ProtonBlog(new window)
Subscribe by RSS

What is a secure email server?

Lydia Pang(new window)

Share this page

Over 300 billion emails are sent and received daily around the world, making it one of the most popular forms of communication. However, most modern email providers, such as Gmail or Outlook, do not adequately protect your emails. 

Gmail stopped reading your emails(new window) to target you with personalized ads in 2017 but it still gives third-party developers access to the content of your emails(new window) and tracks your online purchases(new window). It also scans your emails to provide smart features(new window), although you can disable this setting. Allowing so much email information to be scanned and shared by potentially multiple unknown parties is bad for your privacy and security. 

One way to prevent this breach of your privacy is to set up your own secure email server. This gives you complete control over your data and ensures your messages are safe from third parties. 

However, setting up your own secure email server can be complicated and time-consuming. In this article, we explain what a secure email server is and show you how you can still send encrypted emails without setting up your own server. 

Get Proton Mail button

What is an email server?

While sending an email seems simple and instantaneous, several steps are involved. After you hit the “send” button, your email passes through a network of email servers before reaching your recipient’s inbox. An email server is a computer system designed to receive, process, and forward emails. Every email you send passes through several email servers along its way to its recipient. 

There are two main types of email servers(new window)

  • Incoming mail servers, also known as POP3 (Post Office Protocol) or IMAP (Internet Access Message Protocol) servers
  • Outgoing mail servers, also known as SMTP servers (Simple Mail Transfer Protocol)

How does a secure email server work?

A secure email server works just like a regular email server, except it uses advanced security protocols to protect your emails:

Why you should not set up your own email server

While setting up your own server seems like a great way to control who gains access to your data, it’s also a complicated process that can undermine your email security if not done properly. Running your own email server means you’ll likely encounter one or more of the following challenges:

Email servers are complex

A typical mail server is made up of different parts that serve specific roles. Each component must be perfectly configured and maintained with the latest security updates to produce a fully-functioning secure email server. Because an email server can have so many moving parts, it can be tricky to set up and keep running securely unless you have the required technical expertise.

Mail deliverability is not guaranteed 

Most email providers have robust infrastructure and IT teams working around the clock to guarantee near-perfect rates of mail deliverability. If you set up your own email server, you may not have the same resources to ensure your emails are delivered successfully at all times. For example, your emails can end up in your recipient’s spam folder.

Email servers require ongoing maintenance 

Installing your own server is only the first step. After setting it up, you’ll need to dedicate time and effort to maintain it regularly. An estimate shows(new window) that setting up an email server costs around $500 and an additional $70 to $100 monthly to maintain it. In the long run, these costs can run exponentially high.

Securing email servers on your own is challenging

For an email server to be truly secure, it needs to be protected on multiple levels with technologies such as end-to-end encryption, anti-spoofing, and anti-phishing measures. Email security is complex enough for experts, which means securing an email server on your own is often quite difficult. If your email server is compromised, your emails could very easily fall into the wrong hands.

The better way to secure your emails

Thankfully, you can still send encrypted emails without setting up your own server, and that is to use an encrypted email provider. As the world’s most popular encrypted email service, our top priority at Proton Mail is to protect your privacy and security. We use E2EE and zero-access encryption(new window) to secure your emails so only you and your recipient can read your messages. 

We also own our own servers and invest heavily in our server infrastructure. All Proton Mail servers are located in Switzerland and Germany, and access to our data centers is secured with biometric access. Our servers utilize fully encrypted hard disks with multiple password layers, preserving data security even if our hardware is compromised. 

To protect you against phishing and spoofing attacks(new window), we support SPF, DKIM, and DMARC. These protocols ensure the integrity of your email server and make it harder for hackers to spoof your email address.

When you sign up for a Proton Mail account, you can also enjoy the benefits of a secure email server without the risks above. The advanced security features Proton Mail offers include: 

  • End-to-end encryption(new window): No one besides you and your recipient can read your messages.
  • Password-protected Emails: Send a fully encrypted message to anyone, not just to Proton Mail addresses. When your recipient receives your email, they only need to enter a previously agreed-upon password to read its contents. 
  • Spam detection: Proton Mail’s smart spam detection automatically filters out spam emails to your Spam folder.
  • Message expiration: Set a timer on your email so it’s automatically deleted from your recipient’s inbox after the time runs out. 
  • Encrypted contacts: Securely store your contacts’ details in your inbox, such as their phone number, address, birthday, and personal notes.
  • Sender verification: Proton Mail’s digital signatures ensure that an email has not been tampered with and comes from a legitimate sender.

In addition to a web application, Proton Mail also has mobile apps for iOS(new window) and Android(new window), ensuring the privacy and security of your messages even when you’re on the go. If you want to support our mission of building a better internet, consider signing up or getting a paid Proton Mail plan for the most comprehensive email security features.

Secure your emails, protect your privacy
Get Proton Mail free

Related articles

Secure, seamless communication is the foundation of every business. As more organizations secure their data with Proton, we’ve dramatically expanded our ecosystem with new products and services, from our password manager to Dark Web Monitoring for cr
what is a brute force attack
On the subject of cybersecurity, one term that often comes up is brute force attack. A brute force attack is any attack that doesn’t rely on finesse, but instead uses raw computing power to crack security or even the underlying encryption. In this a
Section 702 of the Foreign Intelligence Surveillance Act has become notorious as the legal justification allowing federal agencies like the NSA, CIA, and FBI to perform warrantless wiretaps, which sweep up the data of hundreds of thousands of US citi
In response to the growing number of data breaches, Proton Mail offers a feature to paid subscribers called Dark Web Monitoring. Our system checks if your credentials or other data have been leaked to illegal marketplaces and alerts you if so. Often
Your email address is your online identity, and you share it whenever you create a new account for an online service. While this offers convenience, it also leaves your identity exposed if hackers manage to breach the services you use. Data breaches
proton pass f-droid
Our mission at Proton is to help usher in an internet that protects your privacy by default, secures your data, and gives you the freedom of choice. Today we’re taking another step in this direction with the launch of our open source password manage