General discussion

What is the best secure email service?

My boss is communicating with a client who distrusts his IT department. So this client has asked my boss what he should use to keep his messages private and of course this task has moved on to me. I did some research and found the following:

I'm trying to figure out what the differences are and which one would be best for him. Can anyone help?

Discussion is locked

Reply to: What is the best secure email service?
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: What is the best secure email service?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
- Collapse -

Sorry, but I'll decline to do your research and note this one has been regarded well. If you are expecting a full report, I must decline.

However most of these have WIKIPEDIA entries for your reading please such as

If your clients are up to no good then these will not keep it a secret.


- Collapse -
A few years later.

Hushmail still is here and the only leaks I know of is when someone outed themselves.

Nod to Hushmail.

- Collapse -
Zix Mail

I can tell you we use ZixMail at work, but can't tell you much beyond that.

- Collapse -
Best email service

I used Eudora for years...switched to Thunderbird...this was a good choice for me...lotsa features...if your using firefox even better...but waint until you try to uninstall incredimail and it's search engine.. good luck! if you don't know how to work in the registry, I just finally got rid of mine and I put it on by mistake

- Collapse -
Sending secure e-mails

Thunderbird makes a secure connection to your e-mail service provider via IMAP such as to Gmail. As does Eudora and Outlook, though Outlook prefers pop3 instead of IMAP (I am not sure how Eudora works natively as I haven't used it before). Though that secure connection is relative and can always be hacked if someone wants to take the time to target you specifically (all security is relative in that matter and generally only keeps the good people out). However, after the connection to the e-mail service provider the e-mail is only as secure as the that provider is secure. If you have a yahoo address or hotmail address (or generally most e-mail providers along with anyone using a standard exchange server) the e-mails are then sent unencrypted via the internet to their destination.

I don't know about Eudora (but I am sure it has this) but both Thunderbird and Outlook are able to use some sort of PGP which a way for encrypting e-mails. However, this is a difficult process and your recipient needs to have PGP also setup properly so that you both have each others public keys and are able to unlock the messages received and private keys so that you are able to properly lock messages that you want to send. This is not an option for the average user and to send out encrypted e-mails to everyone. It does however work well in a corporate environment where there is IT support to make sure all senders and receivers within the corporation are sending and receiving secured e-mail. However, once you e-mail someone outside the company who doesn't have your public key then you need to make sure you send an unencrypted e-mail.

Firefox is a browser and not an e-mail application (i.e. Eudora, Thunderbird, or Outlook) and is not an e-mail service provider (i.e. yahoo, hotmail, gmail). Using Firefox has nothing to do with e-mail security.

- Collapse -
Check out Thru

We've had great luck with a company called Thru.

They have a slick app and are really responsive.

- Collapse -

I've also had some good experiences with

- Collapse - is my suggestion

I don't have experience with any of these providers except and so far I'm very happy. They have a free version that allows you to send both private emails and regular and they have alot more storage then most free providers. The paid services look cool too though, delay and retracting messages, see when your recipient has read your sent stuff.

- Collapse -
Best email service

I've only used Hotmail and Gmail.

I prefer Gmail. I'm not sure how secure it is, I'm not all that techy but I have never had a problem.

Is this one good from what you have heard?

I've never heard of the ones you have named before. Just wondering. Thanks.

- Collapse -
Secure e-mail service

The question is what is the best "secure" e-mail service. Hotmail isn't secure. Every network administrator and hacker listening to the lines from the source of the e-mail to it's destination can read the e-mails if you like. Sending an e-mail and really most information being sent over the internet is like sending a post card. It is open for everyone to read who lays a hand on it (the postman particularly but anyone else who might also steal the mail).

Gmail now uses https so your connection with their servers is secure but if the recipient isn't using a secure e-mail then the e-mail is still unprotected as it comes to the Gmail servers or goes from it. The problem with Gmail is that they have had several very serious security breaches with their Google documents in the past (of which I have never heard if it was resolved or not) and recently with e-mail users from the attach that originated from China against human activists. Beyond that it is well known that Google stores everyone's e-mails on their servers. Google never really deletes anything even if you think you have deleted it. They are a information storage and distribution company they will keep all information that they ever receive and use it for marketing purposes. Even as you are reading your e-mails in Gmail there is a small advertisement at the top that changes based mostly on content found in your e-mails. While this is an unmanned scanning and Gmail declares that your e-mail information is safe from human eyes they are still "reading" all of your e-mails.

I use when sending data sensitive material. It works on the security side but it has a lot of draw backs such as there is no e-mail storage or confirmation that the e-mail was sent to the right location. If you type in the address wrong and hit send you will never know that the message didn't make it because there is no inbox to receive the Mailer Daemon e-mail saying that the message couldn't be delivered. I will look into some of these other options.

- Collapse -
Another option
- Collapse -
Best Email Service

I like GMail the best. If you login directly to GMail securely (, you are not going to be using your company's POP3 and SMTP server, you will be using GMail's POP3 and SMTP server so only Google has access to that data and not your company's IT.

However, there are tools such as Packet Sniffers that can read any communications if they are not encrypted so if the IT department has such a tool at the network level, and you are not logging in to your GMail WebMail securely, they can scan and read your emails.

I also heard of Screen Scraping - I'm not sure if this is another technology to read / record employee's communication at the screen level. I do not know of an easy way to fight that.

- Collapse -
Only Gmail to Gmail is secure

Gmail answers the concerns of a few reasons why you would want to use a secure e-mail but not all. A person would want to use secure e-mail not just because they are worried their IT department is reading their e-mail. Hopefully, your company has some kind of privacy policy. I wouldn't feel comfortable working for a company that is known to read it's employee's e-mails unless the law was involved and investigating criminal activity. I worked in a corporate IT dept. and yes it was easy to ready corporate e-mail on the exchange server or just log into someone's Outlook as them from my own Outlook. However, that was only to be used for troubleshooting reasons. Many people requested their e-mails be share anyway with their secretaries or other people in their departments while they were away on vacation. They just kept their personal stuff in their personal e-mails. However, I don't work in this setting so my concern finding a secure e-mail solution has to do with using my home internet connection.

Gmail is only secure if your recepient is also using a secure e-mail otherwise the e-mail becomes unsecured once it leaves the Gmail servers. Gmail to Gmail is secure but I don't know to what level. For example, it is still secure enough to meet the HIPPA standards for sending medical and financial records.

If you want to contact your bank via e-mail you have to log into their website and send them a message that is completely stored on their servers behind the https website. Then when they have an answer for you if they e-mail you it is only to tell you that you have a secure message. I even e-mailed my state government once with a question regarding my tax form and their return e-mail came in a secure message that I had to click on the link to take me somewhere to have it unencrypted.

CNET Forums

Forum Info