Tech Review: Mailfence Encrypted Email

In my line of work, secure, private and encrypted emails are becoming an everyday necessity, especially these days. While the major players in the game remain ProtonMail and Tutanota, earlier this year I learned of a new up and coming provider operating out of Belgium – Mailfence – and decided to test the service out for myself. Here’s what I learned, and why I now run my business through their servers.

Customer Service

The first thing to catch my attention about Mailfence was their responsiveness to customer service inquires, even on social media and when dealing with free account holders. For example, even whilst hosting a free account on their service I received messages back from customer support within 24 hours time. Not only this, but their social media channels remain open to the public and are very responsive to messages. By comparison, other email service providers do not have any open lines of communication through social media, and most will only provide support to paying customers.

Accounts & Plans

Mailfence offers a wide range of account services including, free, entry, pro and business level plans. If you would like to learn more about each individual plan, as well as the added costs/benefits between them, please utilize the following link.

View All Plans Here:

Even though the company operates out of Belgium, they do accept payments through foreign currency, including the American dollar, and perform the currency exchange on their end. This is important to understand because not every European based company is willing to do this. For example, in 2014 I was unable to register for Perfect Privacy VPN out of the Netherlands due to their reluctance to accept anything other than Euros. Perhaps most notably, even after submitting my debit card for payment, Mailfence enacted a delay on processing the payment in order to review my account/purchase – clearly indicating that the company isn’t just after some quick cash grab, but instead has a set of moral standards in place governing what they do and who they do business with. I know, imagine that – right?

Additionally, each Mailfence email address comes with built in data storage, acting as a de fecto Cloud storage account for all your important documents. Personally, I keep all of my most important documentation backed up through Mailfence. By comparison, I refuse to keep this sort of information stored on any other data hosting platform – especially Google.

Data Servers & Security

Mailfence‘s largest claim to fame, and what separates them from their competition, is the fact that the company hosts their data servers in and operates their business out of Belgium, which is known to have literally THE strictest privacy laws of any country in the world. Not only this, but Mailfence also goes out of its way to protect its website using TLS and SSL certificates which ensure that “no American certification authority is involved in the certification chain” – something I have personally never even seen before. Their site also enforces HSTS security headers and features state of the art encryption on all messages – more on that later on.

Data servers and country of origin is important to understand. As I have pointed out in a previous article on this subject, different countries have different laws when it comes to data storage and business/customer confidentially. Moreover, while countries like Switzerland would have you believe they hold the most secured privacy laws due to their world renown banking system, this just simply isn’t the case when it comes to cyber security. For example, ProtonMail tries to bank on Switzerland’s historic reputation, but ProtonMail was developed in part by researches at the Massachusetts Institute of Technology (MIT) and their relationship to/with the NSA and US Government is more than just rumor at this point. The fact of the matter is that, at the present moment in time, Belgium does more to protect customer privacy and data confidentially than any other country in the world – period, end of story.

Image may contain: text

Encryption Measures are Second To None

While there is a lot of competition out there on the encrypted email market these days, I have not seen one company offer more options to encrypt individual emails as Mailfence now does. For example, not only does Mailfence offer end to end encryption for all of its users, but the service also allows its users to create digital signatures, implements Sender Policy Framework (SPF) and Domain Keys Identified Mail (DKIM) – preventing email forging and ensuring all emails attached to your domain/account are exclusively sent via Mailfence servers. These are options which simply do not exist on other encrypted mail service platforms.

On top of this, Mailfence also implements two-factor authentication for all account holders using something known as “Time-based One-time Password” algorithms – also something I had never seen before. This technology ties a unique bar-code to an individual device or cell phone, ensuring that only that one device can have the means of generating a secondary code necessary for login. Combining their sign in methods with the sites security, along with their email encryption options, from login to transit, no email company I’ve ever seen does more to protect data/privacy than Mailfence now does.

Belgium Is The Future – IMO

While Mailfence is a relatively new and upcoming name, they have already sold me and I am happy to make the investment in the future. Moreover, reading international security headlines for a living such as I do, I am noticing an increase trend in the exploitation of encrypted email services for illegal means. For example, Tutanota accounts are behind nearly every single major ransomware related incident over the course of the last two years, and it is a general fact that all of the world most famous hackers and hacking groups operate through ProtonMail accounts.

Not all publicity is good publicity. The fact that nearly all major hacking and hacking related incidents are being conducted through ProtonMail and Tutanota servers is not a good look for business, and the longer this behavior continues the more likely it is that international authorities are going to compromise these services in one way or another – if they haven’t already quietly done so. As I have already pointed out, Mailfence is careful to choose who they do business with and whom they do not, and given that they are a relatively new service globally, ensures that their reputation has not been tarnished. As a new business owner myself, I feel much more comfortable attaching my name to Mailfence than I am any of its competitors.

Lastly, with the Netherlands essentially out of the privacy/security game and the pressure slowly mounting on all of these Swiss based companies, I see Belgium as the future leaders of cyber security over the course of the next 5-10 years. Not only is Belgium at the literal center of the European Union, which enacted revolutionary new data privacy laws in 2018, but some of the worlds most innovative security companies are starting to emerge there. This is true of services like Mailfence and DNSBelgium, which is leading the charge towards blockchain dns, which has the possibility changing the course of internet history. Given the way the country structures its laws, I see several major computer or cyber security based companies either starting up in or moving to Belgium in the years to come.

Published by

Brian Dunn

Writer, Researcher Owner: Rogue Media Labs | Rogue Security Labs (929)-319-2570 BrianDunn@RogueSecurityLabs.Ltd

Leave a Reply

Your email address will not be published.