare fingerprints via a trusted channel before sending sensitive content.
- Sign messages routinely. Signing provides integrity and identity assurance even when you do not encrypt.
- Back up your private key and revoke certificate offline. Protect these backups with encryption and keep them in safe storage.
- Compartmentalize aliases and identities. Separate contexts such as personal, business, and research.
- Harden your devices. Use full disk encryption, up-to-date OS and browser, and reputable security hygiene.
- Review active sessions and app passwords periodically. Revoke anything you do not recognize.
- Be phishing aware. Check domain names, certificate indicators, and message headers. When in doubt, verify by a second channel.
- Avoid sending sensitive details in subject lines. Many clients expose subjects as metadata.
- For non PGP recipients, prefer teaching them to use PGP when practical. If you must use a protected link, share the passphrase by a separate channel.
- Plan for account recovery. Ensure you can regain access without exposing more personal data than necessary.
Recommendations and best-fit use cases
Best fit user profiles
- Privacy minded users who need standards-based interop and custom domains.
- Small teams that want built-in PGP without running their own servers.
- Developers and researchers who already use PGP and want a hosted workflow.
When to consider alternatives
- If you require the tightest ecosystem integration with auto-encryption and minimal configuration, Proton Mail may fit better.
- If you value a closed model with proprietary end-to-end encryption over PGP interop, Tutanota is an option.
- If your priority is a full office suite and mainstream collaboration at scale, Workspace might be more practical, with the tradeoff of server-side access to content.
- If you demand total control and accept operational risk, self-hosting can work but requires significant expertise.
Decision checklist and next steps
- Define your threat model. Is metadata exposure acceptable for your use case?
- List required features: custom domain, aliases, IMAP, calendar, group sharing.
- Test on a free tier or trial. Send a PGP-encrypted message to a contact on another provider.
- Evaluate key management usability. Verify fingerprints with a colleague.
- Decide on client strategy: web only vs IMAP clients with PGP plugins.
- Estimate total cost, including time to train collaborators on PGP basics.
FAQ
Does Mailfence hide email metadata?
No. End-to-end encryption protects message content and attachments, but headers, sender and recipient addresses, timestamps, routing information, and often subject lines remain visible to servers and across SMTP. This is a fundamental email limitation.
Can I use my own domain with Mailfence?
Yes on paid plans. You will configure DNS records such as MX, SPF, DKIM, and possibly DMARC. This improves deliverability and phishing resistance. Verify current plan details and limits on the provider site.
How does Mailfence handle keys for OpenPGP?
You can generate, import, and export keys in the web app, verify fingerprints, and sign contacts keys to indicate trust. Keep your private key protected with a strong passphrase and store an offline backup plus a revoke certificate. For OpenPGP format details, see RFC 4880.
Can I access Mailfence via IMAP on third party clients?
Yes. Standard IMAP and SMTP are supported. If you want end-to-end encryption in those clients, you need a client with OpenPGP or S/MIME support and you must manage keys on that device. Be mindful of key sprawl and device security.
How does Mailfence compare to Proton Mail and Tutanota on encryption?
Mailfence uses OpenPGP to facilitate interoperability. Proton Mail emphasizes an integrated ecosystem with PGP support and offers bridge software for desktop clients. Tutanota uses its own end-to-end scheme instead of OpenPGP, which can limit interop but simplifies encryption inside its platform. All leave email metadata intact.
Is Mailfence suitable for high risk investigative work?
It can be part of a lawful, privacy conscious workflow, but email metadata limits remain. If your adversary focuses on who contacts whom and when, you may need additional operational compartmentalization or different communication channels. Keep everything within the law and organizational policy.
Can Mailfence prevent phishing or spoofing?
It includes standard protections like 2FA and supports SPF, DKIM, and DMARC for custom domains, which help reduce spoofing. No provider can eliminate phishing entirely. User vigilance and verification remain essential.
Key takeaways
- Mailfence offers OpenPGP-based end-to-end encryption with a practical suite and strong interoperability.
- Email metadata is not hidden. Plan your threat model with that reality in mind.
- IMAP and SMTP support plus custom domains enable flexible workflows and migration.
- Proton Mail and Tutanota offer different tradeoffs between ecosystem convenience and open standards.
- Enable 2FA, verify keys, and practice careful device and key hygiene to get real security benefits.
