Introducing ProtonMail Bridge, email encryption for Outlook, Thunderbird, and Apple Mail

Email encryption for Outlook, Thunderbird, and Apple Mail

Today we are officially launching ProtonMail Bridge, which brings easy-to-use email encryption to desktop email clients.

Ever since the day that we first got the idea to create ProtonMail, one of the most enduring challenges has been how to do email security right while simultaneously making encrypted email easy enough to use for normal people. Since our early days working from the CERN cafeteria, we have been working tirelessly to address this specific problem.

In the years since, we have made many great strides towards creating usable encrypted email, first with ProtonMail’s webmail interface and then with our award-winning iOS and Android secure email apps. However, one of our goals has always been to bring easy-to-use encrypted email to desktop. The problem is formidable. Desktop systems encompass multiple operating systems with dozens of popular email clients with their own adherents, and virtually none of them natively speak PGP, the email encryption standard upon which ProtonMail is built.

Around two years ago, we created a small task force to tackle this challenge. Today, we are finally ready to present ProtonMail Bridge.

ProtonMail Bridge for MacOSWhat is the ProtonMail IMAP/SMTP Bridge?

In a single sentence, ProtonMail Bridge is an application that allows you to use your ProtonMail encrypted email account with your favorite desktop email client such as Thunderbird, Apple Mail, or Outlook, while simultaneously retaining the zero-access encryption and end-to-end encryption that ProtonMail provides. The best part is that this does not require modifying your email client or making changes to your existing workflow. Use email like you have always used it, and the Bridge will automatically encrypt and decrypt messages in the background.

How does the ProtonMail Bridge work?

The Bridge is an app that you download and install locally on your desktop or laptop computer and it runs automatically in the background.

ProtonMail Bridge Login

The Bridge essentially acts like a local email server (using the IMAP and SMTP protocols) and interacts with email clients also installed locally on your desktop computer. As a result, all encryption and decryption occur locally and thus the benefits of end-to-end encryption remain. The Bridge communicates with ProtonMail’s encrypted email server via our API, which supports end-to-end encryption, while email clients can communicate directly with the Bridge via standard IMAP and SMTP. In this way, standard email clients which do not natively support end-to-end encryption can support encryption without modification. Another way to think of it is that the ProtonMail Bridge translates end-to-end encrypted email data into a language that any email client can understand, thus “bridging” the gap between ProtonMail’s end-to-end encryption and your standard email client.

How does the ProtonMail Bridge work
Full-text search, multiple accounts, import/export

One of the powerful benefits of using the Bridge and email apps like Thunderbird, AppleMail, and Outlook is being able to use full-body text search within your encrypted emails. The Bridge decrypts messages as they arrive in your computer and delivers them to your desktop email client. These local copies are stored on your computer, so the search features of your desktop client work normally and you can search within your encrypted emails.

Another powerful benefit of the Bridge is being able to have multiple accounts added to an email client. For example, many users will have both a Gmail account and a ProtonMail account. In this scenario, you could simply drag messages between accounts using Thunderbird (for example). This essentially enables you to drag and drop an existing Gmail account into a new ProtonMail account as a way of doing “Account Import” (a dedicated account import and export tool is currently under development). Similarly, for users who want a backup of their ProtonMail data, most native email clients let you mass export your data and download it. You can also have multiple ProtonMail addresses and accounts in a single email client, and move messages between your ProtonMail accounts.

Threat Model

The Bridge preserves end-to-end email encryption, and also zero-access encryption (meaning that even we cannot read your emails). However, the Bridge does not protect your emails from end-point compromise (e.g. compromised laptop). Since the Bridge decrypts data locally, it’s important to ensure that your computer is safe. If someone breaks into your computer while using the Bridge, the unencrypted data could potentially be viewed as well.

During the installation process, the Bridge will auto-generate a “Bridge Password”. This Bridge Password is used to setup and configure your email clients. In this way you don’t need to trust your email client with your secret ProtonMail password.

JavaScript Cryptography and Open Source

Because the Bridge is locally installed, it is like our mobile apps in that it does not do decryption in a browser. Therefore, the Bridge also guards against the threat vector of somebody compromising the connection between you and ProtonMail in order to send you bad JavaScript code, or ProtonMail getting compromised and serving a malicious webpage to users.

Furthermore, after the technical documentation of the ProtonMail Bridge code is done, we will be releasing the source code of the Bridge, so that you can even compile it yourself instead of getting the binaries from us, so there is even less need to trust us. This is an important step in our work to eliminate ProtonMail itself as a threat vector.

Using the ProtonMail Bridge

The Bridge software is easy to set up and use. The setup process consists of:

  1. Installing the Bridge app
  2. Adding your ProtonMail account to the Bridge
  3. Adding your ProtonMail account to your email client (Thunderbird, Apple Mail, Outlook)
  4. Configuring your email client’s settings (ports, password, etc).

Currently, the officially supported email clients are Thunderbird, Apple Mail, and Outlook, on both Windows and MacOS (Linux is coming in Spring of 2018). However, in theory, any IMAP email client can work with the Bridge, and in our beta testing, many were shown to work. If you are a paid ProtonMail user, you can immediately get started here:

Finally, we would like to thank the thousands of ProtonMail users who participated in the Bridge Beta over the past year. Your support and feedback was invaluable towards bringing the Bridge to fruition, and we look forward to making ProtonMail even better for the community.

Best Regards,
The ProtonMail Team

You can read the ProtonMail Bridge press release here.
ProtonMail’s media kit can be found here.
ProtonMail Bridge images can be found here.

You can get a free secure email account from ProtonMail here.

We also provide a free VPN service to protect your privacy.

ProtonMail and ProtonVPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan or donate. Thank you for your support!

About the Author

Irina M

Irina is part of ProtonMail’s communication team. With a background in graphic design and digital communications, she strongly supports the protection of private data and wishes to help build a safer internet for generations to come.


Leave a Reply to an user Cancel reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

43 comments on “Introducing ProtonMail Bridge, email encryption for Outlook, Thunderbird, and Apple Mail

  • Would I have known that this will come I would have sent you a lot of customers for BlackFriday…
    Maybe make another good offer for Christmas time because this is really amazing and could become a very good deal.

    I will think about moving my Bussiness emails to you.

      • In order to survive as a company and further develop high-end security products, we need to monetize premium features. Thank you for understanding.

        • Why do you a require a paid account for such a basic feature? This is not premium by any stretch of the imagination.

          Very disappointed. Waiting until it becomes free so I can finally switch to Protonmail full time.

          • It must be a paid feature for now because the Bridge adds a lot of extra load onto our servers, and if we made it available for all free users, our servers might not be able to handle the load. Also, upgrading to a paid account helps us buy more servers and build more infrastructure.

          • As I like to say: You get what you don’t pay for.
            The reason why ProtonMail should exist is because other services are free so we have to agree to open up all our data to mining. If one likes or doesn’t mind having one’s data mined or not encrypted, then there’s really no reason for switching. And if the reasoning is, “I have nothing to hide,” then this service is really beyond one’s need.

          • It’s not premium? Really? How many encrypted email services do you know that offer an encryption layer for a third-party client? This is HUGE. As soon as the Linux bridge comes out, I’m sending ProtonMail my money.

        • This is fantastic news, thanks so much!

          Thank you also for monetizing your business with money rather than my personal information. There is no free lunch and I appreciate transparent motives that do not compromise my security or privacy.

  • Thank you for the ProtonMail bridge!

    Within the last week, news arrived that the NSA (based in the US) has been arguing in surveillance court that the NSA should be able to ask US-based tech companies to provide a backdoor on encrypted US products *and to mandate that this request be kept secret*. This request can also be stepped-up to become a requirement.

    Get the picture? Every day the US reassures us the we can trust it with our electronic communications. Now, we regularly discover the US is actually determined to get our data. It’s a shame they feel they have to act this way.

    Eventually, secure communication will be a given, not the exception. At it’s current pace, Gmail will serve as a wasteland for spam emails, a service now provided for most people in a Yahoo account. This ProtonMail bridge will now make my Thunderbird email a pleasure to use.


  • Thanks for the always evolving service. I’m currently waiting eagerly for the Linux release of the bridge!

    Remarks about the links at the end of the article: “ProtonMail Bridge press release here” leads to a broken link, and “ProtonMail Bridge images can be found here” leads to a dropbox folder, when I believe a self-hosted folder would me much more professional.

  • WHen will Bridge be available for Linux?
    As a LONG time paid subscriber and Linux user, I find this very frustrating. I am sure a not insignificant percentage of your user base is Linux users. I will continue to support protonmail. I hope this situation is resolved very soon.

  • Until this is open source (and no proprietary blobs hidden in the code!) and available in Linux distros repositories, I’m out.

  • I know the bridge uses IMAP/SMTP and therefore does not support anything other than mail, but do you have plans to implement some kind of extra protocol to be able to sync contacts and calendar (when it’s done) via the bridge as well?

    • Hi Peter,

      Setting up your own CalDAV and CardDav server is quite easy (unlike having your own mail server, which is near impossible).
      Especially if you already have a NAS running.

  • I have just installed the new bridge for Thunderbird on Windows. It is working beautifully. I had to upgrade to a paid account but was going to do this in any case as soon as IMAP support was available.

    Brilliant! You’ve cheered me up after all the Brexit madness in UK!

  • I wish you would have announced this 2 weeks ago before the Black Friday sale… If so, it would have been an automatic purchase. Hopefully it comes up again.

  • Why is the connection between protonmail servers and the bridge not simply imap? Why should this be a specialized tool for protonmail? Why is that non-standard (non-imap) connection increasing server load?

    If you had:

    protonmail svr — (imap) —> local cipher bridge — (imap) —> local MUA

    it would actually decrease server load, because the gui objects would not be needed. And such a bridge would be useful independent of protonmail.

    • The reasons are the following:

      a)IMAP has certain expensive operations which we do locally instead, so this helps us manage server load;

      b) anything like this that downloads entire inboxes as opposed to thin clients (which do not) is going to increase server load regardless of communication protocol;

      c) At a minimum, key management is not handled by the IMAP protocol, which is one of the functions of the Bridge, but this applies to all the other ‘extras’ that we want to do that don’t fit neatly into IMAP, such ProtonMail authentication, which is significantly more secure than IMAP, 2FA, etc.

  • When you say Linux coming soon, do you mean some weeks, or some months? I have a paid plan, but was considering leaving because I dislike the browser interface. I’ll stay for now, but really want to get that Linux version.

    On that not, is this Open source, and will I be able to compile it myself? I don’t really like using pre-built software.

    • The Linux version of ProtonMail Bridge will be available in the Spring of 2018. At the moment the app is not open source, but it will be in the near future.

      • You write “It must be a paid feature for now because the Bridge adds a lot of extra load onto our servers, and if we made it available for all free users, our servers might not be able to handle the load.”

        So make it open source in order to setup the installation on my own server?

  • This is amazing! I hope you guys make a birdge app for iOS and/or Andriod so we can use our favorite email apps, contact apps and calendar apps!

  • Very cool. As soon as it’ll be available on linux I’ll give it a try. So far I’m good with the web ui.

    Thanks for the great service.