Mailfence: Difference between revisions

Mailfence
	Screenshot of Mailfence website, showing the user's inbox.
Type of site	Webmail
Available in	English, Spanish, French, German, Dutch, Italian, Portuguese and Russian
Owner	ContactOffice Group
URL	mailfence.com
Commercial	Yes
Registration	Required
Launched	12 November 2013; 11 years ago
Current status	Online
Content license	Proprietary

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Inline

Latest revision as of 22:57, 4 December 2024

Mailfence is an encrypted email service with a focus on security and privacy that offers OpenPGP based end-to-end encryption and digital signatures for usage in emails.^[1]^[2] It was launched in November 2013 by Belgium-based company ContactOffice Group, which has been operating an online collaboration suite since 1999.^[3]

History

Development

In the midst of 2013, the Mailfence project was started by the founders of ContactOffice.

In March 2016, a beta version of end-to-end encryption and digital signatures for emails was released.^[4]

Mobile interface

In January 2021, Mailfence released a progressive web application for mobile devices.^[5]

Block in Russia

On 5 March 2020, Mailfence reported that their SMTP servers are blocked by Russian-based email services. This was in response to their refusal to submit a Notice of Commencement of Collaboration with Roskomnadzor's (the Federal Supervision Agency for Communications, Information Technology, and Mass Communication) of the Russian government. Mailfence did not respond to this request, citing obligation to provide information about users, violating its Terms and the federal Belgian laws.^[6]

Features

Mailfence provides secure email features, with other functions such as Calendar, Contacts, Documents and Collaboration.^[7]

Mailfence Email

The service supports POP/IMAP and Exchange ActiveSync^[8] as well as vanity domains with SPF, DKIM, DMARC^[9] and catch-all address support.^[10] Users can send both plain and rich text emails, organize messages in folders and/or categorize them with tags, take notes by setting comment on each message and create default message signatures for every sender address. Different identities can also be managed using aliases and filters for incoming emails.

The email application is based on the ContactOffice collaboration suite that supports POP/IMAP and Exchange ActiveSync^[8] as well as vanity domains with SPF, DKIM, DMARC^[9] and catch-all address support.^[10] It was enriched with security and privacy features in 2016 at the launch of the Mailfence service with features: managing access or generating specific password for web and non-web services, two-factor authentication, spam protection alongside of plus addressing, sender address blacklist and whitelist,

Mailfence Contacts

The contacts support (CSV, vCard, LDIF) import, (vCard, PDF) export and can be accessed using CardDAV.^[11] Users may organize them with tags and can also create contact lists.

Mailfence Calendar

The calendar supports vCal/iCal import, export and can be accessed by using CalDAV.^[12] Users can share their calendars with group members and can also create polls.^[13]

Mailfence Documents

The documents can be accessed using WebDAV or edited online. Users can drag and drop files in folders, categorize them with tags take notes by setting comment on each file.^[14]

Mailfence Groups

Groups allow users to share mailboxes, documents, contacts, calendars and perform instant chatting with group members in a secure way. A group administrator manages the access rights of group members and can also set another group member as co-admin or the main admin of the group.^[15]

Mailfence Polls

Mailfence Polls is a meeting scheduler that claims to be secure and private.

Mailfence Chat

Jabber/XMPP protocol is the base of Mailfence chat functionality. First named Jabber, then XMPP (Extensible Messaging and Presence Protocol), this open-source protocol has been created for instant messaging.

Web-based clients

The web-interface comes with an embedded IMAP, POP3, CalDAV, and WebDAV client. Users can add external accounts and manage them centrally in the web-interface.^[16]^[17]

User management

Account owners can create and manage user accounts using the admin console.^[18]

Server location

Since their servers are located in Belgium,^[19] they are legally outside of US jurisdiction. Mailfence is therefore not subjected to US gag orders and NSLs, notwithstanding extradition treaties with the US.^[20]^[21] Under Belgian law, all national and international surveillance requests must go through a Belgian court.^[22]

Security and privacy

Mailfence claims to be secure and private on their website,^[23] offering most conventional security and privacy features, but they also claim to support some less-common privacy and security enhancing features:

Transport security

Like most major e-mail services, the service claims to use TLS with ephemeral key exchange to encrypt all internet traffic between users and Mailfence servers. HSTS, MTA-STS and DANE standards are also supported.^[24]^[25]^[26]

End-to-end encryption

The service uses an open-source implementation of OpenPGP (RFC 4880) for emails. OpenPGP keypair is generated in client-browser, encrypted (via AES256) with the user's passphrase, and then stored on Mailfence server. Since December 2018, the service also supports end-to-end encryption for emails using a shared password.^[27]

OpenPGP signatures

The service gives the choice between "signing", or "signing and encrypting" an email message with or without attachments.^[28]

Integrated Keystore

Since its launch in 2017, the service provides an integrated keystore to manage OpenPGP keys,.^[29] OpenPGP keypairs can be generated, imported or exported.^[30] Public keys of other users can be imported through file or in-line text. Mailfence also supports Web Key Directory besides key discovery via Public key servers.^[31]^[32]

Full OpenPGP interoperability

Users can communicate with any OpenPGP compatible service provider.^[33]

Warrant Canary and Transparency Report

The service maintains an up-to-date transparency report and warrant canary.^[34]^[35]

References

^ Johnson, Dave. "The 7 best secure email providers". Business Insider. Retrieved 7 April 2024.
^ "The 5 Best Secure Email Services for 2024". Lifewire. Retrieved 7 April 2024.
^ "ContactOffice launch and users". 29 December 2016.
^ "BETA launch of a pure end-to-end encrypted email solution that gives you full control". 10 March 2016. Retrieved 25 May 2016.
^ "Mailfence mobile app goes out of beta". 14 January 2021. Retrieved 14 January 2021.
^ "Mailfence email servers blocked in Russia". 5 March 2020. Retrieved 5 March 2020.
^ Leonard, John. "Escape from Yahoo: Nine encrypted email alternatives". Retrieved 11 October 2016.
^ ^a ^b Skjefstad, Vegard. "Secure and Private E-mail: A Provider Overview". Archived from the original on 21 September 2015. Retrieved 1 August 2015.
^ ^a ^b "Spoofing defense for Custom domains: SPF, DKIM, DMARC". 8 January 2018. Retrieved 8 January 2018.
^ ^a ^b "Mailfence Release Notes Dec 2017". 5 December 2017. Retrieved 5 December 2017.
^ "Mailfence Contacts: a secure contact management software". 28 February 2018. Retrieved 27 June 2018.
^ "Mailfence Calendar: a secure online calendar to schedule, manage and track meetings & events". 31 October 2017. Retrieved 9 March 2018.
^ "Mailfence Polls: simple and secure meeting scheduler". 28 November 2017. Retrieved 28 November 2017.
^ "Mailfence Documents: secure file sharing, storage and collaboration". 9 November 2017. Retrieved 9 November 2017.
^ "Mailfence Groups: secure group collaboration". 5 September 2017. Retrieved 5 September 2017.
^ "How to encrypt email with Gmail and Outlook.com or any other provider". Retrieved 11 October 2017.
^ "POP3 vs IMAP vs Exchange ActiveSync. What's the difference?". Retrieved 22 September 2017.
^ "Manage your users with the mailfence admin console". 21 March 2019. Retrieved 21 March 2019.
^ "The Mailfence SSL/TLS Certificate". 10 June 2016. Retrieved 10 June 2016.
^ "United States Extradition Treaty with Belgium".
^ "United States Supplemental Extradition Treaty with Belgium".
^ "Mailfence privacy policy". Archived from the original on 18 July 2014. Retrieved 12 November 2013.
^ Mailfence. "Secure and private email | Mailfence encrypted email service". Mailfence. Retrieved 19 March 2024.
^ "SSL Report: mailfence.com". Qualys SSL Labs. 10 June 2016. Retrieved 14 January 2021.
^ "MTA-STS validator - Mail Hardener tools". Retrieved 27 July 2022.
^ "DANE SMTP Validator". Retrieved 14 January 2021.
^ "Email Encryption". OpenPGP. 22 January 2024. Retrieved 7 April 2024.
^ Thomas, Mike. "A (mostly) In Depth Review of Mailfence". Archived from the original on 20 December 2016. Retrieved 1 September 2016.
^ Schürmann, Dominik. "OpenPGP Email encryption. For all operating systems. Standing the test of time". Retrieved 1 September 2016.
^ Tschabitscher, Heinz. "Encrypted email services keep your messages private". Retrieved 3 June 2018.
^ "Mailfence's OpenPGP keystore gives full control over key management". 17 May 2017. Retrieved 17 May 2017.
^ "Mailfence keeps on improving security for its users". 22 December 2021. Retrieved 22 December 2021.
^ "Encrypted email service providers". v. Archived from the original on 18 May 2016. Retrieved 25 May 2016.
^ "Transparency Report and Warrant Canary". 29 April 2016. Retrieved 29 April 2016.
^ "Service review". Retrieved 20 February 2019.

External links

Official website

[1] Johnson, Dave. "The 7 best secure email providers". Business Insider. Retrieved 7 April 2024.

[2] "The 5 Best Secure Email Services for 2024". Lifewire. Retrieved 7 April 2024.

[3] "ContactOffice launch and users". 29 December 2016.

[4] "BETA launch of a pure end-to-end encrypted email solution that gives you full control". 10 March 2016. Retrieved 25 May 2016.

[5] "Mailfence mobile app goes out of beta". 14 January 2021. Retrieved 14 January 2021.

[6] "Mailfence email servers blocked in Russia". 5 March 2020. Retrieved 5 March 2020.

[7] Leonard, John. "Escape from Yahoo: Nine encrypted email alternatives". Retrieved 11 October 2016.

[:0-8] Skjefstad, Vegard. "Secure and Private E-mail: A Provider Overview". Archived from the original on 21 September 2015. Retrieved 1 August 2015.

[:1-9] "Spoofing defense for Custom domains: SPF, DKIM, DMARC". 8 January 2018. Retrieved 8 January 2018.

[:2-10] "Mailfence Release Notes Dec 2017". 5 December 2017. Retrieved 5 December 2017.

[11] "Mailfence Contacts: a secure contact management software". 28 February 2018. Retrieved 27 June 2018.

[12] "Mailfence Calendar: a secure online calendar to schedule, manage and track meetings & events". 31 October 2017. Retrieved 9 March 2018.

[13] "Mailfence Polls: simple and secure meeting scheduler". 28 November 2017. Retrieved 28 November 2017.

[14] "Mailfence Documents: secure file sharing, storage and collaboration". 9 November 2017. Retrieved 9 November 2017.

[15] "Mailfence Groups: secure group collaboration". 5 September 2017. Retrieved 5 September 2017.

[16] "How to encrypt email with Gmail and Outlook.com or any other provider". Retrieved 11 October 2017.

[17] "POP3 vs IMAP vs Exchange ActiveSync. What's the difference?". Retrieved 22 September 2017.

[18] "Manage your users with the mailfence admin console". 21 March 2019. Retrieved 21 March 2019.

[19] "The Mailfence SSL/TLS Certificate". 10 June 2016. Retrieved 10 June 2016.

[20] "United States Extradition Treaty with Belgium".

[21] "United States Supplemental Extradition Treaty with Belgium".

[22] "Mailfence privacy policy". Archived from the original on 18 July 2014. Retrieved 12 November 2013.

[23] Mailfence. "Secure and private email | Mailfence encrypted email service". Mailfence. Retrieved 19 March 2024.

[24] "SSL Report: mailfence.com". Qualys SSL Labs. 10 June 2016. Retrieved 14 January 2021.

[25] "MTA-STS validator - Mail Hardener tools". Retrieved 27 July 2022.

[26] "DANE SMTP Validator". Retrieved 14 January 2021.

[27] "Email Encryption". OpenPGP. 22 January 2024. Retrieved 7 April 2024.

[28] Thomas, Mike. "A (mostly) In Depth Review of Mailfence". Archived from the original on 20 December 2016. Retrieved 1 September 2016.

[29] Schürmann, Dominik. "OpenPGP Email encryption. For all operating systems. Standing the test of time". Retrieved 1 September 2016.

[30] Tschabitscher, Heinz. "Encrypted email services keep your messages private". Retrieved 3 June 2018.

[31] "Mailfence's OpenPGP keystore gives full control over key management". 17 May 2017. Retrieved 17 May 2017.

[32] "Mailfence keeps on improving security for its users". 22 December 2021. Retrieved 22 December 2021.

[33] "Encrypted email service providers". v. Archived from the original on 18 May 2016. Retrieved 25 May 2016.

[34] "Transparency Report and Warrant Canary". 29 April 2016. Retrieved 29 April 2016.

[35] "Service review". Retrieved 20 February 2019.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

[20]

[21]

[22]

[23]

[24]

[25]

[26]

[27]

[28]

[29]

[30]

[31]

[32]

[33]

[34]

[35]

@@ Line 1: / Line 1: @@
 {{Short description|Encrypted email service}}
-{{Multiple issues|
-{{Advert|date=October 2023}}
 {{Undisclosed paid|date=October 2023}}
-}}
 {{Use dmy dates|date = February 2016}}
 {{Infobox website
@@ Line 22: / Line 19: @@
 }}
-'''Mailfence''' is a secure and [[encrypted email]] service that offers [[OpenPGP]] based [[end-to-end encryption]] and [[digital signatures]]. It was launched in November 2013 by ContactOffice Group, which has been operating an [[Online office suite|online collaboration suite]] for universities and other organizations since 1999.<ref>{{cite web|title=ContactOffice launch and users|date=29 December 2016 |url=https://blog.contactoffice.com/2007/02/06/more-than-350000-users-on-contactoffice}}</ref>
+'''Mailfence''' is an [[encrypted email]] service with a focus on security and privacy that offers [[OpenPGP]] based [[end-to-end encryption]] and [[digital signatures]] for usage in emails.<ref>{{Cite web |last=Johnson |first=Dave |title=The 7 best secure email providers |url=https://www.businessinsider.com/guides/tech/secure-email |access-date=2024-04-07 |website=Business Insider |language=en-US}}</ref><ref>{{Cite web |title=The 5 Best Secure Email Services for 2024 |url=https://www.lifewire.com/best-secure-email-services-4136763 |access-date=2024-04-07 |website=Lifewire |language=en}}</ref> It was launched in November 2013 by Belgium-based company ContactOffice Group, which has been operating an [[Online office suite|online collaboration suite]] since 1999.<ref>{{cite web |date=29 December 2016 |title=ContactOffice launch and users |url=https://blog.contactoffice.com/2007/02/06/more-than-350000-users-on-contactoffice}}</ref>
 == History ==
 === Development ===
-In the midst of 2013, the Mailfence project was started by the founders of ContactOffice. In March 2016, a beta version of end-to-end encryption and digital signatures for emails was released.<ref>{{cite web|title=BETA launch of a pure end-to-end encrypted email solution that gives you full control|date=10 March 2016 |url=https://blog.mailfence.com/beta-launch-of-the-first-pure-end-to-end-encryption-service-that-gives-you-full-control/|accessdate=25 May 2016}}</ref>
+In the midst of 2013, the Mailfence project was started by the founders of ContactOffice.
+In March 2016, a beta version of end-to-end encryption and digital signatures for emails was released.<ref>{{cite web|title=BETA launch of a pure end-to-end encrypted email solution that gives you full control|date=10 March 2016 |url=https://blog.mailfence.com/beta-launch-of-the-first-pure-end-to-end-encryption-service-that-gives-you-full-control/|access-date=25 May 2016}}</ref>
-In January 2021, Mailfence released [[progressive web application]] for mobile devices.<ref>{{cite web|title=Mailfence mobile app goes out of beta|date=14 January 2021 |url=https://blog.mailfence.com/launch-mobile-app/|accessdate=14 January 2021}}</ref>
+==== Mobile interface ====
+In January 2021, Mailfence released a [[progressive web application]] for mobile devices.<ref>{{cite web|title=Mailfence mobile app goes out of beta|date=14 January 2021 |url=https://blog.mailfence.com/launch-mobile-app/|access-date=14 January 2021}}</ref>
 === Block in Russia ===
-On 5 March 2020, Mailfence reported that their SMTP servers are blocked by Russian based email services. This was in response to their refusal to submit a Notice of Commencement of Collaboration with Roskomnadzor’s (the Federal Supervision Agency for Communications, Information Technology, and Mass Communication) of the Russian government. Mailfence did not respond to this request, citing obligation to provide information about users, violating its Terms and the federal Belgian laws.<ref>{{cite web|title=Mailfence email servers blocked in Russia|date=5 March 2020 |url=https://blog.mailfence.com/email-servers-blocked-russia/|accessdate=5 March 2020}}</ref>
+On 5 March 2020, Mailfence reported that their SMTP servers are blocked by Russian-based email services. This was in response to their refusal to submit a Notice of Commencement of Collaboration with Roskomnadzor's (the Federal Supervision Agency for Communications, Information Technology, and Mass Communication) of the Russian government. Mailfence did not respond to this request, citing obligation to provide information about users, violating its Terms and the federal Belgian laws.<ref>{{cite web|title=Mailfence email servers blocked in Russia|date=5 March 2020 |url=https://blog.mailfence.com/email-servers-blocked-russia/|access-date=5 March 2020}}</ref>
 == Features ==
-Mailfence provides secure email features, with other functions such as Calendar, Contacts, Documents and Collaboration.<ref>{{cite web|last1=Leonard|first1=John|title=Escape from Yahoo: Nine encrypted email alternatives|url=http://www.v3.co.uk/v3-uk/feature/2473579/escape-from-yahoo-nine-encrypted-email-alternatives/page/4|accessdate=11 October 2016}}</ref> Encryption and Two-factor authentication are available in the free version of the product. Most other features are only available with paid subscriptions.
+Mailfence provides secure email features, with other functions such as Calendar, Contacts, Documents and Collaboration.<ref>{{cite web|last1=Leonard|first1=John|title=Escape from Yahoo: Nine encrypted email alternatives|url=http://www.v3.co.uk/v3-uk/feature/2473579/escape-from-yahoo-nine-encrypted-email-alternatives/page/4|access-date=11 October 2016}}</ref>
+=== Mailfence Email ===
+The service supports [[Post Office Protocol|POP]]/[[IMAP]] and [[Exchange ActiveSync]]<ref name=":0">{{cite web|last1=Skjefstad|first1=Vegard|title=Secure and Private E-mail: A Provider Overview.|url=https://www.vegard.net/archives/11906/|access-date=1 August 2015|archive-date=21 September 2015|archive-url=https://web.archive.org/web/20150921160401/https://www.vegard.net/archives/11906/|url-status=dead}}</ref> as well as [[vanity domain]]s with [[Sender Policy Framework|SPF]], [[DKIM]], [[DMARC]]<ref name=":1">{{cite web|title=Spoofing defense for Custom domains: SPF, DKIM, DMARC|date=8 January 2018 |url=https://blog.mailfence.com/spoofing-defense-spf-dkim-dmarc/|access-date=8 January 2018}}</ref> and [[Email filtering|catch-all]] address support.<ref name=":2">{{cite web|title=Mailfence Release Notes Dec 2017.|date=5 December 2017 |url=https://blog.mailfence.com/mailfence-release-notes-dec-2017/|access-date=5 December 2017}}</ref> Users can send both plain and rich text emails, organize messages in folders and/or categorize them with tags, take notes by setting comment on each message and create default [[Email signature|message signatures]] for every sender address. Different identities can also be managed using [[Email alias|aliases]] and filters for incoming emails.
+The email application is based on the ContactOffice collaboration suite that supports [[Post Office Protocol|POP]]/[[IMAP]] and [[Exchange ActiveSync]]<ref name=":0" /> as well as [[vanity domain]]s with [[Sender Policy Framework|SPF]], [[DKIM]], [[DMARC]]<ref name=":1" /> and [[Email filtering|catch-all]] address support.<ref name=":2" />  It was enriched with security and privacy features in 2016 at the launch of the Mailfence service with features: managing access or generating specific password for web and non-web services, [[two-factor authentication]], [[SpamAssassin|spam protection]] alongside of [[plus addressing]], [[Blacklist (computing)#Email|sender address blacklist]] and [[Whitelisting#Email whitelists|whitelist]],
-=== Email ===
-The service supports [[Post Office Protocol|POP]]/[[IMAP]] and [[Exchange ActiveSync]]<ref>{{cite web|last1=Skjefstad|first1=Vegard|title=Secure and Private E-mail: A Provider Overview.|url=https://www.vegard.net/archives/11906/|accessdate=1 August 2015|archive-date=21 September 2015|archive-url=https://web.archive.org/web/20150921160401/https://www.vegard.net/archives/11906/|url-status=dead}}</ref> as well as [[vanity domain]]s with [[Sender Policy Framework|SPF]], [[DKIM]], [[DMARC]]<ref>{{cite web|title=Spoofing defense for Custom domains: SPF, DKIM, DMARC|date=8 January 2018 |url=https://blog.mailfence.com/spoofing-defense-spf-dkim-dmarc/|accessdate=8 January 2018}}</ref> and [[Email filtering|catch-all]] address support.<ref>{{cite web|title=Mailfence Release Notes Dec 2017.|date=5 December 2017 |url=https://blog.mailfence.com/mailfence-release-notes-dec-2017/|accessdate=5 December 2017}}</ref> Users can send both plain and rich text emails, organize messages in folders and/or categorize them with tags, take notes by setting comment on each message and create default [[Email signature|message signatures]] for every sender address. Different identities can also be managed using [[Email alias|aliases]] and filters for incoming emails.<ref>{{cite web|title=Mailfence Release Notes May 2017|date=30 May 2017 |url=https://blog.mailfence.com/mailfence-release-notes-2-5-011/|accessdate=30 May 2017}}</ref>
-=== Contacts ===
+=== Mailfence Contacts ===
-The contacts support (CSV, [[vCard]], [[LDIF]]) import, ([[vCard]], [[PDF]]) export and can be accessed using [[CardDAV]].<ref>{{cite web|title=Mailfence Contacts: a secure contact management software|date=28 February 2018 |url=https://blog.mailfence.com/contact-management-software/|accessdate=27 June 2018}}</ref> Users organize them with tags and can also create contact lists.
+The contacts support (CSV, [[vCard]], [[LDIF]]) import, ([[vCard]], [[PDF]]) export and can be accessed using [[CardDAV]].<ref>{{cite web|title=Mailfence Contacts: a secure contact management software|date=28 February 2018 |url=https://blog.mailfence.com/contact-management-software/|access-date=27 June 2018}}</ref> Users may organize them with tags and can also create contact lists.
-=== Calendar ===
+=== Mailfence Calendar ===
-The calendar supports vCal/[[iCal]] import, export and can be accessed by using [[CalDAV]].<ref>{{cite web|title=Mailfence Calendar: a secure online calendar to schedule, manage and track meetings & events|date=31 October 2017 |url=https://blog.mailfence.com/secure-online-mailfence-calendar/|accessdate=9 March 2018}}</ref> Users can share their calendars with group members and can also create polls.<ref>{{cite web|title=Mailfence Polls: simple and secure meeting scheduler|date=28 November 2017 |url=https://blog.mailfence.com/secure-meeting-scheduler/|accessdate=28 November 2017}}</ref>
+The calendar supports vCal/[[iCal]] import, export and can be accessed by using [[CalDAV]].<ref>{{cite web|title=Mailfence Calendar: a secure online calendar to schedule, manage and track meetings & events|date=31 October 2017 |url=https://blog.mailfence.com/secure-online-mailfence-calendar/|access-date=9 March 2018}}</ref> Users can share their calendars with group members and can also create polls.<ref>{{cite web|title=Mailfence Polls: simple and secure meeting scheduler|date=28 November 2017 |url=https://blog.mailfence.com/secure-meeting-scheduler/|access-date=28 November 2017}}</ref>
-=== Documents ===
+=== Mailfence Documents ===
-The documents can be accessed using [[WebDAV]] or edited online. Users can drag and drop files in folders, categorize them with tags take notes by setting comment on each file.<ref>{{cite web|title=Mailfence Documents: secure file sharing, storage and collaboration|date=9 November 2017 |url=https://blog.mailfence.com/secure-file-sharing/|accessdate=9 November 2017}}</ref>
+The documents can be accessed using [[WebDAV]] or edited online. Users can drag and drop files in folders, categorize them with tags take notes by setting comment on each file.<ref>{{cite web|title=Mailfence Documents: secure file sharing, storage and collaboration|date=9 November 2017 |url=https://blog.mailfence.com/secure-file-sharing/|access-date=9 November 2017}}</ref>
-=== Groups ===
+=== Mailfence Groups ===
-Groups allow users to share mailboxes, documents, contacts, calendars and perform instant chatting with group members in a secure way. A group administrator manages the access rights of group members and can also set another group member as co-admin or the main admin of the group.<ref>{{cite web|title=Mailfence Groups: secure group collaboration|date=5 September 2017 |url=https://blog.mailfence.com/mailfence-groups|accessdate=5 September 2017}}</ref>
+Groups allow users to share mailboxes, documents, contacts, calendars and perform instant chatting with group members in a secure way. A group administrator manages the access rights of group members and can also set another group member as co-admin or the main admin of the group.<ref>{{cite web|title=Mailfence Groups: secure group collaboration|date=5 September 2017 |url=https://blog.mailfence.com/mailfence-groups|access-date=5 September 2017}}</ref>
-=== Polls ===
+=== Mailfence Polls ===
-Mailfence Polls is a secure meeting scheduler.
+Mailfence Polls is a meeting scheduler that claims to be secure and private.
-=== Chat ===
+=== Mailfence Chat ===
 [[XMPP|Jabber/XMPP protocol]] is the base of Mailfence chat functionality. First named Jabber, then XMPP (Extensible Messaging and Presence Protocol), this open-source protocol has been created for instant messaging.
 === Web-based clients ===
-The web-interface comes with an embedded IMAP, POP3, CalDAV, and WebDAV client. Users can add external accounts and manage them centrally in the web-interface.<ref>{{cite web|title=How to encrypt email with Gmail and Outlook.com or any other provider|url=https://blog.mailfence.com/encrypt-email/|accessdate=11 October 2017}}</ref><ref>{{cite web|title=POP3 vs IMAP vs Exchange ActiveSync. What's the difference?|url=https://blog.mailfence.com/pop3-vs-imap-vs-exchange-activesync/|accessdate=22 September 2017}}</ref>
+The web-interface comes with an embedded IMAP, POP3, CalDAV, and WebDAV client. Users can add external accounts and manage them centrally in the web-interface.<ref>{{cite web|title=How to encrypt email with Gmail and Outlook.com or any other provider|url=https://blog.mailfence.com/encrypt-email/|access-date=11 October 2017}}</ref><ref>{{cite web|title=POP3 vs IMAP vs Exchange ActiveSync. What's the difference?|url=https://blog.mailfence.com/pop3-vs-imap-vs-exchange-activesync/|access-date=22 September 2017}}</ref>
 === User management ===
-Account owners can create and manage user accounts using the admin console.<ref>{{cite web|title=Manage your users with the mailfence admin console|date=21 March 2019 |url=https://blog.mailfence.com/admin-console/|accessdate=21 March 2019}}</ref>
+Account owners can create and manage user accounts using the admin console.<ref>{{cite web|title=Manage your users with the mailfence admin console|date=21 March 2019 |url=https://blog.mailfence.com/admin-console/|access-date=21 March 2019}}</ref>
 == Server location ==
-Since their servers are located in Belgium,<ref>{{cite web|title=The Mailfence SSL/TLS Certificate|date=10 June 2016 |url=https://blog.mailfence.com/mailfence-ssl-tls-certificate/|accessdate=10 June 2016}}</ref> they are legally outside of US jurisdiction. Mailfence is therefore not subjected to US [[gag order]]s and [[National security letter|NSLs]], notwithstanding [[extradition]] treaties with the US.<ref>{{cite web|url=https://www.congress.gov/treaty-document/104th-congress/7|title=United States Extradition Treaty with Belgium}}</ref><ref>{{cite web|url=https://www.congress.gov/treaty-document/104th-congress/8|title=United States Supplemental Extradition Treaty with Belgium}}</ref> Under Belgian law, all national and international surveillance requests must go through a Belgian court.<ref>{{cite web|title=Mailfence privacy policy|url=https://mailfence.com/c/mailfence/more/privacy.jsp|accessdate=12 November 2013|url-status=dead|archiveurl=https://web.archive.org/web/20140718012716/http://www.mailfence.com/c/mailfence/more/privacy.jsp|archivedate=18 July 2014|df=dmy-all}}</ref>
+Since their servers are located in Belgium,<ref>{{cite web|title=The Mailfence SSL/TLS Certificate|date=10 June 2016 |url=https://blog.mailfence.com/mailfence-ssl-tls-certificate/|access-date=10 June 2016}}</ref> they are legally outside of US jurisdiction. Mailfence is therefore not subjected to US [[gag order]]s and [[National security letter|NSLs]], notwithstanding [[extradition]] treaties with the US.<ref>{{cite web|url=https://www.congress.gov/treaty-document/104th-congress/7|title=United States Extradition Treaty with Belgium}}</ref><ref>{{cite web|url=https://www.congress.gov/treaty-document/104th-congress/8|title=United States Supplemental Extradition Treaty with Belgium}}</ref> Under Belgian law, all national and international surveillance requests must go through a Belgian court.<ref>{{cite web|title=Mailfence privacy policy|url=https://mailfence.com/c/mailfence/more/privacy.jsp|access-date=12 November 2013|url-status=dead|archive-url=https://web.archive.org/web/20140718012716/http://www.mailfence.com/c/mailfence/more/privacy.jsp|archive-date=18 July 2014|df=dmy-all}}</ref>
 == Security and privacy ==
+Mailfence claims to be secure and private on their website,<ref>{{Cite web |last=Mailfence |title=Secure and private email {{!}} Mailfence encrypted email service |url=https://mailfence.com/ |access-date=2024-03-19 |website=Mailfence |language=en}}</ref> offering most conventional security and privacy features, but they also claim to support some less-common privacy and security enhancing features:
-Aside from conventional security and privacy features including managing access or generating specific password for web and non-web services,<ref>{{cite web|title=Harden your Mailfence account|url=https://blog.mailfence.com/harden-mailfence-account/|accessdate=5 May 2020}}</ref> [[two-factor authentication]],<ref>{{cite web|last1=Davis|first1=Josh|title=Two Factor Auth (2FA)|url=https://twofactorauth.org/|accessdate=12 December 2016}}</ref> [[SpamAssassin|spam protection]] alongside of [[plus addressing]],<ref>{{cite web|title=Plus addressing to filter email|url=http://blog.contactoffice.com/2016/10/18/plus-addressing-to-filter-email/|accessdate=18 October 2016}}</ref> [[Blacklist (computing)#Email|sender address blacklist]]<ref>{{cite web|title=Mailfence Release Notes March 2018|date=13 March 2018 |url=https://blog.mailfence.com/mailfence-release-notes-march-2018/|accessdate=13 March 2018}}</ref> and [[Whitelisting#Email whitelists|whitelist]],<ref>{{cite web|title=Blacklist a specific sender address|url=https://kb.mailfence.com/kb/how-can-i-blacklist-a-specific-sender-address/|accessdate=23 July 2019}}</ref> Mailfence offers following features:
 === Transport security ===
-The service uses [[Transport Layer Security|TLS]] with ephemeral [[Diffie–Hellman key exchange|key exchange]] to encrypt all internet traffic between users and Mailfence servers. [[HTTP Strict Transport Security|HSTS]], [[Simple_Mail_Transfer_Protocol#SMTP_MTA_Strict_Transport_Security|MTA-STS]] and [[DNS-based Authentication of Named Entities|DANE]] standards are also supported.<ref>{{Cite web|url=https://www.ssllabs.com/ssltest/analyze.html?d=mailfence.com|title=SSL Report: mailfence.com|date=10 June 2016|publisher=[[Qualys|Qualys SSL Labs]]|accessdate=14 Jan 2021}}</ref><ref>{{cite web|title=MTA-STS validator - Mail Hardener tools|url=https://www.mailhardener.com/tools/mta-sts-validator?domain=mailfence.com|accessdate=27 July 2022}}</ref><ref>{{cite web|title=DANE SMTP Validator|url=https://dane.sys4.de/smtp/mailfence.com|accessdate=14 January 2021}}</ref>
+Like most major e-mail services, the service claims to use [[Transport Layer Security|TLS]] with ephemeral [[Diffie–Hellman key exchange|key exchange]] to encrypt all internet traffic between users and Mailfence servers. [[HTTP Strict Transport Security|HSTS]], [[Simple Mail Transfer Protocol#SMTP MTA Strict Transport Security|MTA-STS]] and [[DNS-based Authentication of Named Entities|DANE]] standards are also supported.<ref>{{Cite web|url=https://www.ssllabs.com/ssltest/analyze.html?d=mailfence.com|title=SSL Report: mailfence.com|date=10 June 2016|publisher=[[Qualys|Qualys SSL Labs]]|access-date=14 Jan 2021}}</ref><ref>{{cite web|title=MTA-STS validator - Mail Hardener tools|url=https://www.mailhardener.com/tools/mta-sts-validator?domain=mailfence.com|access-date=27 July 2022}}</ref><ref>{{cite web|title=DANE SMTP Validator|url=https://dane.sys4.de/smtp/mailfence.com|access-date=14 January 2021}}</ref>
 === End-to-end encryption ===
-The service uses an open-source implementation of [[OpenPGP]] (RFC 4880) for emails.<ref>{{cite web|last1=Sparrow|first1=Elijah|title=OpenTechFund/secure-email|website=[[GitHub]] |url=https://github.com/OpenTechFund/secure-email#mailfence|accessdate=9 September 2016}}</ref> OpenPGP keypair is generated in client-browser, encrypted (via [[AES256]]) with the user's passphrase, and then stored on Mailfence server.<ref>{{cite web|title=Mailfence end-to-end encryption and digital signatures|date=25 July 2016 |url=https://blog.mailfence.com/end-to-end-encryption-and-digital-signatures/|accessdate=25 July 2016}}</ref><ref>{{cite web |url=http://www.makeuseof.com/tag/3-secure-encrypted-email-providers-online/|title=The 3 Most Secure & Encrypted Email Providers Online|accessdate=20 January 2017}}</ref> The server never sees the user's OpenPGP keypair passphrase.
+The service uses an open-source implementation of [[OpenPGP]] (RFC 4880) for emails. OpenPGP keypair is generated in client-browser, encrypted (via [[AES256]]) with the user's passphrase, and then stored on Mailfence server. Since December 2018, the service also supports end-to-end encryption for emails using a shared password.<ref>{{Cite web |date=2024-01-22 |title=Email Encryption |url=https://www.openpgp.org/software/ |access-date=2024-04-07 |website=OpenPGP |language=en}}</ref>
-The service also supports end-to-end encryption for emails using a shared password with the possibility of message expiration.<ref>{{cite web|title=Password encrypted messages based on symmetric encryption|url=https://blog.mailfence.com/symmetric-encryption/|accessdate=1 September 2016}}</ref>
 === OpenPGP signatures ===
-The service gives the choice between "signing", or "signing and encrypting" an email message with or without attachments.<ref>{{cite web|last1=Thomas|first1=Mike|title=A (mostly) In Depth Review of Mailfence|url=https://www.disobeyers.com/2016/09/01/in-depth-review-mailfence/|accessdate=1 September 2016|archive-url=https://web.archive.org/web/20161220161728/https://www.disobeyers.com/2016/09/01/in-depth-review-mailfence/|archive-date=20 December 2016|url-status=dead}}</ref>
+The service gives the choice between "signing", or "signing and encrypting" an email message with or without attachments.<ref>{{cite web|last1=Thomas|first1=Mike|title=A (mostly) In Depth Review of Mailfence|url=https://www.disobeyers.com/2016/09/01/in-depth-review-mailfence/|access-date=1 September 2016|archive-url=https://web.archive.org/web/20161220161728/https://www.disobeyers.com/2016/09/01/in-depth-review-mailfence/|archive-date=20 December 2016|url-status=dead}}</ref>
 === Integrated Keystore ===
-The service provides an integrated [[Keyring (cryptography)|keystore]] to manage [[Key (cryptography)|OpenPGP keys]],<ref>{{cite web|last1=Schürmann|first1=Dominik|title=OpenPGP Email encryption. For all operating systems. Standing the test of time.|url=http://openpgp.org/software/|accessdate=1 September 2016}}</ref> and does not require any third-party add-on/plugin. OpenPGP keypairs can be generated, imported or exported.<ref>{{cite web|last1=Tschabitscher|first1=Heinz|title=Encrypted email services keep your messages private|url=https://www.lifewire.com/best-secure-email-services-4136763|accessdate=3 June 2018}}</ref> Public keys of other users can be imported through file or in-line text and can also be downloaded from OpenPGP Web Key Directory or [[Key server (cryptographic)|Public key servers]].<ref>{{cite web|title=Mailfence's OpenPGP keystore gives full control over key management|date=17 May 2017 |url=https://blog.mailfence.com/openpgp-keystore/|accessdate=17 May 2017}}</ref><ref>{{cite web|title=Mailfence keeps on improving security for its users|date=22 December 2021 |url=https://blog.mailfence.com/improving-security/|accessdate=22 December 2021}}</ref>
+Since its launch in 2017, the service provides an integrated [[Keyring (cryptography)|keystore]] to manage [[Key (cryptography)|OpenPGP keys]],.<ref>{{cite web|last1=Schürmann|first1=Dominik|title=OpenPGP Email encryption. For all operating systems. Standing the test of time.|url=http://openpgp.org/software/|access-date=1 September 2016}}</ref> OpenPGP keypairs can be generated, imported or exported.<ref>{{cite web|last1=Tschabitscher|first1=Heinz|title=Encrypted email services keep your messages private|url=https://www.lifewire.com/best-secure-email-services-4136763|access-date=3 June 2018}}</ref> Public keys of other users can be imported through file or in-line text. Mailfence also supports Web Key Directory besides key discovery via [[Key server (cryptographic)|Public key servers]].<ref>{{cite web|title=Mailfence's OpenPGP keystore gives full control over key management|date=17 May 2017 |url=https://blog.mailfence.com/openpgp-keystore/|access-date=17 May 2017}}</ref><ref>{{cite web|title=Mailfence keeps on improving security for its users|date=22 December 2021 |url=https://blog.mailfence.com/improving-security/|access-date=22 December 2021}}</ref>
 === Full OpenPGP interoperability ===
-Users can communicate with any OpenPGP compatible service provider.<ref>{{cite web|title=Encrypted email service providers|url=http://www.emailquestions.com/encrypted-email-service-providers/|publisher=v|accessdate=25 May 2016|url-status=dead|archiveurl=https://web.archive.org/web/20160518094904/http://www.emailquestions.com/encrypted-email-service-providers/|archivedate=18 May 2016|df=dmy-all}}</ref>
+Users can communicate with any OpenPGP compatible service provider.<ref>{{cite web|title=Encrypted email service providers|url=http://www.emailquestions.com/encrypted-email-service-providers/|publisher=v|access-date=25 May 2016|url-status=dead|archive-url=https://web.archive.org/web/20160518094904/http://www.emailquestions.com/encrypted-email-service-providers/|archive-date=18 May 2016|df=dmy-all}}</ref>
 == Warrant Canary and Transparency Report ==
-The service maintains an up-to-date transparency report and [[warrant canary]].<ref>{{cite web|title=Transparency Report and Warrant Canary|date=29 April 2016 |url=https://blog.mailfence.com/transparency-report-and-warrant-canary/|accessdate=29 April 2016}}</ref><ref>{{cite web|title=Service review|url=https://vpnpick.com/mailfence-review/|accessdate=20 February 2019}}</ref>
+The service maintains an up-to-date transparency report and [[warrant canary]].<ref>{{cite web|title=Transparency Report and Warrant Canary|date=29 April 2016 |url=https://blog.mailfence.com/transparency-report-and-warrant-canary/|access-date=29 April 2016}}</ref><ref>{{cite web|title=Service review|url=https://vpnpick.com/mailfence-review/|access-date=20 February 2019}}</ref>
-== See Also ==
+== See also ==
 * [[Comparison of mail servers]]
 * [[Comparison of webmail providers]]
@@ Line 96: / Line 98: @@
 == External links ==
-* {{Official website|https://mailfence.com/}}
+* {{Official website|mailfence.com}}
 [[Category:Webmail]]