privacy
Anonymous Email Providers: Proton, Tutanota & More
Compare anonymous email providers in 2026: Proton Mail, Tutanota, OnionMail, SimpleLogin, and Cock.li — jurisdiction, encryption, and PGP support.
Anonymous email providers sit on a spectrum: at-rest encryption, phone-on-signup requirements, Tor-friendly onboarding, and real jurisdictional exposure all differ. Below, five concrete options—what “anonymous email” can mean in practice, PGP posture per provider, and honest limits you can plan around.
Why Standard Email Leaks Your Identity
Email was designed in the 1970s for delivery, not privacy. Every message carries an envelope: IP address in the Received header, X-Originating-IP if the client exposes it, timestamps with timezone fingerprinting, and Message-ID values that can be unique to a sender.
Your email provider knows your real IP unless you're connecting through Tor Browser or a VPN. The recipient's provider may also log metadata on receipt. Even if you use a pseudonymous address, the headers in each message can point back to your network location.
That's before we get to content. Standard SMTP between providers uses opportunistic TLS — better than plaintext, but providers on each end can read the message. If both parties use the same provider, the provider sees everything.
Metadata hygiene matters here too — see our metadata removal guide for the broader picture.
What "Anonymous Email" Actually Means
No email provider can guarantee complete anonymity. What they can do:
- Refuse to log your IP (or discard logs quickly).
- Allow signup without a phone number or existing email.
- Support Tor access (.onion or clearnet-over-Tor).
- Encrypt message content so even the provider can't read it.
- Operate under a jurisdiction less likely to comply with foreign legal demands.
"Anonymous" in practice means: the provider has minimal information linking your inbox to your real identity, and what they do have, they don't log or quickly discard. It's a spectrum, not a binary.
For the highest-risk threat model — a journalist protecting a source's identity from a nation-state — no email-only solution is sufficient. Pair with Tor Browser, a live operating system like Tails, and consider whether email is the right channel at all.
Comparison Table — Five Providers
| Provider | Jurisdiction | Encryption | Signup anonymity | PGP support | Cost |
|---|---|---|---|---|---|
| Proton Mail | Switzerland | E2EE between Proton users; zero-access at rest | Tor-accessible; no phone needed | Native — import your own key or use Proton's | Free tier; paid from €3.99/mo |
| Tutanota | Germany | E2EE (proprietary scheme); zero-access | No phone needed; Tor accessible (clearnet) | No — uses own crypto; no PGP import | Free tier; paid from €1/mo |
| OnionMail | Spain / .onion | Encrypted at rest; cleartext between non-OnionMail | .onion signup, no personal info required | Full PGP support | Free |
| SimpleLogin | France (acquired by Proton in 2022) | Alias forwarding; no inbox encryption | Email required to sign up | Passes through; no native PGP | Free tier; paid from €4/mo |
| Cock.li | Germany | Minimal; standard IMAP/SMTP | Minimal friction; registration sometimes closed | Works with any external PGP | Free |
Jurisdiction matters because it determines which legal frameworks can compel data disclosure. Swiss law (Proton) is generally favorable; German law (Tutanota, Cock.li) has strong privacy protections but is within EU legal reach. France (SimpleLogin) is subject to EU data retention directives.
Privacy Guides maintains an updated provider comparison with stricter criteria than ours — worth checking before you choose.
Disposable Forwarders vs Full Inboxes
Two different use cases:
Alias forwarders (SimpleLogin, AnonAddy) give you unlimited throw-away addresses that forward to a real inbox. You receive mail but have no dedicated inbox on the alias service. Good for signing up to services without exposing your main address, or for receiving-only scenarios. The real inbox behind the alias is still your weak link.
Full inboxes (Proton Mail, Tutanota, OnionMail) give you an actual mailbox with storage, sending capability, and ideally E2EE. Better for two-way communication where both parties' privacy matters.
For pure anonymity at signup — say, creating a pseudonymous identity — a full inbox via an .onion signup (OnionMail, or Proton Mail over Tor) is stronger than an alias forwarder tied to another inbox. The alias forwarder's value is convenience and inbox separation, not anonymity per se.
PGP Integration Per Provider
Proton Mail is the strongest for PGP interoperability. You can import your own keypair (see the PGP guide), and Proton will use it for both sending and receiving. Proton also automatically fetches the PGP public keys of other Proton users from its keyserver, so E2EE between Proton users is seamless without manual key exchange.
Tutanota uses its own encryption scheme (AES-128 for content, RSA-2048 for key exchange as of 2024). It does not support standard OpenPGP. If you need to exchange encrypted mail with someone using GPG, Tutanota isn't the right tool. What Tutanota does offer — confidential email between Tutanota users, and password-protected email to external recipients — is useful, but it's a walled garden.
OnionMail is PGP-native. The service is designed around .onion mail delivery, and PGP is the assumed encryption method for content. Less polished than Proton, but you can sign up entirely via Tor with no identifying information.
Cock.li makes no special claims about encryption. It's a straightforward mail host with minimal friction. Use it with an external PGP setup (Thunderbird + Enigmail, or GPG on the command line) if you want encrypted content. The anonymity value is the low-friction signup, not built-in crypto.
Threat Model — What Anonymous Email Actually Does for You
Anonymous email addresses this threat: your email provider or an adversary who subpoenas them cannot link your inbox to your real identity.
It does not address:
- Content exposure — unless you're using E2EE (Proton-to-Proton, or PGP), the provider and any intermediate servers can read message bodies.
- Metadata — even anonymous providers know the IP addresses that connect to them, unless you're using Tor.
- Recipient-side exposure — if the person you're emailing uses Gmail, Google can read your message.
- SMTP in transit — email between providers without both supporting E2EE travels as TLS-encrypted cleartext that's decryptable at either end.
For the typical anonymous email use case — signing up for services, communicating with a pseudonymous identity — Proton Mail over Tor is our default recommendation. It handles the signup-anonymity and E2EE requirements better than the alternatives for non-trivial threat models.
For cross-referencing your broader privacy posture, combine your email choice with a solid threat model and proper metadata hygiene practices.
Frequently Asked Questions
Can Proton Mail be forced to hand over my emails?
Proton Mail is subject to Swiss law and has complied with court-ordered data disclosures — it handed over IP logs in a 2021 case involving a French climate activist. The emails themselves were not disclosed because Proton doesn't hold the keys. The lesson: Proton can't read your emails, but it can be compelled to log and share your IP and account activity. Connect via Tor to minimize that exposure.
Is Tutanota better than Proton Mail?
Depends on your use case. Tutanota is cheaper and fully open-source (client and server). Proton has better PGP interoperability and a stronger anonymity setup for signup via Tor. For standard private email between two people on the same platform, either works. For PGP-encrypted mail with external parties, Proton wins clearly.
What is OnionMail and is it trustworthy?
OnionMail is a free, .onion-accessible mail service operated from Spain. It's been running since around 2012. It's not a polished product — expect basic IMAP access and a dated interface. The value is that you can sign up and use it entirely over Tor with no identifying information. We have no affiliation with the service and recommend treating any free mail host with appropriate caution: don't rely on it for your only copy of sensitive correspondence.
Do I need a VPN with an anonymous email provider?
Not necessarily — but you do need to think about what you're hiding your IP from. A VPN hides your IP from the provider but reveals it to the VPN company. Tor hides your IP from everyone on the path (including exit nodes and the destination) but at the cost of speed. For genuine anonymity, Tor over a provider that accepts Tor connections is the better approach.