User data security, privacy and anonymity

User security, privacy and anonymity are three related concepts that overlap. In this blogpost, we will try to explain how Mailfence relates to each of them.

Mailfence security, privacy and anonymity

What is security, privacy and anonymity in laymen terms

In laymen terms, definitions could be:

  • Privacy: Be able to fully control and manage one’s personal information or actions. In other words, ‘they’ can see who you are, but not what you do.
  • Anonymity: Be able to become fully unrecognizable in one’s data or actions. In short, ‘they’ can see what you do, but not who you are.
  • Security: Safeguards from threats, risks and danger. You are safe regardless of the fact that ‘they’ can see who you are, or what you do.

Mailfence and user data security, privacy and anonymity?

Below is a general visualization using a mind map. We will explain more in detail on how Mailfence relates to user data security, privacy and anonymity.


Mailfence and user data privacy

Based on our design philosophy, the privacy of user data is of the utmost importance to us. There are various ways in which Mailfence strives to protect user’s data privacy.

  • Minimalistic approach: Our basic principle is we try to keep as little data as possible. Starting from the registration, we only ask your a first/last name.  It doesn’t have to be your actual name – and that is only used for your display name. You can change it at any time. During registration we also request a username and an account recovery address (which could be an alias or a disposable address for privacy sake). Other collected data as stated in our Privacy policy is strictly used to run technical checks, deliver customer service, fulfill legal requests and process payment transactions. Users are always encouraged to follow a minimalist approach on other in-application data points as well.
  • No covert play: We use no tracking cookies, no browser fingerprinting and provide no secret access to third-parties. There are no ads, solicitations and during more than 17 years of operation of our company we have never commercialized our databases.
  • Locally hosted: We host all of your data locally, under strict Belgian privacy and data retention laws. Only a court order from a Belgian judge can force us to release information.
  • Third-party trackers: We filter out third-party trackers in all incoming messages to your account. Moreover, we also keep an eye on the evolving tactics of tracking users via emails, and improve our protections accordingly.
  • Protecting your location data: We strip your device IP address from all of the outgoing email headers. This greatly helps in preventing malicious actors to geo-map your location.
  • Other measures: We do have several other measures in place as well, e.g., strict in-house data access controls and retention policies, use of zero-knowledge frameworks, etc.

Mailfence and identity anonymity

Identity anonymity is important when thinking of online user data. At Mailfence we take into account several scenarios where anonymity layers are desired e.g., journalists, privacy activists, political dissidents, etc.

  • Using Mailfence with onion-based solutions: Mailfence encourage users to use Tor browser or Clearnet or I2P or any other onion-based solution to achieve better anonymity. Of course, using a VPN is a plus, on condition if you trust a single entity with all your internet traffic.
  • Support of Crypto-currencies: Mailfence support Bitcoins, Litecoins and Ethereum. We also plan to extend our support for other currencies as well.
  • Pseudonymous porting and de-porting of data: This can be done using a display name of any sort while connecting through onion-based services, and paying via crypto-currencies. You can then easily port -(import) and share your data e.g., using direct access (public) link while keeping your identity intact. You can always de-port (export) all your data if you want as well. Thanks to our support of open standard protocols e.g., SMTP/IMAP/POP3, WebDAV, CardDAV, CalDAV, OpenPGP, etc which has made it all possible. We don’t restrict or lock users in our application eco-system.

Mailfence and user data security

User data security is always our foremost concern and we take it very seriously. Following are some of the aspects that we would like to highlight here.

  • End-to-end encryption (E2EE) and Digital signatures (DS): Mailfence uses open source libraries, which have been publicly audited to provide end-to-end encryption and digital signatures based on OpenPGP. Our service works seamlessly in your browser, and maintains a zero-knowledge environment between your client (the browser) and our servers. Of course, if you don’t want to store your private (encrypted) key on our servers, or do not like a JavaScript based front-end, you are perfectly free to use any local client that can support OpenPGP (e.g., Thunderbird/Enigmail, …) and keep all your keypairs on your device.
  • Two-factor authentication (TFA): Your account security is very important to us, and that’s why we have always encouraged users to protect their accounts using TFA. If someone gets hold of your password (e.g., via phishing) your account will still remain safe. However, make sure you generated and stored securely the backup recovery codes (in case you lose access to your TOTP app).
  • Spam protection: We have several conventional and in-house spam preventive measures in place to protect your account from unsafe emails. We also plan to release a dedicated white and black-listing feature that will further empower users to retain control over unwanted emails.
  • Malware detection: We have dedicated measures to protect your emails (+ attachments), documents and various other import points from malwares and other harmful content.
  • Other measures: Various other security measures are in place as well, e.g., mandating all connections to our servers via Transport Layer Security (SSL/TLS) encryption, both for web services (+ PFSHSTS) and IMAP/POP/SMTP email client, etc.

Much more

We have of course plenty of other measures that protect your account security, privacy and anonymity. But not all of them are made public for security reasons.

Achieving a sound level of online security, privacy and anonymity is more like a spectrum and looks different depending on your goals and activities. The purpose of this blogpost is to help you distinguish between data security, privacy and anonymity so you can use Mailfence with peace of mind, given your threat model. See our threat model to have a better idea on what Mailfence can and cannot protect you from.

Get your secure email!

Follow us on twitter/reddit and keep yourself posted at all times.

– Mailfence Team

Spread the word!

Mailfence Team

End-to-end encrypted e-mail service that values and respects your privacy without compromising the ease-of-use. @mailfence @mailfence_fr

You may also like...

6 Responses

  1. Mel says:

    Not sure why you want us to create a username and an email handle…usually the email handle is the username. Does not make sense to have two different.

    • Dear Mel,

      The notion of keeping username and email address separate allow us to minimize the revelation of user email address on several public places (Attachment via download links, direct public access links for Documents, direct public access for Calendar, etc). It also allow us to form other data management and defense measures, which we prefer not to disclose.
      For the sake of usability though, both username and user email address can be used to log-in to the respective Mailfence account.

      Will remain at your disposal.

      Kind regards,
      Mailfence support

      • Mel says:

        Can you explain what you mean by “direct public access links”? Who would have access to the username via link? Thank you.

        • Dear Mel,

          It’s a feature that allow users to share their documents and calendar publicly, if they want to.

          The access to these document & calendar sharing links only becomes available if the user enables them. The user has full control over these links, which include limiting (their availability to some users) or completely disabling them at any point in time.

          Hope this helps, and will remain at your disposal.

          Kind regards,
          Mailfence support

  2. Kimball says:

    What is the anticipated date that the blacklist feature for spammers will be available? Currently, almost every email that I would define as “spam” gets into my Inbox. These emails are not at all malicious but are, instead, emails that I have decided that I don’t want to see sent by senders in whom I have no abiding interest.

    I miss having the feature in Mailfence common in many other cloud-based email servers that allow me to mark a particular email as being unwanted and subsequent emails from that sender will be filtered automatically upon arrival to the server into a spam folder.

    • Patrick De Schutter says:


      I cannot give you a precise date presently. We do offer Filters in the messages Settings that allow you to do exactly what you are looking for. We plan to integrate that in the contextual menu of the messages also.


Leave a Reply

Your email address will not be published. Required fields are marked *



This site uses Akismet to reduce spam. Learn how your comment data is processed.