This guide provides you with an overview of the Mailfence security analysis.
No email provider can guarantee to be 100% secure and private. Every service will have its tradeoffs, and it’s important to be aware of those before choosing one.
The following table provides a high-level security analysis of our email service with respect to the type of information and the level of protection that it holds.
| Type of Information | Level of Protection |
| Source of random data when creating new PGP keys | Entropy collected via the client device |
| Password encrypted in transmission from browser to web server | SSL/TLS |
| Password securely stored on web server | SHA256 (iterated and hashed) |
| Private key passphrase exposure | Passphrase check for all crypto-activity always occurs on the client side – and never gets exposed to the server |
| Encrypted private key in transmission between browser and web server | Two-layers of encryption: 1- With user passphrase (via AES) 2- TLS/SSL |
| Encrypted private key in storage | With user passphrase (via AES) |
| Private key decrypted on web server | Does not apply to Mailfence – as all the private key en(de)cryption occurs on the client side with the user passphrase |
| End-to-end encrypted messages during transmission from client browser to Mailfence servers | Two layers of encryption: 1 – OpenPGP 2 – SSL/TLS |
| End-to-end encrypted messages body and attachments during transmission between web server and recipient email account | 1 – OpenPGP 2 – STARTTLS (if supported by recipient) |
| End-to-end encrypted messages body & attachments encrypted in storage on web server | OpenPGP |
| End-to-end encrypted messages body & attachments known to web server | No (except sent & draft items) – crypto-operations concerning end-to-end occurs on the client side |
| Message headers encrypted during transmission from browser to web server | SSL/TLS |
| Message headers encrypted during transmission between web server and recipient email account | STARTTLS (if supported by recipient) |
| Message headers in storage on web server | Not encrypted |
Vulnerability analysis
The following points apply to emails sent using end-to-end encryption:
| Attack | Level of Protection |
| Attacker is listening to your Internet connection | Protected |
| Attacker gets access to email stored on the server | Protected |
| Attacker gets access to the server’s databases | Protected |
| Attacker compromises webserver after you have accessed your email | Protected |
| High-level MiTM attack – where an adversary sends you a false code for all the crypto-related operations to check | Not protected |
| Attacker has access to your account | Protected (but the sent end-to-end encrypted messages will be viewable in clear text) |
| Attacker has access to your computer before you access your email (and can install programs such as key logger/malware…) | Not protected |
In case of any doubt or question, feel free to reach out to us via support@mailfence.com