Security & Privacy

Your email is protected at every layer — in transit, at rest, and in principle. Here's exactly how we do it.

All connections — IMAP, SMTP, and webmail — are protected with TLS 1.3. No cleartext traffic, no downgrade attacks.

Messages are encrypted at rest on our servers. Even if hardware is compromised, your correspondence stays unreadable.

We run hardened Postfix and Dovecot instances behind layered firewalls with continuous security monitoring and patching.

We never scan your emails for ads, keywords, or behavioral profiling. Your messages are yours — period.

We don't build advertising profiles. We don't sell or share your data with third parties. Full stop.

Generate unlimited aliases that are cryptographically unlinkable to your primary address, preventing cross-service tracking.

Your data belongs to you. Export anytime via standard IMAP or request complete account deletion — no dark patterns.

Every outgoing message is signed with DKIM. SPF and DMARC policies prevent impersonation of your address.

Our privacy promise

We believe email is a conversation, not a commodity.

Every setting ships secure out of the box. You shouldn't need a PhD in cryptography to keep your inbox private.

We clearly document what data we store, how long we keep it, and why. No surprises hidden behind 40-page legal docs.

Export everything via IMAP or request full deletion at any time. Your inbox, your rules — we're just the infrastructure.

Create your account and own your inbox from day one — protected by design, not by afterthought.