One of the advantages of this paid email service is that it falls outside of the jurisdiction of FiveEyes nations. What’s more, Germany tends to be a location that is considered good at upholding digital privacy rights.
That being said, the German Federal Intelligence Service, Bundesnachrichtendienst (BND), is extremely sophisticated. In recent years the BND has received more funding than ever before from Merkel’s government. In addition, the BND is known to have worked with GCHQ and the NSA in the past (as part of the greater 14 Eyes arrangement).
Despite this, it is fair to say that Germany is a better place than the UK, the USA, or Australia (and many other nations) for a privacy service like
How much does Posteo cost?
Subscribers can choose to pay via cash through the post, PayPal, bank transfer, credit card, or using a voucher.
For a Euro a month, users get access to the following primary features:
- Two alias addresses (sadly no .com addresses available)
- 2 GB email storage account (can be upgraded to 20 GB at a cost of 0.25 EUR per month for each additional GB)
- Email attachments up to 50 MB in size
- Upload multiple files
- Cross-device compatibility thanks to IMAP/POP3.
Posteosubscribers can synchronize their email on their smartphones, tablets, or PCs
- E2E email encryption with PGP
Autocryptand OpenPGP header compatibility
- Spam and Virus filter (with the ability to whitelist)
- Customizable filters - for sorting emails automatically as they arrive
- Unlimited filter addresses for keeping your inbox tidy
- Users can securely migrate up to three external email accounts over to
- List or conversation view
- Auto Reply (for when you are away on holiday, for example)
- Fast search
- HTML emails
This means that users are safe to pay with a credit card or PayPal. The only thing that authorities could ever find out about you, is that your PayPal account (or credit card) opened a Posteo account on a particular day. It is worth noting that tax laws do compel
Email and metadata
PGP E2E email encryption is also available in the webmail client but will require you to install an addon called MailVelope. Users can also choose to encrypt their inbox, though this will have some repercussions in terms of functionality (email searching ceases to work). Incoming emails can be encrypted using your private S/MIME or OpenPGP key.
This means that you don’t have to trust Posteo’s inbox encryption if you don’t want to. For the most security-conscious, holding your own keys is definitely the way to go. Finally, Two Factor Authentication (2FA) is available for all
Opening an account with Posteo is extremely easy and doesn't take longer than a minute or two.
The only data necessary is:
- A username (this can be
- A Password
- A payment method (Cash, Paypal, bank transfer, credit card, or with a voucher)
One thing I was slightly disappointed by was the lack in availability of .com addresses. A .com address is an advantage to any business or individual who relies on people being able to remember their email address. As long as you are happy with an email address ending in .net, .org, .de, .co.uk, .af, .jp - or one of many others,
The Posteo Roundcube client
The Posteo webmail client is based on Roundcube, an open source client. However, Posteo’s implementation of Roundcube comes with a lot of extra features when compared to the standard Roundcube client. In the top right-hand side, you get a menu with the following tabs: Email; Address Book, Calendar, Notes, Settings, Help, and Logout.
As you can see from the image above,
One feature that I did find to be slightly cumbersome was Posteo’s threaded conversation view. Although it is a nice addition, it is not as well implemented as on Gmail. This is because it doesn’t include your responses - it only gives you the threads from emails sent to you. In addition, it does sometimes exclude contacts from a cc list - meaning that conversations can fall apart into multiple threads.
Another disappointment is the fact that the web client is not mobile browser friendly. This means anybody who prefers to log into their email via their mobile browser (to keep personal data off their mobile for data security reasons) isn’t going to enjoy their Posteo experience. I tried to use it on Chrome on my
In order to use PGP encryption, I did first need to install the MailVelope addon. Chrome users can get it in the Chrome Webstore and Firefox users can download it from the Mailvelope website. The good news is that MailVelope is pre-configured in the Posteo client, and, as soon as you install it a new button that says “Compose and encrypt” appears in the webmail interface.
To check it is working, click on it and if you see a MailVelope lock symbol in the text field the installation was successful. One problem with MailVelope (as opposed to client-native end-to-end encryption) is that it is not compatible with every popular email client.
Another thing to remember is that your private key for MailVelope is extremely sensitive. When you set up OpenPGP encrypted emails your private key is encrypted to a passphrase. It is essential that you choose a strong passphrase and that you take
Your private key is used by you only - to decrypt messages sent to you from people who have your public key. If someone gains access to your private key they will be able to read your encrypted messages and sign messages so that they seem to be from you.
Anybody who prefers to use Enigmail on Thunderbird can do so, and Posteo provides excellent guides for this and just about anything else you can think of.
In order to test migrating on
DANE fingerprint authentication
DANE is an outstanding DNS-based authentication method that checks the digital certificate fingerprints of other email providers. This allows
If you do use DANE, a small green checkbox appears above your intended recipient's address to let you know whether the server you are communicating with is DANE-friendly.
No spam folder
Perhaps the most annoying thing about
Although this is a drawback, the good news is that the sender of an email that is rejected as spam is notified about why it was categorized as spam, giving them the opportunity to try again. In time, it is possible some might even decide this is an advantage of the service.
Posteo website and customer service
Personally, I found the Posteo website to be absolutely fantastic. I enjoyed it both visually and because it provides a lot of valuable information about the service. There is literally nothing you can’t learn about the service on the website and its setup guides and walkthroughs are extremely well put together.
As far as customer service goes, I found the agents to be extremely helpful. Though admittedly their job is made easy by the abundant availability of content on the website for them to direct users to. One slight drawback is that
With ProtonMail, you don’t require a separate extension to handle end to end encryption in the webmail client. It is also true that some email clients aren’t compatible with Posteo’s MailVelope implementation. This means if you intend to use the Roundcube Posteo client - you may have trouble sending and receiving e2e encrypted emails to some of your contacts. You could, of course, simply use
To conclude Posteo is a great email service well worth a look for anybody wanting to get away from more invasive email providers such as Google and Hotmail.
- Costs just 1 EUR per month
- POP3 or IMAP for use on any client on OS X, iOS, Android, Windows, or Linux
- Emphasis on privacy, data reduction, zero tracking, green energy, sustainability, social justice
- Fully featured: Server-side email encryption, calendar and contacts, E2E with other clients/users if required, cross-client compatibility
- Email metadata can also be encrypted
- Probably have to spell out '@posteo' to anyone who asks you your email address verbally
- Can't use your own domain
- No .com addresses available
- Located in a '14 Eyes' country