You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

2072 lines
140 KiB

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<meta http-equiv="Content-type" content="application/xhtml+xml;charset=utf-8"/>
<title>Email - Shadow Wiki</title>
<link rel="stylesheet" href="style/dark.css"/>
</head>
<body>
<div class="directory_nav">
<a id="logo" href="index.xhtml"><img class="logo_img" src="img/index/homesick2.jpg" alt="homesick for a place I'm not even sure exists..."/></a>
<h3><i>Shadow Wiki</i></h3>
<a href="browsers.xhtml">browsers</a>
<br/>
<a href="darknet.xhtml">darknet</a>
<br/>
<a href="email.xhtml">email</a>
<br/>
<a href="hosting.xhtml">hosting</a>
<br/>
<a href="im.xhtml">im</a>
<br/>
<a href="mobilecomms.xhtml">mobilecomms</a>
<br/>
<a href="software.xhtml">software</a>
<br/>
<a href="uspol.xhtml">uspol</a>
<br/>
<a href="namac/index.xhtml">namac/index</a>
<br/>
<a href="http://validator.w3.org/"><img class="activelink" src="img/activelinks/valid-xhtml10.png" alt="This page uses valid XHTML 1.0!"/></a>
<a href="https://jigsaw.w3.org/css-validator/validator"><img class="activelink" src="img/activelinks/vcss-blue.gif" alt="This page uses valid CSS!"/></a>
<a href="https://anybrowser.org/campaign"><img class="activelink" src="img/activelinks/useanybrowser.gif" alt="Use any browser."/></a>
<a href="https://xmpp.org/"><img class="activelink" src="img/activelinks/xmpp.png" alt="XMPP" /></a>
<a href="https://spyware.neocities.org"><img class="activelink" src="img/activelinks/spywarewatchdog.png" alt="Spyware Watchdog."/></a>
<a href="http://us63bgjkxwpyrpvsqom6kw3jcy2yujbplkhtzt64yykt42ne2ms7p4yd.onion"><img class="activelink" src="img/activelinks/digdeeper2.png" alt="Digdeeper."/></a>
<a href="https://blog.honeypot.im"><img class="activelink" src="img/activelinks/baobab.png" alt="baobab"/></a>
<a href="https://nuegia.net"><img class="activelink" src="img/activelinks/nuegia.png" alt="Nugeia"/></a>
<a href="https://retroimages.net"><img class="activelink" src="img/activelinks/retroimages.png" alt="RetroImages"/></a>
<a href="https://envs.net/~novaburst/"><img class="activelink" src="img/activelinks/nova.png" alt="Novaburst"/></a>
<a href="http://4ad3tmc4ljbunjek2zhg2flj3br6vmonxhsmi6kqfgiw6b2cx3inpuid.onion/index.html"><img class="activelink" src="img/activelinks/theundercoverman.png" alt="Theundercoverman"/></a>
<a href="http://lainwir3s4y5r7mqm3kurzpljyf77vty2hrrfkps6wm4nnnqzest4lqd.onion"><img class="activelink" src="img/activelinks/qorg11.png" alt="qorg11" /></a>
<a href="http://www.kj2aybibqqcwt5nrskmv2qzdbq2gfgimpyshcnerbxkhkbyqz64kgcyd.onion/"><img class="activelink" src="img/activelinks/eldritch_data.png" alt="EldritchData" /></a>
</div>
<div class="content">
<div class="text-block">
<i>Comment on the forum thread about this page, I respond to all comments!: <a href="http://us3xsdrhmhk4h3bkuq7ttkp6pocs4726esycpgwtogrpu3nfjj6eroqd.onion/email-comment-section.6/">[Tor/Onion]</a> <a href="http://dq65yxqpp6gcyo53y53eqouijhy7ameqxkcjthkr7wpfusqppxma.b32.i2p/email-comment-section.6/">[I2P/Eepsite]</a></i>
<br/>
</div>
<div class="text-block">
<h1 class="title"><del>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</del> Prologue <del>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</del></h1>
<h2 class="title" id="navigation"><del>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</del> Navigation <del>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</del></h2>
</div>
<div class="text-block">
<div class="nav">
<ul>
<li>
<a href="#prologue">Prologue</a>
<ul>
<li><a href="#navigation">Navigation</a></li>
<li><a href="#introduction">Introduction</a></li>
<li><a href="#gpg">GPG Command Line Basics</a></li>
</ul>
</li>
<li>
<a href="#chapter1">Chapter 1: Email Providers</a>
<ul>
<li><a href="#howto1">How to use the table of Email Providers</a></li>
<li><a href="#table1">Table of Email Providers</a></li>
<li><a href="#notes1">Email Provider Notes</a></li>
</ul>
</li>
<li>
<a href="#chapter2">Chapter 2: Email Clients</a>
<ul>
<li><a href="#howto2">How to use the table of Email Clients</a></li>
<li><a href="#table2">The Table of Email Clients</a></li>
<li><a href="#notes2">Email Client Notes</a></li>
</ul>
</li>
<li>
<a href="#epilogue">Epilogue</a>
<ul>
<li><a href="#credits">Credits</a></li>
<li><a href="#contact">Contact</a></li>
<li><a href="#furtherreading">Links, Sources &amp; Further Reading</a></li>
</ul>
</li>
</ul>
</div>
</div>
<div id="introduction" class="text-block">
<h2 class="title"><del>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</del> Introduction <del>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</del></h2>
<p>There are many email providers &amp; clients, in fact too many to reasonably decide upon without prior knowledge. They are fraught with misleading advertising gimmicks, security concerns, privacy violations, legal intrusion, political opinion &amp; many other things.</p>
<p>Due to this extensive complication, I have endeavored to simplify the process of choosing here in this webpage, by comparing the specs &amp; attributes of providers &amp; clients.</p>
Ideally, all email providers should follow these design principles (but of course they don't):
<ol>
<li>Nanonymous access, (Tor/I2P/LokiNet/NameCoin/AnoNet access/address, etc) &amp; the latest TLS (certificate authorities perhaps aren't all that) or otherwise encryption (where applicable).</li>
<li>No webmail interface AT ALL, unless it's SquirrelMail/totally devoid of JavaScript</li>
<li>No JavaScript AT ALL</li>
<li>No Google reCaptcha, a regular captcha may be used however (must be in accordance with rule #3)</li>
<li>No Cloudflare or MITM-style DDOS protection AT ALL, DDOS protection may be used however (must be in accordance with rules #1, #3, &amp; #4)</li>
<li>A Terms of Service, that's clear, concise, &amp; does not discriminate based on political ideology, basically saying "don't do illegal stuff"</li>
<li>Logical site design (not like SAFe-MAIL or many US Government Websites etc)</li>
<li>Nanonymous Privacy Policy that that says something like "We encrypt everything &amp; don't read it" &amp; "Nothing is logged except during technical issues or maintenance, in which case it is purged after 24h"</li>
<li>No Google Analytics, Matomo, or anything of the sort, AT ALL</li>
<li>Must follow the minimalist Unix philosophy (do one thing &amp; do it well), &amp; KISS (Keep It Simple, Stupid)</li>
</ol>
<p>There is also TLS support to consider, both from client to server and server to server. TLS is what encrypts your data/messages/login info over the wire. If it is not encrypted, then it is bare, &amp; ripe for sniffing. Clients should enforce using TLS or STARTTLS. Servers should as well, but as we see in the table, don't. This is usually done to continue support for legacy clients. STARTTLS upgrades the connection, on the given service's port to be encrypted. According to the RFC, as can be seen <a href="https://serverfault.com/questions/523804/is-starttls-less-safe-than-tls-ssl/648282#648282">here</a>, STARTTLS could potentially allow a MITM (Man-in-the-Middle) attack to occur, deleting the response, making the client think the server does not support an encrypted connection. This, combined with the sniffing issue, is why it is important to check your STARTTLS or TLS settings on your client and make sure they are set to enforce encryption, and not "connect anyway".</p>
<p>Alas, this is not so easy with server to server communication. The only way to ensure TLS connection between providers is to run the server yourself and have it set to enforce. You can usually tell if an email was sent using TLS by looking at the header, where it will mention TLS. If it does not mention TLS it was either sent without TLS, or the server is not reporting it in the header, which is also cause for concern.</p>
<p>Another way to ensure encryption, which ideally you should do all the time regardless of other variables, is PGP (Pretty Good Privacy). You create a public key, used for encrypting messages that can only be decrypted with your private key. You exchange public keys with the person you are emailing, setup up your given client appropriately, and the body (including attachments) of your email will be encrypted (the destination &amp; subject, however, are not).</p>
</div>
<div class="text-block">
<h2 class="title" id="gpg"><del>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</del> GPG CLI Basics <del>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</del></h2>
<p>This assumes you have <a href="https://gnupg.org/">GPG (GnuPG)</a> already installed &amp; working. GnuPG is a <i>"Complete and free implementation of the OpenPGP standard"</i>.</p>
<p>
Generate your own public and private keys:<br/>
<code>gpg --full-generate-key</code><br/>
Press enter (for default).<br/>
When you get <code>What keysize do you want? (2048)</code> type <code>4096</code> and press enter. Follow the rest of the prompts accordingly. The <code>Real name:</code> can be a username. Leave the <code>Comment:</code> blank (by just pressing enter).
<br/>Listing keys:<br/>
<code>gpg --list-keys</code>
<br/>Deleting a private key:<br/>
<code>gpg --delete-secret-keys [key id]</code>
<br/>Deleting a public key:<br/>
<code>gpg --delete-key [key id]</code>
<br/>Importing a key:<br/>
<code>gpg --import [name].asc</code>
<br/>Exporting a key:<br/>
<code>gpg --output [name you want the file to have].asc --export [ID or email associated with the key]</code>
</p>
</div>
<h1 class="title" id="chapter1"><del>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</del> Chapter 1: Email Providers <del>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</del></h1>
<h2 class="title"><del>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</del> How to use the table of Email Providers <del>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</del></h2>
<div id="howto1" class="text-block">
<p><span class="green">Green</span> is the best, <span class="red">red</span> is the worst. <span class="orange">Orange</span> is closer to bad/<span class="red">red</span>, <span class="yellow">yellow</span> is closer to good/<span class="green">green</span>.</p>
<p>You can click on the name of a provider in the table to go to the notes. The title of the email provider above the notes will take you to the website.</p>
</div>
<h2 id="table1" class="title"><del>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</del> Table of Email Providers <del>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</del></h2>
<table>
<tr>
<th>Name</th>
<th>Rating</th>
<th>Perceived Connotation</th>
<th>Allows client</th>
<th>Tor access</th>
<th>i2p access</th>
<th><a href="https://en.wikipedia.org/wiki/Transport_Layer_Security">Website TLS</a></th>
<th><a href="https://www.checktls.com/TestSender">TLS From</a></th>
<th><a href="https://www.checktls.com/TestSender?ASSURETLS">Mandatory TLS From</a></th>
<th><a href="https://www.checktls.com/TestReceiver">TLS To</a></th>
<th><a href="https://www.checktls.com/TestReceiver?ASSURETLS">Mandatory TLS To</a></th>
<th><a href="https://www.gnu.org/philosophy/javascript-trap.html">JS Intensive</a></th>
<th><a href="https://trac.torproject.org/projects/tor/ticket/23840">Google reCaptcha</a></th>
<th><a href="https://git.nixnet.xyz/you/stop_cloudflare">Cloudflare</a></th>
<th>Price</th>
</tr>
<tr>
<td><a href="#Yahoo">AOL</a></td>
<td class="red">Do Not Use</td>
<td>Boomer/Surveillance</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Free/Ads/Tracking</td>
</tr>
<tr>
<td><a href="#Yahoo">AT&amp;T</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Surveillance</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Free/Ads/Tracking</td>
</tr>
<tr>
<td><a href="#Austistici">Autistici</a></td>
<td class="red">Do Not Use</td>
<td>Antifa/Pronouns/Far-leftism</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="red">Ideologically Audited Request of Service</td>
</tr>
<tr>
<td><a href="#BeingLibertarian">BeingLibertarian</a></td>
<td class="red" colspan="14">Sign-up disabled.</td>
</tr>
<tr>
<td><a href="#Bluelight">Bluelight/NetZero</a></td>
<td class="red">Do Not Use</td>
<td>the 90's called, they want their website/botnet back</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="red">FAIL</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Paid (ISP subscription)/Lots of info</td>
</tr>
<tr>
<td><a href="#Cockli">Cockli</a></td>
<td class="yellow">Not Bad</td>
<td>Imageboard user</td>
<td class="green">Yes</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.3</td>
<td class="red">FAIL</td>
<td class="yellow">Sorta</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="orange">Free/Registration closed, to be invite only</td>
</tr>
<tr>
<td><a href="#Comcast">Comcast/Xfinity</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Surveillance</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Paid (ISP subscription)</td>
</tr>
<tr>
<td><a href="#Countermail">CounterMail</a></td>
<td class="red">Do Not Use</td>
<td>Cattle</td>
<td class="green">Yes</td>
<td class="orange">Yes</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td>?</td>
<td>?</td>
<td class="red">Yes</td>
<td class="green">Paid</td>
</tr>
<tr>
<td><a href="#Criptext">Criptext</a></td>
<td class="red">Do Not Use</td>
<td>Security Buff/Surveillance</td>
<td class="red">No</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Free/Tracking</td>
</tr>
<tr>
<td><a href="#Ctemplar">CTemplar</a></td>
<td class="red">Do Not Use</td>
<td>Security Buff/poor choice</td>
<td class="red">No</td>
<td class="red">No</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.3</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td class="green">No</td>
<td class="red">Yes</td>
<td class="red">Paid/w/ "Free" Tier</td>
</tr>
<tr>
<td><a href="#Danwin1210">Danwin1210</a></td>
<td class="green">Good</td>
<td>Hobby</td>
<td class="green">Yes</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="green">1.3</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.3</td>
<td class="green">OK</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="green">Free</td>
</tr>
<tr>
<td><a href="#Dismail">Dismail</a></td>
<td class="yellow">Not Bad</td>
<td>Security Buff/German</td>
<td class="green">Yes</td>
<td class="green">Yes (no onion though)</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="yellow">Sorta</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="blue">Registration Closed</td>
</tr>
<tr>
<td>Dismail <a href="#Throwaways">(Yadim)</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only.</td>
</tr>
<tr>
<td><a href="#Disroot">Disroot</a></td>
<td class="red">Do Not Use</td>
<td>Antifa/Far-leftism</td>
<td class="green">Yes</td>
<td class="yellow">Sorta</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="green">OK</td>
<td class="red">FAIL</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="orange">Free/Non-Commercial Use</td>
</tr>
<tr>
<td><a href="#Throwaways">Dispostable</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only.</td>
</tr>
<tr>
<td><a href="#DNMX">DNMX</a></td>
<td class="orange">In a Pinch</td>
<td>l33t hax0r</td>
<td class="red">No</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="green">OK</td>
<td class="red">FAIL</td>
<td class="green">1.3</td>
<td class="red">FAIL</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="orange">Free w/ Ads</td>
</tr>
<tr>
<td><a href="#Elude.in">Elude.in</a></td>
<td class="orange">In a Pinch</td>
<td>Questionable Ads</td>
<td class="green">Yes</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="orange">1.2</td>
<td class="red">FAIL</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="yellow">Paid w/ "Free tier"/Ads</td>
</tr>
<tr>
<td><a href="#Excite">Excite</a></td>
<td class="red">Do Not Use</td>
<td>Old/Obscure/Cattle/Surveillance</td>
<td>?</td>
<td>?</td>
<td>?</td>
<td class="orange">N/A</td>
<td>?</td>
<td>?</td>
<td class="red">1.0</td>
<td class="red">FAIL</td>
<td>?</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Free/Lots of info/Tracking</td>
</tr>
<tr>
<td><a href="#Fastmail">Fastmail</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Surveillance</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Paid/Lots of info/Tracking</td>
</tr>
<tr>
<td><a href="#Throwaways">FakeMail</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only.</td>
</tr>
<tr>
<td><a href="#Throwaways">FlashBox</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only.</td>
</tr>
<tr>
<td><a href="#Freeshell.de">Freeshell.de</a></td>
<td class="orange">In a Pinch</td>
<td>Retro</td>
<td class="green">Yes</td>
<td class="yellow">Yes</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td>?</td>
<td>?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td>?</td>
<td>?</td>
<td class="green">No</td>
<td class="yellow">Free/Request Invite</td>
</tr>
<tr>
<td><a href="#Throwaways">GetNada</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only.</td>
</tr>
<tr>
<td><a href="#Throwaways">GuerillaMail</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only.</td>
</tr>
<tr>
<td><a href="#GMail">Google GMail</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Surveillance</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="red">No</td>
<td class="green">1.3</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.3</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td class="red">Yes</td>
<td class="green">No</td>
<td class="red">Free/Tracking</td>
</tr>
<tr>
<td><a href="#GMX">GMX</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Surveillance</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td>?</td>
<td>?</td>
<td class="green">1.3</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td class="red">Yes</td>
<td class="green">No</td>
<td class="red">Free/Ads/Tracking/Lot's of info</td>
</tr>
<tr>
<td><a href="#Throwaways">Harakiri</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only.</td>
</tr>
<tr>
<td><a href="#Hushmail">Hushmail</a></td>
<td class="red">Do Not Use</td>
<td>Privacy Buff/Probable Surveillance</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td>?</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Paid/Lot's of info</td>
</tr>
<tr>
<td><a href="#iCloud">iCloud</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Surveillance</td>
<td class="">?</td>
<td class="red">No</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td class="">?</td>
<td class="green">No</td>
<td class="red">Dependent on Expensive Proprietary Hardware/Tracking</td>
</tr>
<tr>
<td><a href="#InstallGentoo">InstallGentoo</a></td>
<td class="red" colspan="14">Appears to be broken or dead.</td>
</tr>
<tr>
<td><a href="#Kolabnow">Kolabnow</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Potential Surveillance</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Paid</td>
</tr>
<tr>
<td><a href="https://www.laposte.fr/">La Poste</a></td>
<td class="red" colspan="14">Non-functional site, possibly blocking Tor.</td>
</tr>
<tr>
<td><a href="#Lavabit">Lavabit</a></td>
<td class="red">Do Not Use</td>
<td>Security Buff/Too much Logging</td>
<td>?</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td>?</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Paid</td>
</tr>
<tr>
<td><a href="#Luxsci">Luxsci</a></td>
<td class="red">Do Not Use</td>
<td>Security Buff/Too much logging</td>
<td class="green">Yes</td>
<td class="yellow">Yes</td>
<td class="red">No</td>
<td class="green">1.3</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td>?</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Paid/Logging</td>
</tr>
<tr>
<td><a href="#Lycos">Lycos</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Surveillance</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td>?</td>
<td>?</td>
<td class="orange">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td class="red">Yes</td>
<td class="green">No</td>
<td class="red">Free w/ Premium Tier/Logging</td>
</tr>
<tr>
<td><a href="#Mailbox.org">Mailbox.org</a></td>
<td class="red">Do Not Use</td>
<td>Security buff/Surveillance</td>
<td class="green">Yes</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td class="red">Yes</td>
<td class="green">No</td>
<td class="red">Paid</td>
</tr>
<tr>
<td><a href="#Mailfence">Mailfence</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Potential Surveillance</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Paid w/ "Free" tier/Logging</td>
</tr>
<tr>
<td><a href="#Throwaways">MailForSpam</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only.</td>
</tr>
<tr>
<td><a href="#Throwaways">MailGutter</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only, blocks Tor.</td>
</tr>
<tr>
<td><a href="#Throwaways">Mailinator</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only, blocks Tor.</td>
</tr>
<tr>
<td><a href="#Throwaways">MailSac</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only.</td>
</tr>
<tr>
<td><a href="#Mail.com">Mail.com</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Surveillance</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Free/Lots of info</td>
</tr>
<tr>
<td><a href="#Mail.ru">Mail.ru</a></td>
<td class="red">Do Not Use</td>
<td>Russian/Surveillance</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td>?</td>
<td>?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Free/Tracking/Lots of info</td>
</tr>
<tr>
<td><a href="#Throwaways">Moakt</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only.</td>
</tr>
<tr>
<td><a href="#Throwaways">MyTemp</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only.</td>
</tr>
<tr>
<td><a href="#NixNet">NixNet</a></td>
<td>?</td>
<td>?</td>
<td class="green">Yes</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="green">1.3</td>
<td>?</td>
<td>?</td>
<td class="green">1.3</td>
<td class="red">FAIL</td>
<td>?</td>
<td>?</td>
<td class="green">No</td>
<td class="green">Free/Request Invite</td>
</tr>
<tr>
<td><a href="#NeoMailbox">NeoMailbox</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Potential botnet</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="orange">1.2</td>
<td class="red">FAIL</td>
<td>?</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Paid/Logged</td>
</tr>
<tr>
<td><a href="#NovoOrdo">Novo Ordo</a></td>
<td class="red">Do Not Use</td>
<td>Security Buff/Unusual</td>
<td class="green">Yes</td>
<td class="green">?</td>
<td class="red">No</td>
<td class="green">1.3</td>
<td>?</td>
<td>?</td>
<td class="green">1.3</td>
<td class="red">FAIL</td>
<td>?</td>
<td>?</td>
<td class="green">No</td>
<td class="green">Paid</td>
</tr>
<tr>
<td><a href="#Nuegia">Nuegia</a></td>
<td>N/A</td>
<td>Security Buff/Unusual</td>
<td class="blue">Probably</td>
<td class="red">No</td>
<td class="red">No</td>
<td>N/A</td>
<td>?</td>
<td>?</td>
<td class="green">1.3</td>
<td class="red">FAIL</td>
<td>N/A</td>
<td class="green">N/A</td>
<td class="green">No</td>
<td class="blue">Private until further notice</td>
</tr>
<tr>
<td><a href="#OnionMail">OnionMail</a></td>
<td class="orange">In a pinch</td>
<td class="">l33t hax0r/anonymous</td>
<td class="green">Yes</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="red">No</td>
<td class="green">OK</td>
<td class="red">FAIL</td>
<td class="orange">1.2</td>
<td class="red">FAIL</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="green">Free</td>
</tr>
<tr>
<td>OpenMailBox</td>
<td class="red" colspan="14">Discontinued.</td>
</tr>
<tr>
<td><a href="#Outlook">Outlook</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Surveillance</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Free w/ Premium Tier/Tracking</td>
</tr>
<tr>
<td><a href="#Paranoid">Paranoid</a></td>
<td class="red">In a pinch</td>
<td>Potential botnet</td>
<td class="green">Yes</td>
<td class="yellow">Sorta</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">N/A + No Response</td>
<td class="orange">1.2</td>
<td class="red">FAIL</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="yellow">Free/Request Invite</td>
</tr>
<tr>
<td><a href="#Posteo">Posteo</a></td>
<td class="green">Good</td>
<td>Security buff</td>
<td class="green">Yes</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="green">1.3</td>
<td class="green">OK</td>
<td class="red">FAIL</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="yellow">Yes</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="green">Paid</td>
</tr>
<tr>
<td><a href="#Postman">Postman</a></td>
<td class="green">Good</td>
<td>l33t hax0r/friendly neighborhood postman</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="green">Yes</td>
<td class="green">N/A</td>
<td class="green">OK</td>
<td class="red">FAIL</td>
<td class="orange">1.3</td>
<td class="red">FAIL</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="orange">Free/Non-Commerical Use</td>
</tr>
<tr>
<td><a href="#ProtonMail">ProtonMail</a></td>
<td class="red">Do Not Use</td>
<td>Security buff/Potential botnet</td>
<td class="orange">Sorta</td>
<td class="yellow">Yes</td>
<td class="red">No</td>
<td class="green">1.3</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="orange">Paid w/ Free tier</td>
</tr>
<tr>
<td><a href="#Rackspace">Rackspace</a></td>
<td class="red">Do Not Use</td>
<td>Business/Cattle/Surveillance</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td>?</td>
<td>?</td>
<td>?</td>
<td>?</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Paid/Tracking</td>
</tr>
<tr>
<td><a href="#Throwaways">RainMail</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only.</td>
</tr>
<tr>
<td><a href="#Rediff">Rediff</a></td>
<td class="red">Do Not Use</td>
<td>Indian/Surveillance</td>
<td>?</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td>?</td>
<td>?</td>
<td class="orange">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Free w/ Premium Tier/Lots of info/Tracking</td>
</tr>
<tr>
<td><a href="#Riseup">RiseUp</a></td>
<td class="yellow">Not bad</td>
<td>Far-leftism</td>
<td class="green">Yes</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="green">OK</td>
<td class="red">FAIL</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td>?</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="orange">Free/Invite Only/Non-Commercial Use</td>
</tr>
<tr>
<td><a href="#Runbox">Runbox</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Potential Surveillance</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Paid/Lots of Info/Logging</td>
</tr>
<tr>
<td><a href="#SAFemail">SAFemail</a></td>
<td class="red">Do Not Use</td>
<td>Insanity/Cattle/Potential Surveillance</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="orange">1.2</td>
<td class="red">FAIL</td>
<td>?</td>
<td class="green">No</td>
<td class="green">No</td>
<td>?</td>
</tr>
<tr>
<td><a href="#Safe-Mail">Safe-Mail</a></td>
<td class="red" colspan="14">Sign-up disabled.</td>
</tr>
<tr>
<td>SCRYPTmail</td>
<td class="red" colspan="14">Discontinued.</td>
</tr>
<tr>
<td><a href="#Self_Hosting">Self Hosting</a></td>
<td class="green" colspan="14">You decide!</td>
</tr>
<tr>
<td><a href="#SDF">SDF</a></td>
<td class="orange">In a pinch</td>
<td>Retro</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td>?</td>
<td>?</td>
<td class="green">1.3</td>
<td class="red">FAIL</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="green">Paid</td>
</tr>
<tr>
<td><a href="#secMail">secMail</a></td>
<td class="red">Do Not Use</td>
<td>Shady</td>
<td class="red">No</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="red">No</td>
<td class="">?</td>
<td class="">?</td>
<td class="red">N/A</td>
<td class="red">N/A</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="green">Free</td>
</tr>
<tr>
<td><a href="#SharkLasers">SharkLasers</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only.</td>
</tr>
<tr>
<td><a href="#Snopyta">Snopyta</a></td>
<td class="green">Good</td>
<td>Snek</td>
<td class="green">Yes</td>
<td class="yellow">Yes</td>
<td class="">?</td>
<td class="green">1.3</td>
<td class="green">OK</td>
<td class="red">FAIL</td>
<td class="green">1.3</td>
<td class="red">FAIL</td>
<td class="orange">Yes</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="orange">Free/Request Access/Non-Commercial Use</td>
</tr>
<tr>
<td><a href="#Soverin">Soverin</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Privacy buff/Probable botnet</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.3</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Paid/Lots of info</td>
</tr>
<tr>
<td><a href="#StartMail">StartMail</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Potential Surveillance</td>
<td class="green">Yes</td>
<td class="yellow">Yes</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="green">OK</td>
<td class="red">FAIL</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="red">Paid w/ "Free" tier &amp; tracking</td>
</tr>
<tr>
<td><a href="#Systemli">Systemli</a></td>
<td class="red">Do Not Use</td>
<td>Antifa/Far-Leftism</td>
<td class="green">Yes</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td>?</td>
<td>?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td>?</td>
<td>?</td>
<td class="green">No</td>
<td class="orange">Free/Invite Only/Non-Commercial Use</td>
</tr>
<tr>
<td><a href="#Teknik">Teknik</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Probable Surveillance</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td>?</td>
<td>?</td>
<td class="red">Yes</td>
<td class="red">Free/Logging</td>
</tr>
<tr>
<td><a href="#Throwaways">TempInBox</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only, no HTTPS.</td>
</tr>
<tr>
<td><a href="#Throwaways">TempMail</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only.</td>
</tr>
<tr>
<td><a href="#Throwaways">Temp-Mail.ooo</a></td>
<td class="red" colspan="14">Discontinued. Throwaway/Temporary accounts only.</td>
</tr>
<tr>
<td><a href="#Throwaways">Temp-Mails</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only.</td>
</tr>
<tr>
<td><a href="#Throwaways">Tempr</a></td>
<td class="red" colspan="14">Throwaway/Temporary accounts only, blocks Tor.</td>
</tr>
<tr>
<td><a href="#Tutanota">Tutanota</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Surveillance</td>
<td class="red">No</td>
<td class="red">No</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td>?</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Paid w/ "Free" tier/Logging</td>
</tr>
<tr>
<td><a href="#thexyz">Thexyz</a></td>
<td class="red">Do Not Use</td>
<td>Business/Surveillance</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="green">1.3</td>
<td>?</td>
<td>?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Paid/Tracking</td>
</tr>
<tr>
<td><a href="#VFEmail">VFEmail</a></td>
<td class="red">Do Not Use</td>
<td>Security Buff/Surveillance</td>
<td class="green">Yes</td>
<td>?</td>
<td class="red">No</td>
<td class="red">No</td>
<td class="">?</td>
<td class="">?</td>
<td class="orange">1.2</td>
<td class="red">FAIL</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Yes</td>
<td class="red">Paid w/ "Free" tier/Logging</td>
</tr>
<tr>
<td><a href="#Yahoo">Yahoo! Mail</a></td>
<td class="red">Do Not Use</td>
<td>Cattle/Surveillance</td>
<td class="green">Yes</td>
<td class="red">No</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td>?</td>
<td class="green">No</td>
<td class="red">Free/Ads/Tracking</td>
</tr>
<tr>
<td><a href="#Yandex">Yandex</a></td>
<td class="red">In a pinch</td>
<td>Russian/Surveillance</td>
<td class="green">Yes</td>
<td class="yellow">Sorta</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.3</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="red">Free/Tracking</td>
</tr>
<tr>
<td><a href="#Zoho">Zoho</a></td>
<td class="red">Do Not Use</td>
<td>Business/Surveillance</td>
<td class="green">Yes</td>
<td class="">?</td>
<td class="red">No</td>
<td class="green">1.3</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.2</td>
<td class="red">FAIL</td>
<td class="red">Yes</td>
<td class="green">No</td>
<td class="green">No</td>
<td class="red">Paid/Logging</td>
</tr>
<tr>
<th>Name</th>
<th>Rating</th>
<th>Perceived Connotation</th>
<th>Allows client</th>
<th>Tor access</th>
<th>i2p access</th>
<th><a href="https://en.wikipedia.org/wiki/Transport_Layer_Security">Website TLS</a></th>
<th><a href="https://www.checktls.com/TestSender">TLS From</a></th>
<th><a href="https://www.checktls.com/TestSender?ASSURETLS">Mandatory TLS From</a></th>
<th><a href="https://www.checktls.com/TestReceiver">TLS To</a></th>
<th><a href="https://www.checktls.com/TestReceiver?ASSURETLS">Mandatory TLS To</a></th>
<th><a href="https://www.gnu.org/philosophy/javascript-trap.html">JS Intensive</a></th>
<th><a href="https://trac.torproject.org/projects/tor/ticket/23840">Google reCaptcha</a></th>
<th><a href="https://git.nixnet.xyz/you/stop_cloudflare">Cloudflare</a></th>
<th>Price</th>
</tr>
</table>
<h2 id="notes1" class="title"><del>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</del> Email Provider Notes <del>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</del></h2>
<div class="case">
<h4 id="Austistici"><a href="https://autistici.org/">Austistici</a></h4>
<div class="text-block">
<p><del>Another far-left organization with what appears to have a good privacy stance, however they do not have a "Privacy Policy", instead calling it "<a href="https://www.autistici.org/who/your_data">Your Data</a>" <a href="https://web.archive.org/web/20190403022940/https://www.autistici.org/who/your_data">[archive]</a>. They also repeat themselves a lot &amp; have different sections saying similar things.</del></p>
<p><del>If you are greatly interested in the Privacy Policy (I am not because I am too off-put by their political stance), you may wish to <i><a href="http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Autistici">dig deeper</a></i>.</del></p>
<p>Here's a quote from the "Request a Service" page: <i>"Autistici/Inventati is a collective that recognizes &amp; promotes anticapitalism, antiracism, antifascism, antisexism, antimililtarism, &amp; the refusal of authoritarianism &amp; hierarchies"</i>.<br/> Probable translation: "Don't use for commercial purposes (Capitalism), respect my pronoun concerned identity politics, &amp; make sure you support (violent suppression mob) antifa!"</p>
<p>Sounds a lot like <a href="#disroot">Disroot</a> &amp; <a href="#riseup">RiseUp</a> (RiseUp is definitely least bad/best of the these three though).</p>
<p>Here's another quote: <i>"don’t tell us that you want privacy &amp;/or anonymity - we already know this, otherwise you wouldn’t have landed here. Tell us, instead, the reasons why you share these principles &amp; what kind of person you are. You don’t have to detail your private life - we just need to get an idea of why we should offer a service to you"</i>. Oh boy, so I get audited too, to make sure I believe in these things!</p>
<p>Still don't believe me? Here's a quote from their Policy page: <i>"To be hosted on our servers you have to share our principles of anti-fascism, anti-racism, anti-sexism, anti-homophobia, anti-transphobia, &amp; anti-militarism"</i>. This would be funny, except they appear to be serious. But like they say, don't use it if you don't fully agree with these things. I could probably write an article on why each of those things is not what they seem to sound like on the surface, but you probably either already know that &amp;/or agree with them.</p>
<p class="quote"><i>"It says explicitly that all of its privacy protections are only guaranteed if you follow their ideology - this is kind of an inherently precarious situation unless you adhere to the complete ideology with the same interpretations as the people who run the service."</i><br/>- The original manager/owner of the Online Spyware Watchdog, pretty much summing things up</p>
<p>So apparently, some time after I wrote this, they added a <a href="https://www.inventati.org/who/privacy-policy.en">Privacy Policy</a> <a href="https://web.archive.org/web/20200413222215/https://www.inventati.org/who/privacy-policy.en">[archive]</a>.</p>
<p>Here's some quotes: <i>"We store logs of user activity for a period up to 15 days (unless specified otherwise per service)."</i>,<br/><i>"our servers will provide us with some non-personal data, including, without limitation, data relating to the browser you are using (browser type, whether it is a mobile/desktop device, OS version, preferred language), the date and time of your visit and the referring website, but not your IP address. None of the non-personal (meta)data allows the identification of the individual user, as it is not associated with or linked to your personal information."</i>,<br/><i>"It is not necessary to provide personal information in order to create an account. All data provided in the request is deleted from our systems 15 days after the request has been successfully granted."</i>.<br/><i><b>"we keep track of email metadata related to sender and recipient. We store logs of the “from” or “to” information for every message relayed and these logs are purged after 12 months."</b></i> (PGP does not protect against this)!<br/><i>"We keep record of your last successful authentication, so that it is possible for us to disable and delete unused or abandoned accounts."</i><br/><i>"We keep track of the users’ activity on our Services, but the logs we store never contain any personally identifying information, and do not include information related to activities outside of our platform."</i><br/><i>"In the case of suspicion of behavior non-compliant to our policies, we might kindly ask the user to comply or decide to erase an account permanently and without notice: again, users are admitted conditionally to their compliance to our policy and what we judge is their affinity to our Manifesto."</i><br/><i>"Anonymous, aggregated information that cannot be linked back to an individual user may be made available to experienced researchers for the sole purpose of developing better systems for anonymous and secure communication. For example, we may aggregate information on how many messages on average a group of anonymous users send and receive, and with what frequency."</i>, <i>"We do not directly use these tools and analytics, but this service is available to all the users that choose to use them."</i><br/>They will comply with requests coming from Italian authorities or <i>"other compelling judicial authority"</i> or if there is <i>"public interest in doing so"</i>.<br/>After account "deletion" mailbox content <i>"will be automatically erased within 3 days"</i>.<br/><i>"A/I will in no case store any data or log longer than 2 years after the last use of the Services."</i>, so they may store certain data or logs up to 2 years? Unclear.</p>
<p>In summary: They log meta-data at the very least, are far-left, and require you to be far-left. Not a good combination.</p>
</div>
<div class="sources">
<a href="http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Autistici">http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Autistici</a>
</div>
</div>
<div class="case">
<h4 id="BeingLibertarian"><a href="https://beinglibertarian.email">BeingLibertarian</a></h4>
<div class="text-block">
<p>The email provider used by <a href="https://beinglibertarian.com">BeingLibertarian</a>, a right-leaning libertarian online publication type site. The opinion/news site (beinglibertarian.com) is Cloudflared, but the <i>email</i> site (beinglibertarian.email) is not.</p>
<p>Does not have a Privacy Policy but instead a <a href="https://beinglibertarian.email/manifesto.html">Manifesto</a> <a href="https://web.archive.org/web/20200227032324/https://beinglibertarian.email/manifesto.html">[archive]</a>, let's go through the interesting bits!</p>
<p><i>"If a request from government authorities has been made for data that is supervised by me. I will do my best to make sure all requests fall in line with the 4th amendment of the United States Constitution. I will also make sure the effected parties are notified if such a situation arises."</i>, sounds pretty good! Better than even <a href="#riseup">RiseUp</a> so far.<br/><i>"My email server is more secure than Hillary Clinton's Microsoft Exchange 2010 Email server"</i>, amusing, but also not saying much, &amp; a further injection of politics.
<br/><i>"I take privacy very seriously, &amp; along with that means taking encryption very seriously"</i>, well, TLS isn't mandatory, but maybe this means the mailbox is encrypted?
<br/><i>"I do not deal with Anti-Semites as I am Jewish. However while I may disagree with what you say, I will defend your right to say it"</i>, way above &amp; beyond what any of the 3 far-leftist servers would allow (<a href="#autistici">Autistici</a>, <a href="#disroot">Disroot</a> &amp; <a href="#riseup">RiseUp</a>). Very nice!</p>
<p>But wait, there was no mention on if they log anything, for how long, if they read your mail, or if it's stored as plain text or not!</p>
<p>Here's an aside from the description on the main page: <i>"helping our readers, contributors, &amp; correspondents feel comfortable in knowing their communications will be kept private"</i>, <i>"feel comfortable"</i>, what does that mean? Private from who?</p>
<p>Another aside from the main page: <i>"This server is not for sending spam, or marketing information. If those are required a separate server called a "list server" will be created"</i>, pretty accommodating if you ask me, as many servers disallow "commercial use".</p>
<p>No obvious way to signup. I assume you have to write this "Geek in Chief" guy an email, &amp; request an account, <a href="#snopyta">Snopyta</a>-style. They do provide a GPG key.</p>
<p>I sent an email, but have not received a response after several weeks.</p>
<p>Initially I had them on the table with info in each column, but since they appear to not be accepting registrations, I will put that info here, and list it as "registration disabled".</p>
<table>
<tr>
<th>Name</th>
<th>Rating</th>
<th>Perceived Connotation</th>
<th>Allows client</th>
<th>Tor access</th>
<th>i2p access</th>
<th><a href="https://en.wikipedia.org/wiki/Transport_Layer_Security">Website TLS</a></th>
<th><a href="https://www.checktls.com/TestSender">TLS From</a></th>
<th><a href="https://www.checktls.com/TestSender?ASSURETLS">Mandatory TLS From</a></th>
<th><a href="https://www.checktls.com/TestReceiver">TLS To</a></th>
<th><a href="https://www.checktls.com/TestReceiver?ASSURETLS">Mandatory TLS To</a></th>
<th><a href="https://www.gnu.org/philosophy/javascript-trap.html">JS Intensive</a></th>
<th><a href="https://trac.torproject.org/projects/tor/ticket/23840">Google reCaptcha</a></th>
<th><a href="https://codeberg.org/crimeflare/cloudflare-tor">Cloudflare</a></th>
<th>Price</th>
</tr>
<tr>
<td><a href="#beinglibertarian">BeingLibertarian</a></td>
<td class="red">N/A</td>
<td>Libertarian/Not for use</td>
<td>?</td>
<td class="">?</td>
<td class="red">No</td>
<td class="green">1.2</td>
<td class="">?</td>
<td class="">?</td>
<td class="green">1.3</td>
<td class="red">FAIL</td>
<td class="">?</td>
<td>?</td>
<td class="green">No</td>
<td class="red">N/A</td>
</tr>
</table>
</div>
</div>
<div class="case">
<h4 id="Bluelight"><a href="https://mail.mybluelight.com/">Bluelight</a></h4>
<div class="text-block">
<p>They want your phone number &amp; all sorts of strange information. Unclear if you actually have to pay them to get the email, as they seem to be selling dial-up internet.</p>
<p>But don't worry, they support Windows 95.</p>
</div>
</div>
<div class="case">
<h4 id="Cockli"><a href="http://rurcblzhmdk22kttfkel2zduhyu3r6to7knyc7wiorzrx5gw4c3lftad.onion">Cockli</a></h4>
<div class="text-block">
<p>The first most obvious problem is the name, they are obsessed with obscene names. This carries over to most of their domain options, but a couple are not terrible, such as "airmail.cc".</p>
<p>I believe you can sign up without having JavaScript enabled, but their web client does require JavaScript. However, you could sign up over Tor, without JS, &amp; then use a client.</p>
<p>Now onto the privacy side. They comply <i>"with every legal order for user information under the jurisdictions which are applicable"</i>. Many would do the same thing, even RiseUp has.</p>
<p>It should also be noted that data drives were <a href="https://arstechnica.com/tech-policy/2015/12/cock-li-e-mail-server-seized-by-german-authorities-admin-announces/">seized</a>, <a href="https://arstechnica.com/tech-policy/2016/01/cock-li-server-seized-again-by-german-prosecutor-service-moves-to-iceland/">twice</a>, before moving their servers out of Germany into Romania.</p>
<p>Mail server mx2.cock.li failed to connect.</p>
<p>Update May 2021:<br/>Cockli has switched off invites, saying when they are brought back they will <a href="https://cock.li/register">invite-only</a>. <a href="http://web.archive.org/web/20210430064800/https://cock.li/register">[archive]</a></p>
</div>
<a href="http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Cock">http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Cock</a>
</div>
<div class="case">
<h4 id="Comcast">Comcast</h4>
<div class="text-block">
<p>I believe this one requires a paid ISP subscription. It's unclear if you can login over Tor, I got one sign in page to load, where as another gave "Access Denied".</p>
<p>A quote from the sign in page that did load: <i>"Comcast reserves the right at any time to monitor usage of this system to ensure compliance with the Comcast Access Control &amp; Acceptable Use Policies"</i>.</p>
<p>I get the feeling they don't want me to use them. I've heard they do at least accept clients. I'll take a pass on this one.</p>
</div>
</div>
<div class="case">
<h4 id="Countermail"><a href="https://countermail.com">Countermail</a></h4>
<div class="text-block">
<p>Much more costly than Posteo, and have gone the way of the Clownflare. Base package is $29 for 6 months. Takes BTC.</p>
</div>
<a href="http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#CounterMail">http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#CounterMail</a>
</div>
<div class="case">
<h4 id="Criptext"><a href="https://www.criptext.com">Criptext</a></h4>
<div class="text-block">
<p>Site will not load without JS.</p>
<p>Well, here we go again. Lots of "privacy" talk, but no walking in the <a href="https://www.criptext.com/en/privacy">Privacy Policy</a> <a href="https://archive.is/WXPfj">[archive]</a>. They track you.</p>
<p>Here's some quotes:<br/>Under <i>"Analytics &amp; Performance Cookies"</i>, <i>"These cookies are used to collect information about our Services’ traffic &amp; how users use our Services"</i>.</p>
<p>They use matomo. They use <i>"Social Media Cookies"</i> as well as <i>"Targeted &amp; advertising cookies"</i>. They <i>"do not respond to “Do Not Track” signals"</i>.</p>
<p>Under <i>"How We Share Your Personal Information"</i> it says <i>"We may disclose your personal information to our subsidiaries &amp; corporate affiliates for purposes consistent with this Privacy Policy"</i>!</p>
<p>It seems you must download their JavaScript &amp; Electron based client to sign up &amp; use the service.</p>
<p>Sounds pretty bad for the so-called "most private email service ever".</p>
</div>
</div>
<div class="case">
<h4 id="Ctemplar"><a href="http://ctemplar42u6fulx.onion">Ctemplar</a></h4>
<div class="text-block">
<p>Has Cloudflare &amp; an Onion address, but the .onion address <a href="img/email/ctemplar_tor.png">redirects to the clearnet page</a> rendering it totally pointless, &amp; most certainly does not count as Tor support.</p>
<p>Requires JabbaScript to even load the page, but says the JavaScript from the CDN can't be messed with in a harmful way to you, because of "checksums". They also say the CDN can be bypassed by using the Onion address, but as noted above, this is not the case.</p>
<p>Alas, these files that you would want to checksum do not exist on their GitHub, &amp; are <a href="img/email/ctemplardoesnotshowfiles.png">not seen even after building</a> (ng build, ng serve).</p>
<p>Privacy policy is decent, but is overshadowed by the other issues.</p>
</div>
<a href="http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#CTemplar">http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#CTemplar</a>
</div>
<div class="case">
<h4 id="Danwin1210"><a href="http://danielas3rtn54uwmofdo3x2bsdifr47huasnmbgqzfrec5ubupvtpid.onion">Danwin1210</a></h4>
<div class="text-block">
<p>Starting off the <a href="https://danwin1210.me/privacy.php">Privacy Policy</a> <a href="https://web.archive.org/web/20191103130321/https://danwin1210.me/privacy.php">[archive]</a>: <i>"Data protection is of a particularly high priority"</i>, however several things are tracked/recorded.</p>
<p>Here's an excerpt: <i>"This general data and information is stored in the server log files. Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches my website (so-called referrers), (4) the sub-websites, (5) the date and time of access to the Internet site / email transmission, (6) sender and recipient of an email, and (7) any other similar data and information that may be used in the event of attacks on my information technology systems"</i>.</p>
<p>One of the reasons being, they say is to <i>"(2) optimize my services"</i>, a common excuse, however they say they do not <i>"draw any conclusions about the data subject"</i>.</p>
<p>The tracking data is kept separately for 48 hours, <i>"The anonymous data of the server log files are stored separately from all personal data provided by a data subject for up to 48 hours"</i>, and then presumably deleted (someone told me they contacted danwin and he said they do delete it after 48 hours). This is only some of the data.</p>
<p>They do not use tracker cookies, <i>"This site makes only use of technically necessary session cookies and does not use any form of tracking cookies"</i>.</p>
<p>It seems the point they are attempting to make is that much of the data collection is necessary for basic technical operation. It ultimately depends on whether you believe them.</p>
<p>This is actually a really good service, and was the only one so far to respond to this article.</p>
</div>
</div>
<div class="case">
<h4 id="Dismail"><a href="https://dismail.de">Dismail</a></h4>
<div class="text-block">
<p>They do not have a Privacy Policy. They have a "Datenschutz" which apparently translates to "Data protection declaration according to GDPR".</p>
<p>If you take this as the Privacy Policy, it seems okay. However I did have to translate it from <a href="https://dismail.de/datenschutz.html">German</a> <a href="https://archive.is/yEd1l">[archive]</a> to <a href="https://archive.is/kOFg4">English</a> using itools/Google Translate, &amp; over a VPN because it because it captcha'd me on Tor. But at least I didn't have to use any JabbaScript.</p>
<p>They are also hosted in Germany (in part by the same hosting provider no less, Hetzner), the same place that randomly seized some of <a href="#cockli">Cockli's</a> data drives, on two occasions.</p>
<p>Signup requires you to first get one of their XMPP accounts, then send an XMPP message to activate the email account. This does not require JavaScript, only the optional web interface does (you can use a client).</p>
</div>
<a href="http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Dismail">http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Dismail</a>
</div>
<div class="case">
<h4 id="Disroot"><a href="https://disroot.org">Disroot</a></h4>
<div class="text-block">
<p>They <i>sound</i> pretty cool, being pro-privacy &amp; all.</p>
<p>Except, they act like antifa, the hypocritical violent mob who silences those whom they disagree with. Staying away from them is my recommendation, unless you are an actual far-leftist like them.</p>
<p>Let's take a look at their <a href="https://disroot.org/en/tos">terms of service</a> <a href="https://web.archive.org/web/20191114020546/https://disroot.org/en/tos">[archive]</a>: <i>"You may not engage in the following activities through the services provided by disroot.org:"</i> [...] <i>"Contributing to the discrimination, harassment or harm against any individual or group. That includes the spread of hate &amp; bigotry through racism, ethnophobia, antisemitism, sexism, homophobia &amp; other forms of discriminatory behavior"</i>.</p>
<p>Those are pretty broad things to not be allowed to do. Anything can get called "racist", &amp; not referring to someone by their decided "pronouns" can be seen as "hateful". Unless someone reports you, how would they know you are doing these things? Is it just for plausible deniability, or do they have some other mechanism?</p>
<p>Here's another thing you can't do, according to the TOS: <i>"Using Disroot services for financial gain, including but not limited to trading or managing sales, is not tolerated. Accounts created for the purpose of generating profits will be subject to termination upon inquiry"</i>.</p>
<p><i>"disroot.org may terminate your service at any time under the following conditions:"</i> [if] <i>"The account has engaged in one or more of the banned activities listed above"</i>.</p>
<p>"TLS From" information provided by digdeeper.</p>
<p>There is also evidence to suggest that they may not use TLS by default when sending to TLS equipped servers, if they do, they do not report it in the email header.</p>
</div>
<a href="http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Disroot">http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Disroot</a>
</div>
<div class="case">
<h4 id="DNMX"><a href="https://dnmx.org">DNMX</a></h4>
<div class="text-block">
<p>A web-only darknet email. Has some questionable ads, but can be blocked using eMatrix. Otherwise easy and fast in that it uses SquirrelMail, one of the only good web mails.</p>
</div>
</div>
<div class="case">
<h4 id="Elude.in"><a href="http://eludemaillhqfkh5.onion">Elude.in</a></h4>
<div class="text-block">
<p>Definitely has the best <a href="http://eludemaillhqfkh5.onion/privacy-policy">Privacy Policy</a> so far. Some ads are rather questionable/shady, such as random Tor sites. Has optional SquirrelMail (web) client, which does not require JS, along with Rainloop that does. <a href="img/email/eludeinaccess.png">Can be seen here.</a></p>
<p>To use a mail client you have to <a href="img/email/eludeinpricing.png">pay</a>, but they accept (only) BTC &amp; XMR.</p>
<p>All of elude.in's certs failed.</p>
</div>
</div>
<div class="case">
<h4 id="Excite"><a href="http://www.excite.com/email">Excite</a></h4>
<div class="text-block">
<p>First off, this provider uses <a href="img/email/excitetls1expiredcert.png">TLS 1 with an expired cert</a>.</p>
<p>Secondly, they want you to give them <a href="https://web.archive.org/web/20190627113349/https://registration.excite.com">both a phone number &amp; your address</a> for registration!</p>
<p>Thirdly, I will torture myself by reading the <a href="https://www.excite.com/privacy">Privacy Policy</a> <a href="https://web.archive.org/web/20200228014319/https://www.excite.com/privacy">[archive]</a>. Excerpts:
<br/><br/>Under <i><b>"Information You Provide To Us"</b></i>, it says they collect many things, outside of the already gargantuan amount of info they want for signup, including <i>"Records of products or services obtained, or considered, or other consuming histories or tendencies"</i>, <i>"Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement"</i>, <i>"Physical location or movements which may be inferred from your IP address"</i>.
<br/><br/>Under <i><b>"Third-Parties and Behavioral Advertising"</b></i>, <i>"We may receive information from third-parties, including our authorized service providers, IAC affiliates, advertising companies, and ad networks"</i>, <i>"We work with various companies (such as advertisers, ad networks and data management platforms) to tailor online ads that you see elsewhere on the internet, including through behavioral advertising designed to target users' interests and deliver more relevant advertising"</i>.
<br/><br/>Under <i>"We or these third parties may collect the following information (and similar information):"</i>, <i>"Demographic data collected on Ask Apps Services (e.g., age, zip or postal code, gender) and geographic location derived from your IP address on your visits to the Ask Apps Services and non-affiliated websites and applications"</i>, <i>"We may disclose any or all of the collected information to third parties"</i>.</p>
<p>You can't make this up. I'm stopping here, this provider not only fails somewhat in the security department, privacy &amp; anonymity are foreign concepts!! I was also not able to find any information on wether they allow email clients or not.</p>
</div>
</div>
<div class="case">
<h4 id="Fastmail"><a href="https://www.fastmail.com">Fastmail</a></h4>
<div class="text-block">
<p>Requires you to send in a Postcard (obviously to Germany) to gain access to service, which is then put up in a gallery for all to see. An interesting novel idea, but perhaps not the most anonymous. Also requires an existing email address.</p>
<p>The <a href="https://freeshell.de/wp-content/uploads/2015/05/freeshell_privacy.pdf">Privacy Policy</a> <a href="archives/email/freeshell_privacy.pdf">[archive]</a> is in PDF form. It starts off okay by saying <i>"Your personal data, to the extent necessary for the establishment, content or change of status (inventory data) are exclusively used for the processing of contracts made between you and us."</i> (length of time not mentioned), and <i>"Under no circumstances will the data collected be used beyond of the contractual purpose, or otherwise sold to third parties - if it is not essential for the performance of the contract - provided."</i> Except we see see this isn't exactly true a little bit later.</p>
<p>Next it says <i>"The following data is stored, but seperated from other data that you transmit"</i>, <i>"Date and time of access"</i>, <i>"Browser type / version"</i>, <i>"Operating system"</i>, <i>"URL of the previously visited site"</i>, <i>"IP address"</i>. They say <i>"It is not allowed for our partner companies to collect, process or use personal data, via our website"</i>.<br/>But wait, Facebook is a 3rd party! Under <i>"Using Facebook / social plugins"</i>, <i>"Our site uses so-called social plugins ("Plugins") from the social network Facebook"</i>, <i>"When you visit a page of our website that contains a social plugin, <span class="underline"><b>your browser establishes a direct connection with the Facebook servers</b></span>. The content of the plugin is transmitted from Facebook directly to your browser and is integrated into the website."</i>, <i>"By integrating the plugin, <span class="underline"><b>Facebook receives the information that your browser has accessed the relevant page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook.</b></span> This information (<span class="underline"><b>including your IP address</b></span>) <span class="underline"><b>is transmitted from your browser and immediately to a Facebook server in the US and stored there.</b></span>"</i>. Sounds like a "3rd party" to me. It doesn't say what pages have the Facebook plugin.</p>
<p>They do say you can withdraw consent by emailing them, which removes service. They also recommend using Tor. The <a href="https://freeshell.de/wp-content/uploads/2015/05/freeshell_conditions.pdf">Terms of Use</a> <a href="archives/email/freeshell_conditions.pdf">[archive]</a> do not seems especially notable, though they do say the language of the contract is German, despite it obviously being in English. They also <i>"reserve the right to prosecute you at your current residence"</i>, whatever that means.</p>
</div>
<a href="http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#FastMail">http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#FastMail</a>
</div>
<div class="case">
<h4 id="GMail"><a href="https://gmail.com">GMail</a></h4>
<div class="text-block">
<p>From the <a href="https://policies.google.com/privacy">Privacy Policy</a> <a href="https://web.archive.org/web/20200302014116/https://policies.google.com/privacy">[archive]</a>: <i>"We collect information to provide better services to all our users — from figuring out basic stuff like which language you speak, to more complex things like which ads you’ll find most useful, the people who matter most to you online,"</i></p>
<p><i>"When you’re not signed in to a Google Account, we store the information we collect with unique identifiers tied to the browser, application, or device you’re using."</i></p>
<p>They track you a lot, they say this <i>"depends on how you use our services &amp; how you manage your privacy controls"</i>, &amp; they treat it as <i>"personal information"</i>. Whatever that means.</p>
<p>They do a decent job of making it sound "not evil", but they don't really say "you can turn all of this off &amp; we'll stop tracking you".</p>
<p>They also used to read your emails, but supposedly stopped, but might still scan them. Whatever, next.</p>
<p>Google is <a href="https://web.archive.org/web/20200223045911/https://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data">part of</a> <a href="https://en.wikipedia.org/wiki/PRISM_(surveillance_program)">PRISM</a>.</p>
</div>
<a href="https://spyware.neocities.org/articles/google_search.html">https://spyware.neocities.org/articles/google_search.html</a>
</div>
<div class="case">
<h4 id="GMX"><a href="https://gmx.com">GMX</a></h4>
<div class="text-block">
<p>According to <a href="https://en.wikipedia.org/wiki/GMX_Mail">Wikipedia</a> <a href="https://web.archive.org/web/20190507205658/https://en.wikipedia.org/wiki/GMX_Mail">[archive]</a> they are an ad-supported provider (big red flag, as this usually includes tracking), and are the owners of <a href="mail.com">Mail.com</a>.</p>
<p>They also want your phone number, just like mail.com. </p>
<p>According to their <a href="https://www.gmx.com/company/privacypolicy/#.1559516-footer-nav1-2">Privacy Policy</a> <a href="https://web.archive.org/web/20190927110651/https://www.gmx.com/company/privacypolicy/">[archive]</a>, they track your data <i>"pseudo-anonymously"</i>. They admit to using Google Ads. They added a bunch of GDPR stuff in, there is lots of repetition, it was not meant to be easily understood.</p>
</div>
</div>
<div class="case">
<h4 id="Hushmail"><a href="https://www.hushmail.com">Hushmail</a></h4>
<div class="text-block">
<p>This provider is basically <a href="#yahoo"><i class="yahoo2">Yahoo!</i></a> (<a href="http://nanochanpwz3xnue76gteysv6wjm5sim3bbcm2lc65x625at774k77qd.onion/g/9823.html">nanonyimity</a> wise) but you have to pay for it.</p>
<p>Let's go straight to the <a href="https://www.hushmail.com/privacy/">Privacy Policy</a> <a href="https://web.archive.org/web/20200225125537/https://www.hushmail.com/privacy/">[archive]</a>.</p>
<p><i>"We keep records of the activity that takes place on our website, including a record of IP addresses used by website visitors and account holders. We use this information to analyze market trends, gather broad demographic information, and to prevent abuse of our services"</i>.</p>
<p><i>"As part of the account creation process your IP address will be recorded. We may request that you provide other information, such as a phone number, as well. We use this information to analyze market trends, gather broad demographic information, and to prevent abuse of our services. We will not share this information with third-parties"</i>.</p>
<p><i>"When you sign into your account, either by using a web browser or using other software, we will record certain information about your activity. When you perform actions such as reading or moving an email, we will also record these actions"</i>.</p>
<p><i>"Information we record may include your IP address, your browser type, browser language, date and time of the action, account usernames, sender and recipient email addresses, file names of attachments, subjects of emails, URLs in the bodies of unencrypted email, and any other information that we deem necessary to record for the purposes of maintaining the system and preventing abuse"</i>.</p>
<p><i>"When you communicate with us, you may provide us with personal information about yourself. Your communication with us may be retained in our system"</i>.</p>
<p><i>"If you have an unencrypted email in your account, it will be stored on the Hush servers unencrypted"</i>.</p>
<p><i>"We do not and will never share your personal information with any third-party except as specified in this policy. We will never sell your personal information under any circumstances"</i>.</p>
<p><i>"If you send an email using Hushmail, your IP address will not appear in the headers of the email"</i>, something <a href="#Lavabit">Lavabit</a> fails to do.</p>
<p><i>"The information we use to display this is gathered from our records; we do not track your actual location"</i>, what?</p>
<p><i>"We store sales, marketing, and customer care information with third-parties that"</i>.</p>
<p><i>"We may temporarily share information that is not personally identifiable with third-party services for the limited purpose of supporting our advertising, sales and marketing activities. Those third parties are not permitted to use the information for any other purpose"</i>.</p>
<p>Under <i>"How long do we retain your personal information?"</i> it says the account will be deleted immediately but <i>"The records we keep of your activities are permanently deleted after approximately 18 months. Records that are stored for statistical purposes may be kept indefinitely"</i>.</p>
<p><i>"Free accounts are deactivated if unused for a period of three weeks"</i>, so not especially practical unless you email constantly.</p>
<p>They want your phone number. Base price is $50 (a year). <a href="https://help.hushmail.com/hc/en-us/articles/213269283-Thunderbird-IMAP-">Supposedly it supports email clients</a>, I don't know if this is available for free tier.</p>
<p>Seems like a case of talking the talk, but not walking the walk.</p>
</div>
<a href="http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Hushmail">http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Hushmail</a>
</div>
<div class="case">
<h4 id="InstallGentoo"><a href="https://mail.installgentoo.com">InstallGentoo</a></h4>
<div class="text-block">
From the makers of the InstallGentoo Wiki. Appears to broken or dead. Says it has SquirrelMail, but the link won't load. No button for signup. Privacy Policy and TOS are nice and simple.
</div>
</div>
<div class="case">
<h4 id="iCloud"><a href="https://www.icloud.com">iCloud</a></h4>
<div class="text-block">
<p>iCloud is a <a href="https://en.wikipedia.org/wiki/Closed_platform">walled garden</a> / <a href="https://en.wikipedia.org/wiki/Information_silo">information silo</a> service, that apparently (?) requires <a href="https://web.archive.org/web/20200216070048/https://support.apple.com/guide/icloud/create-an-icloudcom-email-address-mmdd8d1c5c/icloud">a Crapple device to gain email access.</a> I might have tested this, but the JabbaScript requiring icloud.com tells me it had a <i><a href="img/email/icloudconnectionerror.png">"Connection Error"</a></i> when I visited it over Tor.</p>
<p><a href="https://www.apple.com/legal/privacy/en-ww/">Privacy Policy</a> <a href="https://web.archive.org/web/20200229072748/https://www.apple.com/legal/privacy/en-ww/">[archive]</a> time:
<br/><i>"You may be asked to provide your personal information anytime you are in contact with Apple or an Apple affiliated company"</i>, well that's just a great start, isn't it? <b>No honest provider <i>needs</i> your personal information!</b>
<br/><i>"Apple and its affiliates may share this personal information with each other and use it consistent with this Privacy Policy"</i>, at least I can give them credit for saying this <i>at the start</i> of the privacy policy.
<br/><i>"They may also combine it with other information to provide and improve our products, services, content, and advertising"</i>.
<br/><i>"You are not required to provide the personal information that we have requested, but, if you chose not to do so, in many cases we will not be able to provide you with our products or services or respond to any queries you may have"</i>. Translation: "You don't <i>have</i> to give your personal info, but you do if you want service"!</p>
<p>Did I say that's only the first paragraph, after their baloney at the top? Did I also not mention that I had to delete elements in dev mode, on their not-loading site that was having a "Connection Error" so I could click the privacy button, which redirected me to a marketing page, not the Privacy Policy?</p>
<p>Here's a good one: <i>"When you share your content with family and friends using Apple products,"</i> [...] <i>"Apple may collect the information you provide about those people such as name, mailing address, email address, and phone number. Apple will use such information to fulfill your requests, provide the relevant product or service, or for anti-fraud purposes"</i>. Oh, just wonderful! So not only will they not give you any privacy or anonymity, they will abuse the privacy and anonymity of anyone else you contact through their services!</p>
<p>Apple (of which iCloud is a service of) is <a href="https://web.archive.org/web/20200223045911/https://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data">part of</a> <a href="https://en.wikipedia.org/wiki/PRISM_(surveillance_program)">PRISM</a>.</p>
<p>I'm done with this one, I've seen enough.</p>
</div>
</div>
<div class="case">
<h4 id="Kolabnow"><a href="https://kolabnow.com">Kolabnow</a></h4>
<div class="text-block">
<p>No obvious Privacy Policy. Instead, there is only a mention of data policy in their <a href="https://kolabnow.com/tos/">TOS</a> <a href="https://web.archive.org/web/20200201012646/https://kolabnow.com/tos/">[archive]</a>, under <i>"DATA PRIVACY AND SECURITY"</i>, saying <i>"We will only keep the minimum of logs and debug information necessary to ensure that we can improve the service and resolve issues that may have occurred"</i>. Length of time not specified.</p>
<p>They do at least say above that, that <i>"there will be no access to your data by third parties without a duly authorized warrant issued by a Swiss judge"</i>.</p>
<p>Site requires JS to properly navigate.</p>
</div>
<a href="http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#KolabNow">http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#KolabNow</a>
</div>
<div class="case">
<h4 id="Lavabit"><a href="https://lavabit.com">Lavabit</a></h4>
<div class="text-block">
<p>This one has a storied history as it relates to whistle blower Edward Snowden. I suggest reading the <a href="https://en.wikipedia.org/wiki/Lavabit">Wikipedia article</a> on it.</p>
<p>Now onto the Privacy Policy, which they call a "Privacy Pledge". It's not the best, but's better than most <i>I guess</i>.</p>
<p>They log your IP with extra steps: <i>"Lavabit e-mail servers do record the IP address used to send an outgoing message in the header of an outgoing e-mail"</i>.</p>
<p><i>"We do not keep a record of the IP addresses used to access our services (except in the web server logs), and we not keep a record of what information was accessed during a particular session"</i>. Key part: <i>"except in the web server logs"</i>.<br/><i>"We record this information in the message header so that law enforcement officials in possession of a message that violates the law can identify the original sender"</i>. <i>"Lavabit does not retain this information"</i> (for how long do you though?).</p>
<p>So basically, use with a VPN or Tor if at all.</p>
<p>I would test it, except base price is $30, so I won't.</p>
</div>
</div>
<div class="case">
<h4 id="Luxsci"><a href="https://luxsci.com">Luxsci</a></h4>
<div class="text-block">
<p>I went by their having blog posts on <a href="https://luxsci.com/blog/kick-privacy-notch-tor.html">Tor</a>, <a href="https://luxsci.com/extranet/info/email-smtp.html">SMTP</a>, <a href="https://luxsci.com/know/email/pop.html">POP</a> &amp; <a href="https://luxsci.com/know/email/imap.html">IMAP</a> to judge their support for Tor &amp; clients. Their site is a little bit complicated, but nothing on the order of <a href="#SAFemail">SAFemail</a>.</p>
<p>Issues begin to arise once you take a look at their <a href="https://luxsci.com/extranet/privacy.html">Privacy Policy</a> <a href="https://web.archive.org/web/20200224051603/https://luxsci.com/extranet/privacy.html">[archive]:</a>
<br/><i>"While visiting the LuxSci web site, information is collected"</i> [...] <i>"This information includes Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, operating system, date/time stamp, &amp; click-stream data"</i>.
<br/><i>"web site forms may request: names, addresses, phone numbers, company demographics, as well as record current IP addresses &amp; web browser user agents"</i>. <i>"Company Demographics"</i> though?! What?
<br/><i>"For owners of a LuxSci Free Trial Account"</i> [...] <i>"Personal information about the account (e.g., billing history, support history, order history, &amp; contact information) may be kept indefinitely"</i>.</p>
<p>They might have decent <i>security</i>, but they lack proper <i>privacy &amp; anonymity</i>.</p>
</div>
</div>
<div class="case">
<h4 id="Lycos"><a href="https://lycos.com">Lycos</a></h4>
<div class="text-block">
<p>The <a href="img/email/lycoscertfail.png">cert fails</a> for the one mail server. They <a href="https://helpdesk.lycos.com/support/solutions/articles/29000011715-how-do-i-access-my-lycos-mail-from-a-mobile-device-or-client-using-pop-or-imap-">require you to pay</a> <a href="https://web.archive.org/web/20180417185424/http://helpdesk.lycos.com/support/solutions/articles/29000011715-how-do-i-access-my-lycos-mail-from-a-mobile-device-or-client-using-pop-or-imap-">[archive]</a> if you want client access.</p>
<p>Some excepts from the <a href="https://info.lycos.com/resources/privacy-policy/">Privacy Policy</a> <a href="https://web.archive.org/web/20200217045244/https://info.lycos.com/resources/privacy-policy/">[archive]</a>:
<br/><i>"Lycos collects anonymous data and shares it with third-party advertisers in an aggregate form"</i>. <i>"We do not sell your personal information to third parties"</i>.
<br/><br/><i>"Lycos may place [web beacons] on Web pages and within Web-based email newsletters that we send. Working in conjunction with cookies, Web beacons allow Lycos to accurately count the number of unique users who have visited a specific page"</i> [...] <i>"This information is only collected in aggregate form and will not be linked to your personally identifiable information"</i>.
<br/><br/><i>"Lycos may disclose information about individual users to third parties who agree to provide services to Lycos and who agree to maintain the confidentiality of such information in accordance with this Privacy Policy"</i>.
<br/><br/><i>"We use third-party advertising companies to serve ads and collect information when you visit the Lycos Network. These companies may use information (not including your name, address email address or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. Third party advertisers' use of cookies is subject to their own privacy policies"</i>, they are really committed to logging you.</p>
<p>Nowhere do I see how long all this info about you is kept, even if it did, it would go through an advertising service's system too, subject to a different Privacy Policy. This is a deal breaker, even if the use of Google ReCaptcha wasn't already, which it is.</p>
</div>
</div>
<div class="case">
<h4 id="Mailbox.org"><a href="https://mailbox.org/en">Mailbox.org</a></h4>
<div class="text-block">
<p>Uses Google reCaptcha according to their own Privacy Policy, I stopped reading there.</p>
<p>Claims to support Tor &amp; clients, but does not mention an .onion address.</p>
<p>Server mx-n.mailbox.org failed to connect when using CheckTLS.</p>
</div>
<a href="http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Mailfence">http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Mailfence</a>
</div>
<div class="case">
<h4 id="Mailfence"><a href="https://mailfence.com">Mailfence</a></h4>
<div class="text-block">
<p>To much unnecessary data retention (45 days) &amp; analytics (see digdeeper). You have to pay (they do accept BTC) for client access.</p>
</div>
<a href="http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Mailfence">http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Mailfence</a>
</div>
<div class="case">
<h4 id="Mail.com"><a href="https://www.mail.com">Mail.com</a></h4>
<div class="text-block">
<p>HAHAHAHAHA</p>
From the <a href="https://www.mail.com/int/company/privacypolicy/">Privacy Policy</a> <a href="https://archive.fo/lqmzE">[archive]</a> under: <i>"Information We Collect"</i>
<ul>
<li>Your name</li>
<li>Gender</li>
<li>Date of Birth</li>
<li>Postal address</li>
<li>E-mail address</li>
<li>Telephone &amp; telefax numbers</li>
<li>Credit card information</li>
<li>Other billing information</li>
</ul>
</div>
</div>
<div class="case">
<h4 id="Mail.ru"><a href="https://mail.ru">Mail.ru</a></h4>
<div class="text-block">
<p>I am judging by the presence of <a href="https://web.archive.org/web/20200303060514/https://translate.google.com/translate?hl=en&amp;sl=ru&amp;tl=en&amp;u=https%3A%2F%2Fhelp.mail.ru%2Fmail%2Fmailer%2Fpopsmtp">this page</a> to judge that it has client support.</p>
<p>Another botnet. Let's look at the <a href="https://help.mail.ru/engmail-help/privacy">Privacy Policy</a> <a href="https://web.archive.org/web/20200303061042/https://help.mail.ru/engmail-help/privacy">[archive]</a>, which I believe is best summarized by these chat messages from discussing this in the groupchat:</p>
<div class="smallbox">
<b>me</b>: <i>"https://web.archive.org/web/20200303061042/https://help.mail.ru/engmail-help/privacy"</i>
<br/><b>me</b>: <i>"this is a dense one"</i>
<br/><b>me</b>: <i>"For the purpose of performance of the agreement with the User for provision of the Service selected by the User and for granting access to the User to the functionality of the Service selected by him/her, the Company develops, improves, optimizes and implements new functionality of the Services (including services and products of informational, communication, advertising, educational, entertainment and other nature), including with the participation of affiliates and/or partners. In order to ensure achievement of the specified purposes the User agrees and instructs the Company to carry out, in compliance with the applicable legislation, processing (including collection, recording, systematization, accumulation, storage, refinement (updating, modification), comparison, retrieval, use, depersonalization, blocking, deletion and destruction) of the Users' Account data and Other data, including results of automated processing of such data, and specifically in the form of whole-number and/or text values and identifiers, transfer of the above data to the affiliates and/or partners in pursuance of such instruction for processing, as well as to collect (receive) the Users' Account data and Other data from the affiliates and/or partners."</i>
<br/><b>me</b>: <i>"bruh"</i>
<br/><b>digdeeper</b>: <i>"the final boss of botnet"</i>
<br/><b>digdeeper</b>: <i>"including collection, recording, systematization, accumulation, storage, refinement (updating, modification), comparison, retrieval, use, depersonalization, blocking, deletion and destruction) of the Users' Account data and Other data"</i>
<br/><b>digdeeper</b>: <i>"has all the attacks"</i>
<br/><b>digdeeper</b>: <i>"lol"</i>
<br/><b>digdeeper</b>: <i>"transfer of the above data to the affiliates and/or partners"</i>
<br/><b>digdeeper</b>: <i>"and summons minions"</i>
</div>
<p>They also allow you to login with <a href="img/email/mailrubotnet1.png">other botnet services</a> (many of which are part of PRISM). Like <a href="#Yandex">Yandex</a>, entering a phone number is optional, but they do want your date of birth &amp; gender.</p>
</div>
</div>
<div class="case">
<h4 id="NixNet"><a href="https://nixnet.email">NixNet</a></h4>
<div class="text-block">
<p>Apparently has <a href="http://l4qlywnpwqsluw65ts7md3khrivpirse744un3x7mlskqauz5pyuzgqd.onion">an Onion address</a>, but the link to the email portion of the site goes to clearnet.</p>
<p>Let's jump right into the <a href="https://nixnet.services/privacy/">Privacy Policy</a> <a href="archives/email/NixNet.email_Privacy Policy_(2020-03-28).html">[archive]</a>. Under <i>"IP Address"</i>, it says <i>"Some applications (Gitea, Mumble, XMPP, and <span class="underline"><b>NixNet Mail</b></span>) <span class="underline"><b>collect your IP</b></span> when you register. At the moment, that <span class="underline"><b>information is kept indefinitely</b></span>. However, I’m working on either completely disabling it or setting something up that will periodically delete stored IP addresses. When I do, this document will be updated accordingly."</i> Not a good start. What's next? <i>"If you don’t want me to have that information to begin with, just use Tor Browser."</i>, okay, not bad.</p>
<p>Under <i>"Browser Fingerprint"</i> it says <i>"As far as I know, nothing collects or uses any of that information."</i>, which is somewhat reassuring. After <i>"Usage and storage of collected information"</i> it says <i>"Whatever data is collected is stored on servers I have sole control over and it won’t be shared with any third parties whatsoever."</i>.</p>
<p>Under <i>"Exceptions"</i> it says <i>"I do live in the US; I have three servers here, three in Germany, and another in Luxembourg. If, for whatever reason, I’m compelled by law enforcement to give up your email, IP address, or any other information, I will even though I don’t want to. As such, I do whatever I can to make sure I don’t have that information. If I don’t have it, I can’t share it."</i></p>
<p>All in all, seems pretty decent, I have however yet to actually try the service.</p>
</div>
</div>
<div class="case">
<h4 id="NeoMailbox"><a href="https://www.neomailbox.com">NeoMailbox</a></h4>
<div class="text-block">
<p>Has no Privacy Policy. $50 a year for base package. Keeps logs for 6 months.</p>
<p>TLS <a href="img/email/neomailboxtlsfail.png">fails on one of it's servers</a>, mail2.neomailbox.com, but works on the other one, mail1.neomailbox.com.</p>
</div>
<a href="http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Neomailbox">http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#Neomailbox</a>
</div>
<div class="case">
<h4 id="NovoOrdo"><a href="https://novo-ordo.com">NovoOrdo</a></h4>
<div class="text-block">
<p>Has an <a href="https://novordxxyzzxzw6t.onion">onion address</a>, but it is only provided over HTTPS, so you will get a security error for it being a self-signed cert, and it's just a redirect to the cleanet page anyway, much like <a href="#CTemplar">CTemplar</a>.
<br/>They claim to have an onion address for SMTP, IMAP &amp; POP, but I have not tested if they work or not.</p>
<p>Allows payment with BTC, but this requires JavaScript. Cost is $34 for 1 year, $13 for 3 months, or $80 for 3 years.</p>
<p>While the domain is "novo-ordo.com", they call the service "Sub Rosa". I'm not sure why they don't just call the entire website that. Maybe it's because they are also a re-mailer service or something.</p>
<p>The <a href="">Privacy Policy</a> <a href="https://web.archive.org/web/20200309073517/https://novo-ordo.com/about-us/privacy-policy/">[archive]</a> is questionable. Let's go through it:
<br/><i>"Our server is located in Switzerland where privacy is protected by law"</i>, debatable (see what <a href="http://digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion/ghost/email.html#laws">digdeeper</a> has to say about countries' privacy laws), but okay.
<br/><i>"We avoid the collection of personal information whenever possible"</i>, kinda vague, and virtually meaningless unless you put some sort of belief or trust in them.
<br/><i>"No information on the legal use of this service by any user is sold, forwarded, traded, or intentionally released in any way"</i>, so illegal use can be <i>"sold, forwarded, traded, or intentionally released in any way"</i>, ha!
<br/><i>"Your email is not read by humans or machines"</i>, so then animals or <a href="https://web.archive.org/web/20200305100010/https://knowyourmeme.com/memes/ayy-lmao">ayys</a> can still read it.
<br/><i>"All email stored on our server is encrypted. The keys are stored in a different jurisdiction than the server"</i>, some providers could learn from this.
<br/><i>"Email is not backed-up unless special arrangements are made. There are no copies of your email. It is recommended that you keep your own copies of important emails"</i>, this is both good and bad. For privacy it's good, but, if something happens &amp; you missed an important email and/or weren't using POP, you are screwed.
<br/><i>"We will only keep the minimum of logs and debug information necessary to ensure that we can improve the service and resolve issues that may have occurred"</i>, uh oh. What does "minimum" mean?! <i>"These logs are typically kept for less than one week"</i>, logs of what?
<br/><i>"We employ a state-of-the art security-centric design based on open source software which we make use of to provide the Service"</i>, totally meaningless statement.</p>
<p>The log keeping and onion address are the biggest issues here, I cannot recommend this in good faith.</p>
</div>
</div>
<div class="case">
<h4 id="Nuegia"><a href="https://nuegia.net">Nuegia</a></h4>
<div class="text-block">
The site is not tested for TLS because the site provides zero information regarding any email server, only showing a cgit instance. I have seen the site show an actual web page before however, that did include a PGP key of the administrator/owner.
<br/>
The service may offer paid support in the future. I was going to test with testssl, but the tool seems to have no Tor support so I will have to wait till I get a VPN.
<br/>
The biggest issue with this "provider" (it isn't really a provider since it's private usage only, basically if someone followed the self hosting advice for their own use) is the lack of information about it. No Privacy Policy, no anything.
</div>
</div>