Free Software Webmail Systems
Whether the server itself runs nonfree software is a different issue. Nonfree software running on the server infringes the freedom of the server operator, but not yours; therefore, it is a secondary issue. We note here that some server operators say they run exclusively free software; you might choose one of them to reward their support for the community.
We don't know of any surefire way to evaluate a mail service for privacy, since any such service could be handing mail data massively to some government, and there is no way to detect this from outside.
We do know that specific companies providing webmail services were named as part of the PRISM NSA spying revelations: Google, Yahoo, Microsoft, Apple, and AOL.
We also know that some smaller companies, like Lavabit, were pressured to turn over information.
With these caveats, here are some recommendations:
- Pick a mail service located in a country that won't cooperate with governments that you're particularly concerned about privacy from.
- Avoid using LinkedIn, which fishes for people's email contact lists.
- If your mail service and your search engine are run by companies that don't cooperate, neither of them can correlate your searches with your mail contents. (A spy agency could still do so, if the two companies are in the same country or in countries that cooperate in massive surveillance.) Thus, don't use both Gmail and other Google services such as web search.
Some of these services are gratis, but that's a separate issue. Recall that "free software" refers to freedom, not price.
- http://posteo.de: Fully compliant with LibreJS's standards, but a bug in LibreJS causes the site to not work when the plugin is enabled. Does not work without JS.
- Mailoo: Explicitly states it runs on free software. Currently French only - would appreciate help translating.
- OpenMailBox: Runs explicitly on free software. Service started in June 2013.
- https://ruggedinbox.com: Signup is quick and works with LibreJS. SquirrelMail (works without JS) can be used to access webmail, POP/IMAP clients can also be used.
- kolabnow.com (formerly mykolab.com): Swiss based paid service focused on ensuring your privacy. Highly resistant to PRISM and similar programs. Runs on free software. Currently becoming LibreJS compliant.
- riseup.net: Geared more toward activists - they have a manual screening process.
To ask about a mail service not listed here, or request corrections and updates, please send a mail to: ryan dot white at absa dot co dot za : with "Webmail System" in the subject line.