List of Secure Dark Web Email Providers in 2016

7

If navigating the dark web wasn’t hard enough it’s a constant struggle to find trusted lines developed for secure communications. The dark web, or deep web as many wrongly refer to it, is where Tor-accessible domains reside, you know the .onion URL’s. It’s not that finding secure communications on Tor is a struggle, but it’s hard to find private lines not run by a rogue entity. Below we have organized a list of secure dark web email providers. Please remember that no email provider should ever be deemed secure, meaning always use encryption and keep your opsec to its highest level.

All of these email providers are only accessible via the Tor Browser, an anonymity tool designed to conceal the end users identity and heavily encrypt their communication, making those who use the network anonymous. Tor is used by an array of people including journalists, activists, political-dissidents, government-targets, whistleblowers, the government and just about anyone since it’s an open-source free tool. Tor provides a sense of security in high-risk situations and is often a choice among high-profile targets. However, many use it day-to-day as it provides identity concealment seamlessly.

Below we have listed emails that are not only secure but utilize no type of third-party services, including any type of hidden Google scripts, fonts or trackers. In the list below we have gone ahead and pasted the full .onion domain for verification and added a link to any services who also offer a clearweb portal. However, all communications sent through clearweb domains should be presumed insecure unless properly encrypted, then still it’s questionable.

Here is a list of secure dark web email providers (listed in order of trust – please read below for more info):

Secure Deep Web Email

Top 5 Dark Web Email Providers

1. Sigaint – sigaintevyh2rzvw.onion

Sigaint Dark Web Email Sigaint may be the Gmail of the darknet, one of the oldest and most trusted services that provides strict privacy and has an active track record to prove it. Regardless if you’re an active target of surveillance or just an everyday citizen, Sigaint supports you and your right to privacy.

Sigaint is completely free up to 50 megabytes, then they offer pro accounts that have 1,024Mb of storage, or one gigabyte in total. Sigaint’s free account offers more than 5x the storage other clearweb secure email providers offer for free. What’s great about Sigaint is they offer you both one clearweb address, @sigaint.org, and one darkweb address, @sigaintevyh2rzvw.onion, making the service one hundred percent backwards compatible with darkweb and clearweb communications, something a majority of providers don’t offer.

Sigaint takes dozen of measures to employ some of the greatest operational security we have seen, including:

  • Disables Java, JavaScript, Flash and all other webplugins needed to “enable” webamail (Sigaint recommends employing NoScript)
  • Deletes accounts after 1 year of inactivity (Pro never expires)
  • SIGAINT servers are in a secret location and only speak the Tor protocol. Clearnet-facing servers are just proxies, and contain no user data at all. If clearnet proxies are seized, they just replace them with absolutely no exposure.
  • Sigaint.org domain contains absolutely no user data, making seizure pointless
  • PGP signing and encrypting must be done locally, storing zero data about your encryption measures on their servers
  • Supports SSTARTTLS and perfect forward secrecy
  • Direct peering with other darkweb providers (email never leaves TOR)
  • Zero password recovery options
  • Allows account deletion
  • Employees and Owner remain 100% anonymous at all times

Not only does their operational security sound great it has actually been employed to extreme measures. If you remember back in 2014, the FBI conducted Operation Onymous, taking down 400 darkweb hosted sites in a TOR-targeted operation agents claimed was for “drugs.” Sigaint said it was a target that survived the FBI’s de-anonymization attacks, and did have not have any data leak. Best part is even the owners are anonymous, making the service just one step harder to take down.

The service is simple with the only rules being don’t spam people, threaten people or harm people, everything a good netizen should be doing now!

All around you can see we are clear supporters Sigaint and their ongoing operation to keep journalists, activists and just the regular public secure from dragnet surveillance and highly targeted attacks. To the anonymous members running Sigaint, keep up the hard work!

2. Rugged Inbox – s4bysmmsnraf7eut.onion

Another great dark web provider is RuggedInbox, another service that provides both a clearweb and darkweb portal, allowing for both secure and anonymized connections to flow. RuggedInbox is a free email provider that was developed with Tor in mind, using 100% open-source material and employing great security standards.

To start, RuggedInbox operates an offshore VPS located in Bulgaria, at datacenter VPSBG.eu. Too add, RuggedInbox’s webmail client will check if the receiving client supports TLS encryption, in the case it does, it will be sent over an officially encrypted channel. When you access the service no data is ever transmitted in clear text, everything is secured with forced SSL.

Not only does RuggedInbox provide both clearweb and darkweb access, they offer several different portals you can login through, to ensure optimal security is employed. They have two dark web domains with HTTPS certs, one with a valid HTTPS cert (https://s4bysmmsnraf7eut.onion) and another with a self-signed HTTPS cert (https://s4bysmmsnraf7eut.onion:444). They also offer several portals via the clearweb or darkweb to access the webmail with either JavaScript enabled or disabled, again employing optimal security. Due to the amount of login portals they have you will need to visit their official site to view them all.

Another great thing about RuggedInbox is they store absolutely zero logs and therefore don’t need to comply with data retention policies.

3. Torbox – torbox3uiot6wchz.onion

Torbox Private Darkweb Email A rather simple provider is Torbox, a TOR-only service. This means that no clearweb connections are made, making this email darkweb exclusive. If the recipient isn’t using a Torbox-certified provider, the email will not be sent, even if it’s darkweb compatible. Currently Torbox supports emails to and from lelantos.org, maskedmail.com, mail2tor.com, sigaint.org, ruggedinbox.com, mailtor.net and safe-mail.net.

Torbox is a strictly Tor email and has no intention of releasing a clearweb friendly service in the near future. Torbox is 100% free and offers 25 megabytes at signup and offers more diskspace for bitcoin donations. All email data stored on servers is encrypted due to the server itself using encrypted partitions.

As the name suggests, Torbox is a Tor-exclusive email, where no packet or email header will ever hit the clearweb.

4. Bitmessage – bitmailendavkbec.onion

Bitmessage is another free, Tor-friendly and privacy conscious email provider. Throughout the domain Bitmessage employs zero type of tracking or advertisements. Though they do collect a few stats about the service including the amount of active users, number of emails sent, number of emails received, and few server logs (IMAP, SMPT, etc.) though none of this information is ever personally identifying.

For security Bitmessage employs a transport system that runs inside a sandbox, disallowing information to leave except through previously defined channels. The data on on disks is encrypted and emails are actually deleted from the system when you delete them from your account. While the service is Tor-friendly it is not Tor-exclusive and allows you to not only connect, but send and receive messages through both their clearweb and darkweb portals.

However one downside is they require you to verify with a google-owned captcha service on their signup page. Other than that all content is locally hosted.

5. Mail2Tor – mail2tor2zyjdctd.onion

Tor Email Provider And the last free service making our top 5 dark web email providers is Mail2Tor, another Tor-exclusive email.

Mail2Tor is only accessible via the Tor network but can both receive darkweb and clearweb emails, making this another dual compatible setup. The site is quite minimalist and doesn’t provide a whole lot of information outside of it being a Tor-only email provider. The service has been around for quite awhile and has served the Tor community well during its time.

Conclusion

When dealing with email on the dark web you need to be extremely cautious as email is a serious service that needs to be properly handled. If your communications fall into the wrong hands it can be critical and can even cost some people their life in other countries.

Email privacy is serious concern and should not be taken lightly. Your inbox holds not only your common interests but extremely private information, and if your working on the dark web, it’s presumably even more sensitive. And finding a provider that can offer secure communications is something hard to trust, especially when working on the dark web as many government agencies want to de-anonymize Tor users.

While the Tor Project continues to battle the waves of government these are some emails that can combat mass surveillance as well. Ensure that you keep up your operational security (#OpSec) on high defense at all times when using any dark web email provider.

About Author

Brandon Stosh is the founder and CEO of www.freedomhacker.net. Stosh is a cyber security researcher and professional consultant who strives to provide reliable news on cyber-security based topics.

7 Comments

    • Hello, while we cannot doubt that it very well may be, it’s still in beta and requires an invite. However when it goes public we will happily add it to the list, but for now since open-signups are closed, it’s not on the list. Looking forward to their final stages in the future!

Leave A Reply

Send this to friend