Posteo.de - Aktuelles

New security certificate

2024-02-23T11:35:00+01:00

Dear Posteo customers,

We are updating our main security certificate. Security certificates are only valid for a specified time period and need to be renewed from time to time.

In most cases, you will not notice any change.
All current clients like Thunderbird or Outlook will automatically find the new certificate. You do not need to do anything. However, should your client display a certificate error during this changeover process, please restart your client. This should fix the error.
#more#
If you manage the trustworthiness of certificates manually, you can find the fingerprint for the new main certificate below. You can also find complete fingerprints for all certificates in our legal notice.

New fingerprint for the TLS security certificate for posteo.de:

Geotrust:
SHA256: AA:FC:E1:21:F4:15:14:E6:8D:09:ED:F4:87:EA:E6:1E:02:99:BC:9B:41:51:4C:FC:DC:BE:F5:E8:A5:60:9C:DD
SHA1: ED:87:9A:C6:E6:2E:72:82:42:AD:30:D9:05:38:30:34:7C:47:2F:24

Best regards,
The Posteo Team

Now available: posteo.com and additional Posteo domains

2023-12-15T13:45:00+01:00

Dear Posteo customers,

We are expanding our range of services: From now on, accounts can also be registered with the email domain @posteo.com. Additionally, we offer the domains @posteo.us, @posteo.ca, @posteo.uk, @posteo.ie, @posteo.es, @posteo.at, @posteo.ch, @posteo.nl, @posteo.be, and @posteo.lu.

#more#

Previously, accounts could only be registered with either @posteo.de or @posteo.net endings. Many of you have asked for these additional options.

If you prefer one of the new domains for your existing account, you can now rename it easily in the settings via “Email aliases”. Your previous address will then be converted into an alias, so that you can continue to receive emails to that address.
If necessary, you can find further information in our help section.

There are many other top-level domains (the address part after “@posteo.”) also available for Posteo email aliases, such as .me or .eu.

By the way: Your Posteo address can only be registered by you for the other Posteo domains. For example, if you have the address mymail@posteo.de, only you can register the address mymail@posteo.com.

Best regards,
Your Posteo Team

New at Posteo: Optional spam folder and spam log

2023-10-17T17:20:00+02:00

Dear Posteo customers,

We have released two new spam options. From now on, you can manage your mailbox with or without a spam folder – or use the spam log. The new options can be activated or deactivated in your account settings. Allow us to introduce them to you.

#more#

If you do not use a spam folder, emails that have been classified as spam are rejected and the sender is informed of this rejection. You save time in your daily routine as there is no spam folder that must be checked regularly and sorted through. Because from a legal point of view, emails in a spam folder are also generally considered as delivered. Additionally, your email address becomes considerably less enticing for spammers if their potentially dangerous digital trash is regularly rejected.

Attempts to reach out to someone are also often overlooked in spam folders or noticed much later. This is the reason why the Snoop Dogg song “Chai Tea with Heidi” almost didn’t exist because Heidi Klum overlooked an email sent by the rights holder, Rod Stewart, for almost two months in her spam folder. Email clients like Thunderbird, Outlook or smartphone apps may even automatically delete emails in spam folders after a short period of time. Therefore, please be sure to check the settings for deleting emails in your programs if you use a spam folder. Otherwise, communication could be lost. We do not delete emails from the spam folder.

Spam folder: Receive all spam emails

Whoever decides to use the optional spam folder can check there at any time which emails have been classified as spam by us. All spam emails will be delivered in this folder.

From a customer service perspective, we know that it is very uncommon for spam to be falsely classified and is mostly only suspected. If an expected email is missing, in most cases it turns out that either the email address was misspelled or the message was sent to another email address. Often the email in question arrives shortly thereafter. Sometimes customers have also activated a filter that immediately sorts incoming emails to subfolders or deletes them. Or they use external email clients that sort emails into their own spam folders. Sometimes, it’s just that the inbox has also been accidentally sorted differently – and incoming emails are not longer displayed as usual.

Please check the scenarios described above if you have activated the spam folder and suspect that an email has not been received. From a technical standpoint, you can be sure that we deliver all emails sent to your mailbox, even if they have been classified as spam.

Activating the spam folder can lead to your email address becoming considerably more attractive for spammers – and result in you receiving more spam. Therefore, you can also temporarily activate your spam folder as needed. For example, during a period where you are sending off job applications and want to be absolutely sure that nothing can go wrong under any circumstance or that something may need to be clarified first.

The spam log in the Posteo web app

Steer a middle course with the spam log

Are you not interested in managing a spam folder but still want to know which emails are rejected? Then, as an alternative to the spam folder, you can activate our new spam log.

By doing so, potentially dangerous spam emails will continue to be rejected. We also document each rejection for you transparently in a spam log folder. The log contains details about the sender, date, time and subject (if applicable) of the rejected email and is created in real-time. Warning: Sender names are often falsified by spammers.

Should you suspect that an email has been incorrectly rejected, you can check the log and know with immediate certainty.

Images, attachments and links are deactivated in the spam folder

Be careful with spam

Regardless of whether you decide for or against a spam folder: Always be careful when dealing with suspicious emails. Never click on links or open attachments in such emails and never answer them. In general, legitimate senders do not request that you click on links and then enter login credentials or other data. For your security, images are not loaded in the spam folder and clicking on attachments and links is deactivated in the Posteo interface and our web app. If you move the email to another folder, contents can be loaded and clicked on as usual.

If a sense of urgency is suggested or pressure is exerted, it is often a clear indication of spam or phishing. This rule of thumb helps: Never give in to such harassment. If you are unsure, you can always first contact our free customer support. We can advise you how to deal with suspicious emails. There are also no dumb questions: Even IT professionals can become unnerved by well-made spam emails and will contact us. Our team always takes you seriously.

Best regards,
Your Posteo Team

Posteo awarded climate mobility prize from Deutsche Bahn

2023-07-05T10:00:00+02:00

Posteo is the winner of Deutsche Bahn’s “Climate Mobility Challenge 2023”: At the award presentation in Berlin on 29 June, we were recognised for our sustainable mobility program.
Since 2022, Deutsche Bahn has aimed to incentivise companies with their competition to reduce CO2 emissions through environmentally-friendly mobility practices.

#more#

After the jury nominated us for the award in the “small company (up to 50 employees)” category, the final decision was made by the audience on Thursday evening during Deutsche Bahn’s “Mobility Symposium”. Afterwards, Posteo founder, Patrik Löhr and Dean Ceulic, accepted the award from Deutsche Bahn executive board member, Stefanie Berk.
We are pleased about the award!

An overview of our award-winning mobility program

Our team consists of 40 employees spread out all over Germany. Our mobility program is a part of the entire company’s sustainability strategy – over the years we have continued to expand upon it.

The Awards

No Flights Policy: For climate protection reasons, we have refrained entirely from aeroplane travel already since our founding in 2009. In our experience, we have found that many destinations in continental Europe are also very accessible by train with regard to business trips.

Facilitating environmentally-friendly trips: Since 2014, we grant our employees 2 additional vacation days per year if they refrain from using aeroplanes when travelling abroad privately – and we also contribute towards travel costs (150 €, net) for the train ticket. Our intention with this voluntary offer is to create an incentive for environmentally-friendly trips by train and to compensate with additional vacation days for the longer journey. Since many years, this offer has been adopted and valued by our team.

Remote Positions: Most team members can work fully remotely as their positions allow for this. This reduces commuting and CO2 mobility-related emissions. We have decided to continue to offer remote work on an ongoing basis, even after the pandemic.

Free public transportation ticket: We provide all employees with a public transportation ticket free of charge. In fact, this also applies for those who work exclusively remotely or do not live in Berlin, where our company is located.

Accessible location: our offices are located centrally in Berlin and are easy to reach using public transportation, by bike or by foot.

Bike repair: we cover maintenance and repair costs, including replacement parts, for bikes that are also used for travelling to work. Our team gladly takes advantage of this offer. Additionally, we have rented car parking spots in the underground garage located beneath our office to set up secure bike parking.

Idea pool for companies

The prize winners in 2023

The “Climate Mobility Challenge” (German link) is a competition from Deutsche Bahn for companies and organisations to make sustainable employee and event mobility visible:
Company mobility policies are presented from a wide range of industries and company sizes on the competition website. As a result, it also serves as an idea pool for companies that are searching for sustainable mobility solutions.

In total, 54 companies participated in the competition this year. There were three categories: small, medium and large companies. Additionally, there was a special award in the “event mobility” category. In total, there have already been 120 mobility policies presented on Deutsche Bahn’s idea platform

“Employers are multipliers, bear responsiblity and can do a lot to avoid emissions through company policies. At Posteo, we also try to incentivise more climate protection in everyday life with free additional benefits for our team. Participating in the competition motivated us to expand upon this”, said Posteo founder, Patrik Löhr, during the award presentation.

Girls'Day 2023 at Posteo

2023-05-11T17:30:00+02:00

Making coding exciting for girls: This is what our team set out to do for this year’s Girls’Day.
It was a special experience for us to welcome female students interested in computer science at the Posteo Lab located on top of Berlin’s Kreuzberg – and to give them insight into the job of a software developer.

#more#

Email workshop at Girls’Day 2023

Starting steps for computer science

After a round of getting to know each other, our developer Monika shared how she trained for her profession. She told the girls what subject matter should be expected when studying computer science and what job possibilities exist afterwards. She then answered questions regarding choosing a profession and everyday life on the job.

Workshop: How email protocols works

Afterwards, there was a more detailed look into working as a developer. Our team explained to the students what protocols are, what role they have in the global exchange of information – and how the SMTP protocol (Simple Mail Transfer Protocol) is used for transferring emails.

Finally, it was the girls’ turn: With help from Anne, a team leader from our technical support, they could communicate with an email server using SMTP protocol, enter commands and deliver emails from the command line.

Girls’Day 2023 at the Posteo Lab

Choosing a field of study or profession without gender stereotypes

Our Girls’Day Team enjoyed the day very much. “We want to give girls the chance to meet women who work in software development and by doing so contribute to changing old role models. The profession is multifaceted, attractive and it should be normal for girls to pursue it if they are interested,” says Posteo developer, Monika. “It was so nice to see how motivated the girls were to participate. We will definitely take part again next year.”

Girls’Day is a day of action for career guidance in Germany. On this day, girls in the 5th grade and higher can gain more insight into jobs that are primarily chosen by men.
This includes software development. Posteo’s development team has a balanced ratio between men and women. Many of our features were programmed by women: for example the Posteo migration service, our mobile user interface, the attachment browser with photo stream – and also our new dark mode. But it’s not like that everywhere: In computer science studies and in the technology sector, women in Germany are still strongly under-represented.

New at Posteo: Many Colors and Dark Mode

2023-04-20T16:45:00+02:00

Dear Posteo customers,

Starting today, we will be gradually releasing new features for you: Just in time for the beginning of spring we are bringing some color to your mailbox – we are now offering our user interface in 10 new variants. Additional updates include dark mode as well as two levels of contrast.

#more#

Gallery: New colors and contrast levels

Regardless if you prefer yellow, pink, red or neutral colors like beige, brown or blue: From now on, the color of the user interface can be adjusted in the settings. The selected color will be applied to all areas, such as the calendar, notes, the attachment browser or in the Posteo web app.

Each Color in Two Contrast Levels

It is also new that all color variations are now available in two contrast levels. If you regularly work several hours in front of a screen, a color and contrast selection tailored to their own needs can be much more pleasant. Please try it out!
The contrast toggle switch can be found in the settings directly above the color selection.

Dark mode in the Posteo web app

Dark Mode

Another update: Starting now, you can activate dark mode. The background will then be displayed darkened and the text brightened – in the color you have selected. dark mode is especially useful for reading emails in darker settings. Many people also consider this more pleasant on the eyes in general.

Additionally, you have the option to automatically control Light and dark mode based on your operating system settings: The Posteo interface will then adapt accordingly – also on smartphones using the web app.

There is a toggle switch for dark mode and auto dark mode directly above the color selection.

We will gradually release all new features over the next few weeks. As soon as they have been released for your account, you will find the new options in Preferences via “User Interface”. These features are available free of charge without any further action on your part.

Video and Help Guides

In our video, you will learn how to select your personally favorite color and contrast level – and how dark mode works. There are also versions of the video available in French and German.

You can find step-by-step guides in our help section here:
How do I change the color of the Posteo webmail interface?
How do I activate dark mode for my account?
How do I install the Posteo web app?

Best regards,
Your Posteo Team

New security feature: The deletion notification

2023-03-17T12:30:00+01:00

Dear Posteo customers,

Perhaps you have already noticed that we have released a new feature: the deletion notification. The new security feature protects you from unnoticed data loss; for example, if you have accidentally deleted emails from your account. The new feature has proven to be successful in everyday use. That’s why we would now like to officially present the deletion notification in our blog.

#more#

It is not so uncommon for customers to accidentally delete emails or an entire folder. We would like to provide you with the best possible protection for such cases: Posteo has always offered a special service of creating daily security backups of all email accounts and storing them 7 days for you. If needed, we can then restore these backups for you free of charge.

We have developed the new deletion notification because on a daily basis it was sometimes not satisfactory for us when customers would notice too late – after more than 7 days – that they – or the programs and devices they use – accidentally deleted many emails. We were then no longer able to help them.

With the new deletion notification, this no longer happens. Our system automatically sends a notification via email as soon as the amount of emails in your account is reduced by at least 50 emails within the past 24 hours.
And we can already say that the new feature is a complete success. Meanwhile, almost all customers that accidentally deleted emails contact us in time so that we can restore their data from our security backups. We have been happy to see the positive and relieved responses – thank you for this.

Notice:

Posteo will never request in an email that you click on a link and enter data on a website. Even our deletion notifications are purely informative without such prompts. Have you received an email that appears untrustworthy? Contact our support team for an evaluation at: support@posteo.de

Unlocked cell phones, errors in local clients

The main reasons for accidentally deleting emails can be quickly listed:
Often customers report of “cleaning” gone wrong in their own account – or from smartphones that were not locked in a pocket or bag.

Deletions are more likely to go unnoticed when customers are unaware of deletion settings in their local email clients – such as in Apple Mail, Outlook or Thunderbird. Therefore, it’s generally worth it to check the deletion settings in external email programs. Also, when updating these email clients, errors can sometimes occur that cause emails to be deleted unexpectedly.

By the way, out of principle Posteo never deletes emails from your email account – not even if your storage quota has been filled. We often receive this question.

I received a deletion notification – what do I do now?

If you receive a deletion notification from us in the future, follow these steps:

If you intentionally deleted the emails, simply ignore the deletion notification.

If the messages were accidentally deleted, verify if apps or email clients on your devices are automatically deleting emails. Perhaps your email client (e.g. Apple Mail) automatically emptied the trash. This is sometimes set by default in some email clients. You can, however, change this setting retroactively if you do not want emails to be automatically deleted. For example, also check individual folders, such as the “Sent” folder or your archive.

We do not have any information whatsoever regarding which emails were specifically deleted. The deletion notification has been implemented in a privacy-friendly manner and is entirely generated from values when calculating storage space. We do not look into email accounts and we also do not log which emails were deleted.

Should you be missing emails that you still need and do not have your own backup, please request for us to restore a backup within the next 7 days. This can be done in your settings via “Restore emails”. The backup contains all of the data in your account before the time of deletion. Alternatively, you can request to restore a backup from our customer service via email.
If needed, you can also adjust the deletion settings in your external email client to prevent unwanted deletions in the future.

Adjusting or deactivating deletion notices

Another tip: You can specify in your settings via “Password and security” to receive a notification only when more emails are deleted. This setting is particularly useful for people who regularly delete a lot of emails. If you no longer wish to receive deletion notifications, you can also deactivate the feature there.

We also recommend regularly creating your own backups of all saved data.

Best regards,
Your Posteo Team

New security certificate

2023-01-30T17:43:00+01:00

Dear Posteo customers,

Over the next few days we will update our main security certificate. Security certificates are only valid for a specified time period and need to be renewed from time to time. Because of this, we will be changing this certificate before February 14, 2023.

In most cases, you will not notice any change.
All clients like Thunderbird or Outlook will automatically find the new certificate. You do not need to do anything. However, should your client display a certificate error during this changeover process, please restart your client. This should fix the error.
#more#
If you manage the trustworthiness of certificates manually, you can find the fingerprint for the new main certificate that we will shortly begin using below. You can also find complete fingerprints for all certificates in our legal notice.

New fingerprint for the TLS security certificate for posteo.de:

Geotrust:
SHA256: E8:E2:06:71:4D:15:6E:68:DF:24:CE:FD:7F:53:5D:EE:E1:FA:75:5A:87:14:6D:EC:36:76:15:70:E1:09:8F:92
SHA1: 27:CD:27:2F:23:5B:B8:1F:89:72:8A:71:9B:1A:A0:70:F6:8B:49:BE

Best regards,
The Posteo Team

A safe start into the new year: The "forgotten password" feature

2023-01-27T11:33:00+01:00

Dear Posteo customers,

have you made any resolutions for the new year? We have a useful tip that only takes a few minutes. Activate or update the “forgotten password” feature for your Posteo account!

If you ever forget your Posteo password, you can use this feature to conveniently receive a new password via email or SMS.

#more#

Activate the “forgotten password” feature

It’s very easy to activate. You can find this feature in the settings via “Password and security”. Once there, enter the mobile phone number or alternative email address you want us to send the new password to in case you lose it.

The “forgotten password” feature is easily activated.

You have already activated this feature? Then make sure that your specified contact is still up-to-date. Simply enter your current mobile phone number or alternative email address, and you’re guaranteed to be up-to-date again.

You can find step-by-step instructions for activating and using the “forgotten password” feature in our help section: https://posteo.de/en/help/forgotten-password-feature

Access security for your email account

Our email address is the core of our digital identity: We log in to most online services with it and receive new passwords to our email address whenever we need them.

If, however, we forget the password for our own email address, we don’t have this option. That’s why it’s so important to activate the “forgotten password” feature and provide an alternative email address or mobile phone number for resetting the password.
In case you lose your password, you can then go to “Forgotten password?” to reset your password.

With the “forgotten password” feature enabled, if needed, you can go to “Forgotten password?” to reset your password.

The feature is designed to be privacy-friendly, secure, and will give you immediate access to your account again if you need it.

Note: If you have activated your Posteo crypto mail storage, the reset does not work automatically because your emails are encrypted with the forgotten password. However, the feature authenticates you as an account user: our support will then be able to quickly help you regain access to your address in case of a lost password. Previously stored emails remain encrypted with the forgotten password. If crypto mail storage is activated, it is therefore especially important to remember your password.

Best regards
The Posteo Team

Your alternative email addresses and mobile phone numbers are not stored in our databases at any point in time.

For security reasons, we do not store your sensitive data in our database. Your mobile number or alternate email address is converted to a hash value. If you activate or update the feature, your sensitive data remains with you. Only the hash value is sent to Posteo via the Internet. You can find more detailed information about this process here.

Transparency notice: Our donations for 2021

2022-05-17T11:35:00+02:00

Dear Posteo customers and interested parties,

We have a transparency notice for you: we have updated our donations page. On this page, we document the organisations that we financially supported during the previous year (2021).

Over the past year, we donated a total of 59,500 EUR. Of this, 56,139.93 EUR constituted voluntary donations by Posteo. The remaining 3,361.07 EUR came from users that donated remaining credit when terminating their account.

In March 2022, we additionally donated 10,000 EUR for emergency humanitarian aid in Ukraine (Médecins Sans Frontières/UN Refugee Agency). These donations will only be listed in our transparency notes next year when we disclose the figures for 2022.

#more#

It is important to us that we encourage social engagement and take responsibility as a company.
We therefore donate to carefully selected organisations in the fields of environmental and climate protection, digital freedom and freedom of expression, as well as refugee and humanitarian emergency aid.

Posteo donated to the following organisations in 2021:

UNHCR (UNO-Flüchtlingshilfe):
UNO-Flüchtlingshilfe is the German offshoot of the Office of the United Nations High Commissioner for Refugees (UNHCR). It ensures the survival of refugees in acute crisis situations with life-saving emergency measures. UNO-Flüchtlingshilfe thus provides for sufficient supplies of water, food and medicines in refugee camps or regions that are hard to access, for example.

Doctors Without Borders:
Doctors Without Borders was founded in France in 1971. The German section was added in 1993. Today, MSF (Médicins Sans Frontières) is an international network that provides emergency medical aid in over 70 countries. As a humanitarian medical organisation, Doctors Without Borders is committed to providing high-quality and efficient health care in countries where people’s survival is at risk due to diseases, wars and disasters.

Reporters Without Borders:
Reporters Without Borders engages itself worldwide for freedom of the press and freedom of information. The organisation documents violations against freedom of the press and supports journalists that are in danger. Reporters Without Borders combats censorship and restrictive media laws.

UNICEF – Living Schools:
The United Nations Children’s Fund (UNICEF) has been advocating for the health, education and rights of children and mothers in 190 countries since 1946. UNICEF is politically involved against the use of child soldiers and for protecting refugees and for implementing the Convention on the Rights of the Child. Posteo supports the project Living Schools in Malawi. Schools are being built there that are based on principles of ecological awareness, e-learning and participation in decision-making. The schools have their own water supply system for clean drinking water and sanitation, use solar energy and teach about environmental protection in their school gardens.

Netzpolitik.org:
netzpolitik.org is a journalistic platform for digital freedom rights and presents the important debates and developments about the internet. The platform documents how politics is changing the internet and society through regulation and the continued expansion of surveillance laws. With its work, netzpolitik.org wants to encourage people to become engaged for their digital freedom rights and an open society.

BUND:
Bund für Umwelt und Naturschutz Deutschland (BUND) is one of the largest German environmental organisations. Throughout Germany there are more than 2,000 voluntary BUND groups engaged with regional environmental topics. BUND is also engaged with climate protection, ecological agriculture and protection of threatened species, forests and water. BUND is the German member of the international environmental network, “Friends of the Earth”.

ECCHR:
The European Centre for Constitutional and Human Rights (ECCHR) is engaged with legal measures for human rights. The ECCHR lawyers’ aim is to hold state and non-state actors legally accountable for grave human rights abuses. Among others, the ECCHR was founded in 2007 by human rights lawyer Wolfgang Kaleck, who represents whistleblower Edward Snowden in Germany.

Posteo does business sustainably and is independent. Our service is financed entirely by our customers’ account fees. There are no investors or advertising partners at Posteo. You are what makes our involvement in these projects possible. We thank you very much for helping to make a difference.

Best regards,
The Posteo team

New security certificate

2022-01-17T11:00:00+01:00

Dear Posteo customers,

New fingerprint for the TLS security certificate for posteo.de:

Geotrust:
SHA256: A5:11:E3:82:F2:EE:3C:2A:79:6C:0D:6B:3B:D7:DB:BF:7C:C3:2C:0C:7F:E0:3F:E8:93:A4:42:27:CC:5C:30:60
SHA1: BF:6D:27:28:FD:32:DC:3A:A6:78:74:5E:76:D3:8D:92:06:69:7A:4C

Best regards,
The Posteo Team

New: TLS-receiving guarantee

2021-06-25T18:00:00+02:00

Dear Posteo customers,

We have released a new feature: Our TLS-receiving guarantee.
The new security feature protects you from receiving emails from servers that send them insecurely and rounds off our TLS guarantees: We have been offering a similar guarantee for sending emails for some time now. You can now activate your TLS-receiving guarantee in the settings.

New: TLS-receiving guarantee

Protection against insecure senders

If you activate the new security feature, we will refuse to receive an email to your mailbox if a server tries to deliver it without up-to-date transport route encryption. An insecure transmission from such servers through the internet is guaranteed to be prevented and you will immediately receive a notification from us. Even as a layman, you can thus immediately recognise who is not making sufficient efforts to ensure email security.
#more#
TLS protects your emails on their way through the internet

Nowadays, emails are transmitted via encrypted connections: The transport route encryption (TLS) protects your communication on its way through the internet. Without TLS, emails could simply be intercepted and read in transit. Therefore, almost all email servers now establish encrypted connections with each other as a standard.
The rate of insecure servers without up-to-date TLS encryption is already below 5% (Posteo survey May 2021).

We have tested the new feature both internally and with users over the course of several months. The conclusion: as a rule, the receiving guarantee is not noticed in everyday life, since the vast majority of senders nowadays support up-to-date encryption.
The largest share (>90%) of unencrypted contact attempts is now accounted for by spammers and a few newsletter distributors.

In the rare case that the transmission of a desired email is stopped due to a lack of TLS encryption, you and the sender will immediately receive a notification from us.

Then you have two options:

1. You decide for yourself whether unencrypted transmission is also an option for you in this instance. If so, deactivate the feature for a short time and ask the sender to send it again.
2. You point out the lack of security to the sender; we offer a template for this in our help section. During our field tests, the senders usually reacted within 1-2 working days and activated the missing transport route encryption. Every newly secured server is a contribution to IT security for everyone.

If an operator does not respond or is evasive, you can ask us for assistance at support+tls@posteo.de. We will then also contact the sender for you.

New security check before each email is received

For security reasons, a new TLS check is carried out every time an email is received. This ensures that your emails are not transmitted insecurely even if a server is temporarily not TLS-capable – for example, due to technical problems or an attack.
Transmission is also stopped if unauthorised third parties attack a secure connection and want to force the switch back to an unencrypted connection.

How to activate the TLS-receiving guarantee

You can now activate your TLS-receiving guarantee in the settings of your Posteo account under “Settings → My account → Transport encryption”. Our tip: You can also activate your TLS-sending guarantee there, which we have already been offering for some time.

In our help section, we have provided an article for you on the new TLS-receiving guarantee. With it you will learn how to activate and deactivate the feature – and how to proceed if the transmission of an email from an insecure email server has been stopped.

The TLS-receiving guarantee at a glance:

Emails are always guaranteed to be received via an encrypted transport route.
You and the sender will immediately receive a notification if we have stopped the transmission of an email from an insecure server.
Even as a layman, you can immediately recognise who is not making enough effort to ensure email security.
Downgrade attacks, in which an attacker can switch off modern, secure encryption, are prevented.
Outdated encryption protocols such as SSLv3, TLS 1.0 or 1.1 are not tolerated.
Man-in-the-middle attacks are made more difficult. If, like Posteo, the receiving server uses DANE, they are impossible.

Best regards,
The Posteo Team

New security certificate

2020-12-29T18:00:00+01:00

Dear Posteo customers,

New fingerprint for the TLS security certificate for posteo.de:

Geotrust:
SHA256: CA:AD:66:0A:5A:7F:0E:CD:85:31:77:89:0F:2B:41:82:D9:C7:37:A4:99:35:9F:C8:6D:83:A4:2C:94:5D:97:40
SHA1: A0:E0:98:21:9B:AE:81:56:21:50:7C:B4:76:AD:1F:76:24:2A:8B:32

Best regards,
The Posteo Team

New at Posteo: Attachment browser with photo stream

2020-09-03T12:30:00+02:00

Dear Posteo customers,

We are releasing a new feature for you: the Posteo attachment browser with integrated photo stream.
The new feature makes your account noticeably more modern and easier to use.
As of this morning, the attachment browser has already been made available to some of you.

In the coming weeks we will gradually make it available for all accounts.
You can then find it in the menu under “Attachments”.

All attachments in a convenient overview

Email attachments neatly arranged in a list.

This feature allows you to manage your emails in new ways — attachments are displayed in a separate overview, independent of the corresponding emails. From there you can view, download and delete attachments with ease. Also finding attachments has been made easier. In the attachment browser you can search for files sent from various contacts, at specific times, with specific file names or file types — and combine the search filters. Photos you have received can be found exactly as quickly as contracts or invoices.

The attachment browser makes it easier to work in your own account — while providing you with more convenience and organisation. There is a photo stream available for viewing images.

#more#
Viewing photos in privacy with the photo stream

The new photo stream provides a modern appearance for your account. Photo attachments are visually displayed in a way that might be familiar to you from social media platforms, but remain within the privacy of your email account. The stream can be filtered at your convenience — the photos from your recent vacation can be found as quickly as the photos from the family reunion. Additionally, you can quickly identify which photos you no longer need: a photo can be downloaded or deleted with two clicks.

Photos can be viewed in the photo stream.

Delete attachments, save storage space and protect the climate

Many of you requested a separate feature for deleting attachments.
This is now conveniently made possible with the attachment browser at the touch of a button. Attachments that are no longer needed can be deleted while keeping the corresponding email. This frees up storage space and saves resources. Because data saved online continually uses energy. So that you can remember that the deletion occurred, a note summarising which file was deleted as well as the time of deletion is added to the email. This will also be reflected in local email clients and apps.

With the filter option “size” you can quickly obtain an overview of which files and images are taking up a considerable amount of storage space.
You can load the photo stream in the attachment browser via “Images”. In our help section you can find information as well as step-by-step guides for the new feature.

Comprehensive tests and external security check

Attachments can be deleted from emails.

The attachment browser with photo stream is a Posteo in-house development. We develop ourselves because we have specific requirements for privacy, security and sustainability. For example, as a matter of principle we do not collect any personally related inventory data or traffic data like IP addresses. As a service without advertisements we also refrain from tracking and incorporating social media plug-ins. Because of this, new features are conceptualised so that they effectively continue to not accumulate any personal data in the background. This strengthens your right to informational self-determination — and saves energy resources. Because unnecessary processes, logs and data heaps use a lot of energy.

Your attachments are a sensitive commodity worth protecting: they are subject to telecommunications secrecy and are protected by basic rights. Because of this, your access to your data and its display occur in real time within your account. It is not temporarily saved in databases which is frequently the case with such features. Your data always remains within your account. Also the preview images of the photo stream are not held in databases, but rather generated in real time from your emails as soon as you access the stream. The new feature has been comprehensively tested and additionally checked by independent security researchers (Cure53).

Encryption at the touch of a button

The attachment browser and photo stream are also compatible with our crypto mail storage. If it has been activated, all data saved within the account is encrypted with your password. The new feature is then accessed within the privacy of your own encrypted account. Even we, as the provider, do not have access to your data. This principle can be compared with device encryption on smartphones.

Email attachments that have been sent with end-to-end-encryption (PGP/S/MIME) can not be displayed in the attachment browser.

More updates coming soon

Already in the near future we will be making additional improvements available to you — an optimised version of Posteo webmail for smartphones will also be made available soon. The attachment browser and photo stream have already been customised for mobile use.

Best Regards
The Posteo Team

Enigmail users: do not update to Thunderbird 78

2020-07-01T14:45:00+02:00

Dear Posteo customers and interested parties,

Today we address all users of the encryption add-on Enigmail in Thunderbird. If you regularly encrypt your emails with OpenPGP and depend on this feature, please avoid updating to the forthcoming Thunderbird release (version 78.0). Enigmail will no longer be supported in Thunderbird 78. The program’s new and own implementation of OpenPGP encryption is still in an experimental phase and is deactivated by default.

Should you use automatic updates, no further action is required. An installation of the Thunderbird 78 update will not occur automatically.

Background information:
This summer, Mozilla is planning on releasing a new version of Thunderbird (78.0) that will change how add-ons are supported. Among other reasons, this became necessary due to security issues.
This was also made clear from a security audit commissioned by Posteo at the end of 2017. Various security issues in Thunderbird were identified, particularly with its add-on interface.

Third-party add-ons like Enigmail, that need to access internal components of Thunderbird, will no longer be supported.

Because of this, Mozilla is implementing their own OpenPGP feature in Thunderbird 78. This built-in encryption is planned to replace the Enigmail add-on..
Currently OpenPGP support in Thunderbird 78 is categorised as experimental and is disabled by default: Enigmail is no longer supported in Thunderbird 78.

Waiting for Thunderbird 78.2

From Thunderbird 78.2 onwards, OpenPGP is planned to be made available by default in Thunderbird. We will inform you as soon as this version is made available and an update for OpenPGP users is possible.

Best regards
The Posteo Team

Precautions against corona: Posteo Lab in Berlin is temporarily closed

2020-03-10T18:30:00+01:00

Dear Posteo customers,

We have a brief announcement:
Because of the increasing spread of the coronavirus, our Posteo Lab, located on top of Berlin’s “Kreuzberg”, will remain closed until further notice.

Our Posteo Lab is our public space in Berlin.
Interested parties can normally come and visit daily between 3 and 6 p.m. to test out Posteo, add credit to their accounts and ask questions.

We apologise to everyone who planned to visit in the near future. We appreciate your understanding.
We will make a new post in our blog as soon as we open the lab again.

The background behind closing the lab is that we have recommended to our team that they work from home whenever possible already since the end of February.
Because of this, we are no longer able to consistently have staff in the lab. We also would like to reduce the risk of infection with this temporary closure. Apart from that, our business operations are not affected by the coronavirus. You can send all inquiries via email to support@posteo.de and can add credit to your account again online.

Best regards,
The Posteo Team

Transparency notice: Our donations for 2019

2020-02-19T20:00:00+01:00

Dear Posteo customers and interested parties,

We have a transparency notice for you: we have updated our donations page. On this page, we document the organisations that we financially supported during the previous year (2019).

Over the past year, we donated a total of 44,500 EUR. Of this, 42,045 EUR constituted voluntary donations by Posteo. The remaining 2455 EUR came from users that donated remaining credit when terminating their account. In comparison with the previous year, we were able to increase our donations in 2019 by 3900 EUR.

#more#

It is important to us that we encourage social engagement and take responsibility as a company.
Because of this, we donate to selected charitable organisations in the areas of environment and climate protection, internet politics and freedom of opinion, as well as refugee aid.

Posteo donated to the following organisations in 2019:

BUND:
Bund für Umwelt und Naturschutz Deutschland (BUND) is one of the largest German environmental organisations. Throughout Germany there are more than 2,000 voluntary BUND groups engaged with regional environmental topics. BUND is also engaged with climate protection, ecological agriculture and protection of threatened species, forests and water. BUND is the German member of the international environmental network, “Friends of the Earth”.

ECCHR:
The European Centre for Constitutional and Human Rights (ECCHR) is engaged with legal measures for human rights. The ECCHR lawyers’ aim is to hold state and non-state actors legally accountable for grave human rights abuses. Among others, the ECCHR was founded in 2007 by human rights lawyer Wolfgang Kaleck, who represents whistleblower Edward Snowden in Germany.

Netzpolitik.org:
netzpolitik.org is a journalistic platform for digital freedom rights and presents the important debates and developments about the internet. The platform documents how politics is changing the internet and society through regulation and the continued expansion of surveillance laws. With its work, netzpolitik.org wants to encourage people to become engaged for their digital freedom rights and an open society.

Reporters Without Borders:
Reporters Without Borders engages itself worldwide for freedom of the press and freedom of information. The organisation documents violations against freedom of the press and supports journalists that are in danger. Reporters Without Borders combats censorship and restrictive media laws.

UNICEF – Living Schools
The United Nations Children’s Fund (UNICEF) has been advocating for the health, education and rights of children and mothers in 190 countries since 1946. UNICEF is politically involved against the use of child soldiers and for protecting refugees and for implementing the Convention on the Rights of the Child. Posteo supports the project Living Schools in Malawi. Schools are being built there that are based on principles of ecological awareness, e-learning and participation in decision-making. The schools have their own water supply system for clean drinking water and sanitation, use solar energy and teach about environmental protection in their school gardens. E-learning opportunities are also available to the nearby community.

UNO-Flüchtlingshilfe:
UNO-Flüchtlingshilfe is the German offshoot of the Office of the United Nations High Commissioner for Refugees (UNHCR). It ensures the survival of refugees in acute crisis situations with life-saving emergency measures. UNO-Flüchtlingshilfe thus provides for sufficient supplies of water, food and medicines in refugee camps or regions that are hard to access, for example.

In addition to these donations, Posteo also sponsored in 2019:

taz – Panter Stiftung
Twice a year, the taz Academy invites 20 young journalists and activists to Berlin to produce a supplement together for the daily newspaper. In 2019 the subject was “Save the environment? Of course, but how?”. Posteo supported the climate workshop as a sponsor.

Reporters Without Borders – Press Freedom Awards
The Press Freedom Awards given by Reporters Without Borders (RSF) honours particularly courageous and independent journalists who will not be silenced despite adverse circumstances and great danger to life and limb. In 2019, Posteo donated the prize money for the “Courage” category in journalism.

Best regards,
The Posteo team

New security certificate

2020-01-06T17:00:00+01:00

Dear Posteo customers,

New fingerprint for the TLS security certificate for posteo.de:

Geotrust:
SHA256: 0D:E9:93:36:62:E6:B7:39:F3:35:A8:AC:14:70:37:29:5F:E7:C4:B5:DB:3E:6C:55:AC:21:62:F6:82:CA:63:05
SHA1: AB:5F:22:76:52:78:05:DC:5B:5C:B3:EC:34:B3:C1:1A:FE:58:62:85
MD5: C9:FF:8D:19:7C:F7:FF:40:32:9B:FB:07:01:1C:5C:6F

Best regards,
The Posteo Team

Reporters Without Borders: Posteo supports the Press Freedom Awards

2019-09-10T14:00:00+02:00

Dear Posteo customers,

The Press Freedom Awards given by Reporters Without Borders (RSF) honours particularly courageous and independent journalists who will not be silenced despite adverse circumstances and great danger to life and limb. Posteo is donating the prize money for the “Courage” category in journalism.

The nominees for the “Courage” category in the Press Freedom Awards Source: Reporters Without Borders

It’s a pleasure for us to be able to support courageous media representatives in such a way. On September 12th, the Press Freedom Awards will be held in Berlin for the first time.

This year’s nominees for three prize categories hail from 12 different countries. Among them is a Russian investigative journalist who has already been the target of multiple attacks, a Vietnamese journalist who has been beaten and imprisoned because of her work as well as Pakistan’s oldest daily newspaper that has been repeatedly harrassed by officials.

The nominees from the “Courage” category sponsored by Posteo

Igor RudnikovSource: Reporters Without Borders

 
Igor Rudnikov (Russia) – There have been multiple attacks directed towards the founder of the independent newspaper Novye Kolesa because of his research on corruption and public fund embezzlement. Furthermore, he was arrested because of his work. In prison he continued to write articles and a book that contains the quote: “Thought cannot be handcuffed or thrown in prison. It will always be free.”

Eman al NafjanSource: Reporters Without Borders

 
Eman Al-Nafjan (Saudi Arabia) – The blogger and journalist has campaigned massively for women to be allowed to drive cars and to have more rights. Because of this, she was arrested. Currently she has been temporarily freed. She created the website SaudiWoman.me and writes for international media outlets like the British newspaper The Guardian and the New York Times. Since mid-2018 the state has also permitted women to drive cars.

Paolo Borrometi Source: Reporters Without Borders

 
Paolo Borrometi (Italy) – He is regularly threated with death because of his fearless reporting about the mafia and is constantly under police protection. He writes for the newspaper Giornale di Sicilia and his own website La Spia.

Lola Aronovich Source: Reporters Without Borders

 
Lola Aronovich (Brazil) – The blogger has made a name for herself with her feminist texts and commitment to women’s rights. At the same time she has been treated increasingly with hostility. She receives hundreds of death threats online. Since 2018, a law has been put into effect in Brazil that enhances traceability for misogynistic crimes online. It has also been called the “Lola Law”.

Premiere in Germany

The non-government organization, Reporters Without Borders has been presenting the Press Freedom Awards for 27 years now. Traditionally the event takes place in France – the country where RSF was founded. To celebrate 25-years since its creation, the German section of the organisation is hosting the awards ceremony this year.

The awards recipients will be announced on September 12th in the Kammerspiele of Deutsche Theater in Berlin. The jury is made up of presidents from the seven global RSF sections. It will also include the so-called Emeritus Board, which consists of men and women that have rendered outstanding services in various areas of human rights and freedom of speech.

Our support

It is important to us to encourage social engagement and to take responsibility as a company. We therefore support selected charitable organisations in the areas of climate and environmental protection, internet politics and freedom of opinion, as well as refugee aid.

Best regards,
The Posteo Team

New security certificate

2019-01-15T14:30:00+01:00

Dear Posteo customers,

New fingerprint for the TLS security certificate for posteo.de:

Geotrust:
SHA256: 4D:BE:FA:8D:28:6A:D3:73:85:A1:B9:3F:77:D0:5F:E9:70:DD:BF:91:B6:0B:66:3A:1E:4B:C0:3D:4F:71:90:D0
SHA1: 73:4A:26:46:D0:A3:95:1D:52:88:83:F4:12:E9:CA:35:67:8A:6A:07
MD5: BD:6F:47:5C:8E:A9:82:87:E1:DC:A1:7C:07:85:95:A7

Best regards,
The Posteo Team

Cartography for Relief Organisations: Missing Maps host an evening at Posteo Lab

2018-08-27T17:01:00+02:00

Improving maps in Nigeria — all the way from Kreuzberg. This was made possible on August 14th in our Berlin-located Posteo Lab, where a new Missing Maps Group hosted their first German mapathon. With guidance from Missing Maps, volunteers improve online maps at mapathons by plotting villages and streets on satellite imagery. At the events organised by Missing Maps, OpenStreetMaps of crisis regions are improved upon. This can, for example, aide relief organisations in planning their operations more effectively.

Missing Maps is a humanitarian project that was founded in November 2014 by the American and British Red Cross, the Humanitarian OpenStreetMap Team and Doctors Without Borders. Since then, Missing Maps has regularly organised mapathons in various European countries. About 17 interested parties participated in the first German event at Posteo Lab. #more#
#more#
The focus of the event in Berlin was satellite imagery of Niger State in western Nigeria. Currently there are active teams from medical relief organisations that need more precise maps of the region for their work.

The mapathon began with a detailed introduction by Marcel Werdier from the organisation Missing Maps. He clearly explained in a presentation how mapping works. He also demonstrated the required programs and outlined the most important rules for plotting maps to the volunteers.

After the presentation, the volunteers could immediately apply their newly gained knowledge and began plotting maps on the laptops they had brought with them. They analysed satellite imagery and plotted streets and villages with just a few clicks. The team from Missing Maps helped the participants and answered all questions that came up.

At the end, there was a final presentation where the volunteers could see the progress of their collective efforts made on the maps. The knowledge they gained from this experience can continue to be applied when mapping in private.

The team from Missing Maps was very satisfied with their premiere mapathon in Germany. There are plans to organise more evenings like this one in Berlin.

Background Information
Because we want to strengthen social engagement, we regularly make Posteo Lab available to charitable associations and organisations free of charge. It’s important to us that the events hosted at Posteo match our values in sustainability, technology, democracy, open source, internet politics, IT security and privacy. If you’re interested in hosting an event here, send us an inquiry at veranstaltungen@posteo.de.

Posteo is financed 100 percent by user fees. We’d like to take this opportunity to thank our user for making our social engagement possible.

Transparency notice: Our donations for 2017

2018-07-12T15:05:00+02:00

Dear Posteo customers and interested parties,

In the name of transparency we have updated our donations page, where we document the organisations that we financially supported during the previous year (2017).

During last year, Posteo donated a total of 34,600.00 EUR. Of this, 33,022.05 EUR constituted voluntary donations by Posteo. The remaining 1,577.95 EUR came from users that donated remaining credit when terminating their account.
In comparison with the previous year, we were able to increase our donations in 2017 by 5,000 EUR.

Posteo donated to the following organisations in 2017:

BUND:
Bund für Umwelt und Naturschutz Deutschland (BUND) is one of the largest German environmental organisations. Throughout Germany there are more than 2,000 voluntary BUND groups engaged with regional environmental topics. BUND is also engaged with climate protection, ecological agriculture and protection of threatened species, forests and water. BUND is the German member of the international environmental network, “Friends of the Earth”.

German Red Cross (DRK):
The German Red Cross (DRK) is one of the largest German help organisations. The DRK is active worldwide and can be present anywhere in the world in co-operation with partner organisations. In the face of the threat of climate change, the DRK has realised multiple projects along with the Ministry of Foreign Affairs to support people internationally who suffer from the effects of climate change. Our donations go towards a project in the Amazon in Peru, where 1.3 million people are acutely threatened by the increase in extreme weather events due to climate change. The donations are used to set up houses with secure architecture on raised platforms. In addition, blankets and hygiene kits are distributed and a health service set up.

ECCHR:
The European Centre for Constitutional and Human Rights (ECCHR) is engaged with legal measure for human rights. The ECCHR lawyers’ aim is to hold state and non-state actors legally accountable for grave human rights abuses. Among others, the ECCHR was founded in 2007 by human rights lawyer Wolfgang Kaleck, who represents whistleblower Edward Snowden in Germany.

netzpolitik.org:
netzpolitik.org is a journalistic platform for digital freedom rights and presents the most important debates and developments on the topic of the internet. The platform documents how politics is changing the internet and society through regulation and the continued expansion of surveillance laws. With its work, netzpolitik.org wants to encourage people to become engaged for their digital freedom rights and an open society.

Reporters Without Borders:
Reporters Without Borders engages itself worldwide for freedom of the press and freedom of information. The organisation documents violations against freedom of the press and supports journalists that are in danger. Reporters Without Borders combats censorship and restrictive media laws.

UNO-Flüchtlingshilfe:
UNO-Flüchtlingshilfe is the German offshoot of the Office of the United Nations High Commissioner for Refugees (UNHCR). It ensures the survival of refugees in acute crisis situations with life-saving emergency measures. UNO-Flüchtlingshilfe thus provides for sufficient supplies of water, food and medicines in refugee camps or regions that are hard to access, for example.

In addition to these donations, Posteo also sponsored taz.panterstiftung.

Posteo does business sustainably and is independent. Our service is financed entirely by our customers’ account fees. There are no investors or advertising partners at Posteo.
You are what makes our involvement in these projects possible. We thank you very much for helping to make a difference.

Best regards,
The Posteo team

Update: Information about "Efail" reports

2018-05-14T18:40:00+02:00

Update on May 15, 15:30:

We have an update for all users of Mailvelope:
The open source encryption plug-in Mailvelope is not affected by the critical Efail vulnerabilities and can continue to be used. Mailvelope communicated this information earlier this afternoon. With Mailvelope, PGP can be used in Posteo’s webmailer. We are in contact with the Mailvelope developer, Thomas Oberndörfer.
Nevertheless, he announced that they will improve the plug-in’s handling of HTML emails in regards to privacy for example by making the loading of external content such as images optional.
He recommends that users update to today’s release (Version 2.2.2) as minor problems have been fixed.

May 14, 18:40:

Dear Posteo users,

Today, the media has reported vulnerabilities within the end-to-end encryption standards, PGP and S/MIME.

We only became aware of the investigation today. Because of this, we cannot make any final assessments about the publication yet. We’re currently examining the document for you and are getting assessments from security experts. Furthermore, we have made contact with developers from current encryption software.

We’d like to respond to some questions we’ve received and also provide some initial tips for users of PGP and S/MIME. We will update this blog entry with any news.

Summary:
1.) If you do not use end-to-end encryption with PGP or S/MIME then you are not affected by this issue.
2.) If you use PGP or S/MIME, disable HTML rendering and external content from being loaded. (We’ve provided instructions on how to do this at the end of this blog entry)
3.) All participants of an encrypted communication must take the measures described in point 2.) of this summary.

Is email encryption unsafe now?

No, as a generalisation this is not correct as there is no “singular” form of email encryption. In general, emails nowadays are simultaneously secured through various security and encryption technologies. For example, end-to-end encryption does not protect the entire email communication even if many people believe it does. It only protects the content data.
The email’s metadata and subject are protected by the providers’ transport route encryption.

In reality, the security of an email correspondence depends on the combination of various technologies. When one encryption technology is viewed separately, it doesn’t say much about the actual security of a specific email communication in practice.

Attacks are only possible under strict conditions

The creators of this investigation presume in their scenario that an attacker already has access to an encrypted communication. However, nowadays email providers utilise security technologies that effectively prevent man-in-the-middle attacks and unauthorised access to encrypted communication.

The German Federal Office for Information Security (BSI) also describes the conditions for an attack (German text):
“An attacker has to have access to the transport route, the mail server or the email account of the recipient to exploit the vulnerabilities.”

The fact is that providers today are constantly improving secure transport routes, mail servers and accounts. We always utilise state of the art technology. Users should also secure their end devices as well.
Here’s an example of how we secure transport routes. In 2014, we were the first provider to implement the innovative technology DANE that eliminates the current vulnerabilities in transport route encryption (TLS). A combination of end-to-end encryption with a DANE-based transport route encryption results in a very high level of protection.
Tip: In Posteo’s webmailer you are notified before sending an encrypted email whether it will be protected with DANE or not .

We protect email servers with numerous technologies and an infrastructure that particularly protects our internal network and customers’ mailboxes consistently from external access. You can protect your account with a strong password. We encrypt every access to your account with the latest technologies. You can achieve an even higher level of protection if you activate two-factor authentication with additional email account protection. By activating the TLS-sending guarantee, you prevent your emails from being transferred to another email server without transport route encryption.

The German Federal Office for Information Security (BSI) describes another condition for an attack:
“Additionally the recipient would have to allow active content, or in other words, the rendering of HTML code and in particular the loading of external content.”

Because of this, users of end-to-end encryption should immediately review and adjust their settings for loading HTML code and external content accordingly. This should avert any acute dangers.

Guide for disabling external content from being loaded or HTML rendering

Thunderbird:
Disable HTML rendering:
1. Click on the sandwich-button in the top right corner of Thunderbird.
2. Click on “View”.
3. Under “Message Body As” select the menu item “Plain Text”.
Disable external content:
1. Click on the sandwich-button in the top right corner of Thunder and open “Options” / “Preferences”.
2. Open the menu item “Privacy”.
3. Under the category “Mail Content”, remove the tickmark “Allow remote content in messages”.

Apple Mail:
1. From the menu bar click on “Mail” and open “Preferences”.
2. Open the menu item “Viewing”.
3. Remove the tickmark from “Load remote content in messages”.

iOS:
1. Open “Settings”.
2. Touch “Mail”.
3. In the category “Messages”, deactivate the switch next to “Load Remote Images”.

Outlook:
1. Click on “File” and on the side menu on “Options”.
2. Open the menu item “Trust Center” and click on “Trust Center Settings”.
3. Click on “Email Security”.
4. In the section “Read as Plain Text” place a tickmark next to “Read all standard mail in plain text” and also by “Read all digitally signed mail in plain text”.
5. Confirm the changes with a click on “Ok”.

Best Regards,
The Posteo Team

New security certificates

2018-01-09T13:00:00+01:00

Dear Posteo users,

In the coming days we will be updating our security certificates. Security certificates are only valid for a specified time period and need to be renewed from time to time. We will therefore be changing them by 22.01.2018. We continue to use certificates from Geotrust (Digicert) and the Bundesdruckerei (D-Trust).

In most cases you will not notice anything when the certificates are changed over. All programs such as Thunderbird or Outlook will find the new certificate automatically. You do not need to do anything. If your program displays a certificate error during the changeover process, please simply restart the program, which should overcome the error.

If you check the trustworthiness of certificates manually, you can find the fingerprints for the new certificates that we will shortly begin using, below. You can also find the fingerprints in our legal notice.

New fingerprints for TLS security certificates

Geotrust:
SHA256: FB:28:42:1E:23:AD:8A:23:8B:AB:C1:ED:FD:86:FD:F5:30:C6:D9:35:E0:E6:D8:91:CD:F3:77:66:05:C5:75:33
SHA1: AC:9D:4C:F6:36:78:FE:D6:EB:5C:CE:F9:DA:CB:69:CE:0A:93:F4:58
MD5: E9:B3:0A:C5:76:86:0C:FC:15:3D:43:D9:6E:CD:FC:CE

D-Trust:
SHA256: 09:63:1B:8C:35:CD:67:0E:AB:60:B3:63:1E:F3:42:DB:9F:43:5E:09:AD:09:A5:90:49:33:26:F2:FD:B4:D7:AA
SHA1: B6:B8:3C:59:23:22:33:07:88:9E:DD:B9:8D:2D:ED:6C:FA:32:E9:04
MD5: 5D:3F:4C:A3:72:7F:8B:3A:54:92:B4:C8:BC:D5:D9:B7

Best regards,

The Posteo team

New: Easy email encryption with Autocrypt and OpenPGP header

2017-12-21T18:30:00+01:00

Dear Posteo users,

Starting this week, we are now supporting the new encryption method Autocrypt, which will soon simplify real end-to-end encryption in email applications. Posteo customers will be able to use the technology as soon as email applications supporting Autocrypt are available.

The trendsetting method is being integrated into popular email applications such as Thunderbird with Enigmail and K-9 Mail for Android. New versions of these email applications (Enigmail 2.0 and K-9 Mail 5.3) will support Autocrypt.

When email senders and recipients are using email applications compatible with Autocrypt, they can use end-to-end encrypted communication with no additional effort: the email applications automatically encrypt emails with PGP prior to transmission while exchanging public keys automatically in the background. The manual exchange and management of keys – which users often perceive as complicated – is becoming superfluous: Prior to the first encrypted communication, a regular empty email (without content) is sent. With this, the key is transferred in the background. Henceforth, messages can be encrypted automatically.

Autocrypt is a free and open standard, works with all email providers and uses real end-to-end encryption with the private key always remaining with the user. That’s one of the reasons why we support the method.
#more#

Why we already support Autocrypt and protect keys additionally

A first version of Autocrypt is being integrated into popular email applications. The involvement of email providers in the key exchange has not been intended yet. The provider sided support generates benefits for the end user which we want to showcase with our early implementation.

It is very important to us that Posteo customers will be able to use Autocrypt from the very beginning – as comfortable and secure as possible.

Our contribution to comfort:
Thanks to Autocrypt, email applications can soon automatically exchange public keys within the email headers. Our provider sided support makes it possible for an Autocrypt compatible application to receive a public key even if the sender uses an email application without support for Autocrypt. If the sender’s public key is available to us, we will take over that task: Posteo adds the Autocrypt header prior to every email transmission. Your communication partner is able to reply encrypted – without a manual key exchange.

Your current public key is transmitted inside the Autocrypt header with every sent email. Therefore, there is always a copy of your current key available in the applications of your communication partner – without manual key management.

Our contribution to security:
We provide an additional layer of security with digital signatures (DKIM). For Autocrypt the use of DKIM has not been planned yet. Our provider sided DKIM-signature makes it impossible for a public key to be invisibly manipulated by a third party during transmission. An Autocrypt header attached by your local email application is signed with DKIM by Posteo. DKIM-signatures occur only when the sending address matches with the sending mailbox.

How Autocrypt is integrated into Posteo

Many Posteo customers have published their public PGP key in the Posteo key directory. If these customers send an email, we add the Autocrypt header into the email. This header contains your public key. If your email application adds an Autocrypt header by itself, this header will not be changed and no additional header will be added.

- Posteo customers who additonally activated the Posteo inbound encryption using their public PGP key want every incoming email to be encrypted. This information is added to the Autocrypt header as well. That way, email applications compatible with Autocrypt will know that a recipient at Posteo wants an encrypted reply.

- In addition to the new Autocrypt header we also add the so called OpenPGP header, which informs the receiving email client on where it can find the public key. With this, the URL for the download from the Posteo key directory will be transmitted. The OpenPGP-header will be signed with DKIM, too.

What can you do?

In day-to-day life, encrypted communication with Autocrypt will work without your involvement. The manual exchange and management of end-to-end encryption keys becomes superfluous. All you need is your personal PGP key pair.

- Install the upcoming major versions of Enigmail or K-9 Mail as soon as available.

- If you already own a personal PGP key pair for your Posteo email address, we recommend publishing your key in our Posteo public key directory. Then your public key will automatically be added to the header of every email you send. We explain how to publish your public PGP key at Posteo in this help article.

Security recommendations for implementing Autocrypt:
In our view, the automatic exchange of public keys in the background should always be accompanied by further security measures. We recommend other email providers to sign Autocrypt headers with DKIM. Application developers should consider further measures to secure the key and verify existing DKIM-signatures. Additionally, end users should be notified by their email applications if a public key is replaced with a new one or if a setting, that an email should be encrypted or not, is changed by an Autocrypt header. In this way, a possible manipulation by third parties can be detected.

Best regards,

The Posteo team

Security warning for Thunderbird users and Enigmail users: vulnerabilities threaten confidentiality of communication

2017-12-21T15:40:00+01:00

Dear Posteo users,
dear Thunderbird users and interested parties,

We have a security notice for everyone who uses Thunderbird or the encryption add-on Enigmail.

It is our goal to make popular open-source solutions more secure. Hence, last autumn we entered into a cooperation with Mozilla’s SOS Fund to commission a security audit of Thunderbird with Enigmail. This was the first security audit for Enigmail ever.

The goal of the audit was to identify vulnerabilities in the tested software and to make the software safer consistently. The current audit showed multiple vulnerabilities. The developers of Enigmail have already fixed all the problems that were discovered. Some of the security issues have already been fixed in Thunderbird, as well – but most improvements will only be available with future versions of Thunderbird. In addition to these vulnerabilities, there is a problem within the architecture of the Thunderbird add-on system.

All Thunderbird users with all providers are affected, including Gmail, Outlook.com or Yahoo.

We are asking all Thunderbird and Enigmail users to carefully read our security recommendations in this article. If you follow our security recommendations, you will already communicate more securely.
#more#

24 days, 8 security researchers, 22 vulnerabilities

The thorough audit of Thunderbird and Enigmail in autumn 2017 was conducted by independent security researchers (Cure53). The audit was financed in equal parts by Posteo and the Mozilla SOS Fund. It took 24 days and a team of 8 researchers to carry out the project.
The test covered the fields “Incoming Emails with PGP Signature / PGP Encryption”, “Incoming html Emails”, “Key Generation & Crypto Setup”, “Calendar, RSS and other features with Rich-Text Usage” as well as “Default Settings”.

In total, 22 security relevant vulnerabilities have been discovered, of which 3 were classified as “critical” and 5 as “high”. The developers of Thunderbird and Enigmail were involved in the audit and were informed immediately after the security audit.

The security researchers summarize the conclusions in their report as follows:

“A detailed look at the implementations of both Thunderbird and Enigmail revealed a high prevalence of design flaws, security issues and bugs. (…) In short, secure communications may not be considered possible under the current design and setup of this compound.”

Among the critical issues regarding Enigmail was the fact that it was possible to fake signatures as well as identities. Furthermore, the encrypted communication of users can be intercepted by third parties and could be compromised further on under certain conditions.
The Enigmail developers have already fixed all identified vulnerabilities and provided a new Enigmail version (1.9.9). We would like to thank Enigmail for their work.
However, Enigmail relies on Thunderbird, which will receive many of the improvements only in future versions.

Thunderbird add-on architecture puts your data at risk

This spring, architectural vulnerabilities in Firefox were confirmed as part of a Posteo audit. We then presumed these architectural vulnerabilties could also be found in Thunderbird, which is confirmed by the current audit:

The add-on architecture of Thunderbird allows an attacker to obtain your email communication through compromised add-ons. The add-ons are insufficiently separated and have access to the user content in Thunderbird. This includes end-to-end encrypted communication: Even a user’s private PGP key can fall into the hands of an attacker. Here, even Enigmail cannot improve the situation. It is even possible for an attacker to use compromised Thunderbird add-ons to gain access to parts of your device and your sensitive data.

The report advises caution:

“Assuming that a vulnerable or rogue extension is installed, an attacker acquires multiple ways of getting access to private key material and other sensitive data. (…) Henceforth, users are asked to be aware that extensions in Thunderbird are as powerful as executables, which means that they should be treated with adequate caution and care.”

Firefox has rebuilt the architecture in the current version 57. For Thunderbird it is not foreseeable when the add-on architecture will be changed.

RSS feeds can act as spies

The audit discovered profound security problems in connection with RSS feeds, which are expected to be fixed entirely in Thunderbird version 59. Due to security reasons, the actual attack will not be described in this post. The use of RSS feeds in Thunderbird can endanger and reveal your entire communication and other sensitive data.

Please consider the following security recommendations:

For all Thunderbird users:

Update Thunderbird to the latest versions as soon as they are available. The new versions will remove several of the vulnerabilities that were revealed in this audit.
Use Thunderbird preferably without or at least with verified add-ons until the architecture of Thunderbird has been rebuilt.
Do not use RSS feeds in Thunderbird for now. There are critical security problems threatening your entire communication.
Do not accidentally install add-ons through phishing, since rogue add-ons can be used to attack you.

If you follow these security recommendations, your communication will be notedly more secure.

For Enigmail users:

Update Enigmail immediately to the new version 1.9.9. This update removes all vulnerabilities identified in this audit.
Update Thunderbird to the latest versions as soon as they are available. The new versions will remove several of the vulnerabilities that were revealed in this audit.
Do not install any other add-on except for Enigmail until the add-on architecture of Thunderbird has been rebuilt.
Do not use RSS feeds in Thunderbird for now. There are critical security problems threatening your entire communication.
Do not accidentally install add-ons through phishing, since rogue add-ons can be used to attack you.

If you follow these security recommendations, your communication is notedly more secure.

Audit report to be published after vulnerabilities have been fixed
Due to security considerations we will publish the report after all identified vulnerabilities have been fixed, since the report describes the researchers successful attacks in detail. However, the report was made available to the participating developers, Posteo and Mozilla.

Posteo supports open source software
Posteo supports open source software with transparent code for security reasons. We are convinced that transparent code is essential for the security and democratic control of the internet. At any time, independent experts can identify vulnerabilities and backdoors, making software more secure step-by-step. With intransparent code there is a need to trust each provider’s or developer’s security statements, which are not reviewable by the public. For us, this is not an option.

Open source projects need your support

- Donate to the Thunderbird project to support further development of Thunderbird: https://donate.mozilla.org/en/thunderbird/
- Donate to the Enigmail developers to support further development of Enigmail: https://www.enigmail.net/index.php/en/home/donations

After the audit: what the participants say

Enigmail developer Patrick Brunschwig extends his thanks:

“Enigmail is one of the most widely used tools for OpenPGP email encryption. Yet it took 16(!) years of development until the first security audit was performed. It was more than overdue, and I would like to thank Posteo for taking the initiative and co-financing an audit report together with the Mozilla Foundation. Not very surprising for such an old project, the audit report revealed a number of important issues that were addressed now.”

Mozilla regards the audit as a success:

“Mozilla’s Secure Open Source Fund, a MOSS program, provides code-read security audits for key pieces of open source software. We are very pleased to have been able to collaborate with Posteo to audit one of the main software combinations used for secure email, and are glad that users’ data is safer and more secure as a result.”

Dr. Mario Heiderich from Cure53 hopes for a reopening of the bug bounty program of Thunderbird:

“In closing, once all relevant issues reported here by Cure53 have been fixed, it should be strongly considered to re-establish a bug bounty program for Thunderbird. This approach would help keeping the security level at an acceptable level instead of allowing it to deteriorate and move towards a stale state of datedness.”

Patrik Löhr from Posteo asks for changes in the add-on architecture of Thunderbird:

“We want to make open source software and end-to-end encryption more secure: security audits are the best way to achieve this aim.
It is a success that all discovered vulnerabilities in Enigmail have already been resolved.
The add-on architecture in Thunderbird, on the other hand, requires more work to achieve an up-to-date secure setup. Thunderbird is an essential tool for many people who work with email and communicate with end-to-end encryption. Therefore, the effort pays off.”

Best regards,

The Posteo team

Transparency notice: Our donations for 2016

2017-09-14T18:15:00+02:00

Dear Posteo users and interested parties,

In the name of transparency we have now updated our donation page, where we document the organisations that we financially supported during the previous year (2016).

It is important to us to encourage social engagement and to take responsibility as a company. We therefore support selected charitable organisations in the areas of environment and climate protection, internet politics and freedom of opinion, as well as refugee aid.

During last year, Posteo donated a total of 29.600,00 EUR. Of this, 28.002,00 EUR constituted voluntary donations by Posteo. The remaining 1.598,00 EUR came from users’ remaining credit. #more#

Compared to the year before we were able to increase our donations by 5,250.00 EUR for 2016.

As per the previous year, recipients of Posteo donations included Reporters Without Borders, UNO-Flüchtlingshilfe, Friends of the Earth Germany (BUND) and Netzpolitik.org.

A new addition is a German Red Cross project in the Amazon, where 1.3 million people are acutely threatened by the increase in extreme weather events due to climate change. The project sees houses set up on raised platforms with secure architecture. In addition, blankets and hygiene kits are distributed and a health service set up. The project sustainably contributes to ensuring the existence of people affected by climate change.

In addition, we support the European Centre for Constitutional and Human Rights (ECCHR) since 2016. The ECCHR lawyers’ aim is to hold state and non-state actors legally accountable for grave human rights abuses. Among others, the ECCHR was founded in 2007 by human rights lawyer Wolfgang Kaleck, who represented whistleblower Edward Snowden in Germany.

Posteo does business sustainably and is independent. Our service is financed by our customers’ account fees alone. There are no investors or advertising partners at Posteo.

You are therefore what makes our engagement possible – you make a difference, for which we thank you very much.

All recipients of Posteo donations can be found on our donations page.

Best regards,

The Posteo team

Help video: How to additionally secure your account with two-factor authentication

2017-08-23T16:30:00+02:00

Dear Posteo users,

We are often asked whether Posteo accounts can be additionally secured without requiring specific knowledge of computers. One possibility is to use two-factor authentication, which we have offered for some time now.

Two-factor authentication is simple but effective additional protection against unauthorised access. When logging in to the webmail interface, a one-time password is required in addition to the personal password. Two-factor authentication prevents account theft: If criminals or intelligence services capture your access information (username and password), they then have no possibility to access your account settings, change your password and lock you out of your account. Third party access of your account and security settings is effectively prevented.

In our experience, people without special knowledge of IT often do not trust themselves to activate two-factor authentication. Optimal online security is important for all, however. For this reason we have today published a video in which our help section editor Tim Vüllers shows you step-by-step how to set up the additional protection. He also explains how the process fundamentally works as well as demonstrating how he uses it on an everyday basis. In addition, he reveals another security trick – if you do not use Posteo with external email programs (such as Outlook and Thunderbird), you can block access for such programs. Thus two factor authentication additionally protects your emails against unauthorised access.

In future, we will be making additional help videos available. Our videos can be accessibly viewed with subtitles. There are also versions of the video available in English and French.

With two-factor authentication, no additional costs are incurred and you can use it on many different devices (computer, smartphone, tablet, YubiKey).
By the way: Our customer support is happy to provide further personalised help if you have any questions or problems with two-factor authentication. Detailed step-by-step instructions for setup can alternatively also be found in the Posteo help section.

Best regards,

The Posteo team

Update: Petya aimed at destroying data

2017-06-27T18:15:00+02:00

Update: July 3, 2017, 12:45:

Leading security firms now consider that Petya (also known as “PetrWrap” and “NotPetya”) was aimed at destroying data. Petya apparently disguised itself as ransomware but its aim was not to extort money. Analyses by IT security companies Kaspersky and Comae Technologies show that the malware did not encrypt data on the affected systems but instead deleted it. It appears that Petya overwrites data irreversibly, rendering restoration impossible. For the parties concerned, paying the ransom or contacting the attackers would have been useless.

The Posteo address specified in connection with the attack was immediately blocked by Posteo on Tuesday at midday, before the attack spread. The attackers did not replace the blocked address with another one.

June 27, 2017, 18:15:

Info on the PetrWrap/Petya ransomware: Email account in question already blocked since midday

Midway through today (CEST) we became aware that ransomware blackmailers are currently using a Posteo address as a means of contact. Our anti-abuse team checked this immediately – and blocked the account straight away. There was no press coverage at that time. We do not tolerate the misuse of our platform: The immediate blocking of misused email accounts is the necessary approach by providers in such cases.

During the afternoon it emerged that the “PetrWrap/Petya” malware is currently spreading quickly in many places, including Ukraine.

Here are the facts that we can contribute to “PetrWrap/Petya”:
– Since midday it is no longer possible for the blackmailers to access the email account or send emails.
– Sending emails to the account is no longer possible either.

We are in contact with the Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik).

What is ransomware?
“Ransomware” denotes malicious software, which becomes installed on a device, for example, by clicking a bad link or attachment. This primarily occurs when the device is poorly protected – when software installed there has not been updated for an extended time, for example. The malicious software prevents access to data and systems – and the user affected is requested to pay a ransom for the release of their data. Payment often does not lead to the data being released, however.

Best regards,

The Posteo team

New: Posteo migration service now for calendars too

2017-06-12T18:00:00+02:00

Dear Posteo users,

We have extended the Posteo migration service. From now on, you can transfer not only your existing email accounts and address books to Posteo, but also your calendars.

The extended migration service allows calendar transfer from providers such as gmx, web.de, Gmail, Aol or iCloud.

Here’s how it works: You can find the new, extended migration service in the settings of your Posteo account under “My account”. When you undertake a new migration service there, not only the email folders and address book will now be shown to you, but also the calendars from your previous account. With a click of the mouse you can conveniently select which items you wish to transfer to Posteo. You can decide yourself whether to delete the data from your previous provider after the transfer.

Special characteristics of the Posteo migration service:
It is free of charge, you do not require any special technical knowledge for the transfer – and you retain control of your data. We do not use transfer service providers. For this reason, your sensitive emails, address book and calendar data are never transferred over a third-party service at any point. We developed our migration service ourselves, so that it conforms to our high requirements in terms of security and data economy: Your data is collected by us directly from your previous provider and transferred to your Posteo account over encrypted connections.

For reasons of data economy, we also do not save the email addresses from which you have transferred data to your Posteo account, for example.

If you have any questions on transferring your calendar data or the Posteo migration service in general, please feel free to contact Posteo support.

Best regards,

The Posteo team

Security warning for users of Mailvelope in Firefox

2017-05-04T12:00:00+02:00

Dear Mailvelope users,

We have a security notice for anyone who uses the encryption add-on Mailvelope with Firefox.

We have had a current security audit of Mailvelope undertaken, in which a critical vulnerability was found in the interaction between Mailvelope and Firefox. Under certain circumstances, Firefox’s security architecture allows attackers to access users’ private keys via compromised add-ons. We therefore ask all users of Mailvelope in Firefox to carefully read our security recommendations found in this article, below.

This also affects Mailvelope users with all other providers such as Gmail, Outlook.com, Yahoo!Mail, etc.

Firefox’s architecture does not sufficiently compartmentalise add-ons from each other – this has been known for years. The fact that a Mailvelope user’s private keys could be compromised via targeted attacks in Firefox was not proven until now, however. The security engineers that we engaged from Cure53 have now proved this. In the past, Cure53 had already audited Mailvelope for Chrome – on our assignment the engineers have now also investigated the plug-in’s interaction with Firefox. In their investigative report, they conclude that Firefox does not currently constitute a suitable environment for Mailvelope. They write,

“At the end of the day, the Cure53 testing team cannot in good conscience recommend the use of Mailvelope on Firefox.”

Weakness expected to last until November 2017

We informed Thomas Oberndörfer, the developer of Mailvelope, after the security audit. He is unable to fix the weakness, however, as it has to do with Firefox’s architecture. New architecture is already being developed at Firefox. Mozilla is planning to conclude this work with the release of Firefox 57 in November 2017. Oberndörfer is also working on a version of Mailvelope for the new and improved Firefox architecture. We would like to thank him for his development work.

Until Mozilla has updated the architecture, the following security recommendations apply:

Option 1.) In the interim, switch to different software. Either use Mailvelope in a different browser, or use PGP with a local email program. You can find various instructions for these options in the Posteo help section.

Option 2.) Alternatively, using an independent Firefox profile for Mailvelope minimises the risk in the interim. In the Posteo help section, we have published step-by-step instructions for the creation of Firefox profiles on Mac and on Windows. Mailvelope users with other providers can also follow these instructions. Please be sure to note the following security recommendations in order to effectively minimise the risk of a fruitful attack:

Do not install any further add-ons in the newly-created browser profile
Use the Firefox profile exclusively for your encrypted Mailvelope communication. Only access your provider’s webmail interface and never visit other websites using this profile.
In addition, use a password for your PGP key that is as secure as possible
Be careful not to accidentally install any add-ons via phishing, through which you could be attacked

Due to the problems with the Firefox architecture, we additionally recommend:

Restrict the use of add-ons in the Firefox browser to a minimum, until Mozilla has updated the architecture
You can further protect yourself from potential attackers by setting up an additional user on your operating system for end-to-end encrypted communication

Here are the recommendations from the Cure53 report once again, for transparency reasons:

“Two paths can be recommended for the users who rely on Mailvelope for encryption and decryption of highly sensitive data. First, they could use Mailvelope on a browser profile that hosts only and exclusively Mailvelope with no other extensions. Secondly, they would need to rely on a different software solution, for instance Thunderbird with Enigmail.”

“At present, any users working with Mailvelope on Firefox are encouraged to export their settings, delete the extension and migrate their setup to a Mailvelope installation running on Google Chrome. Alternatively, a separate browser profile running Mailvelope only could be used, with the caveat that one must not have any other extensions installed in order to minimize the risk of key material leakage.”

Security engineers engaged by Posteo found the weakness

In their daily activities, our customers use various devices, browsers and add-ons in their local environments. Our users’ communication security is very important to us – we therefore also continually have external standard components checked for weaknesses. Among others, we work together to this end with independent IT security experts at Cure53. They have now made a find with Mailvelope in Firefox.

Dr Mario Heiderich from Cure53 explains,

“the problem is currently located in the architecture. There is therefore no easy fix. Mozilla knows this, but also has to keep a difficult balance between radical changes and ones that are prudent but are often decisions that are slow to take effect. Things are going in the right direction, however, which is definitely something positive for more complex software.”

Thomas Oberndörfer of Mailvelope states,

“Mailvelope is naturally dependent on the security of the underlying browser. Weaknesses in Firefox’s add-on system have been known of for some time, so Mozilla’s improvement should be welcomed. Security audits such as the one undertaken by Posteo are important indicators for us to see how we can further improve Mailvelope.”

Report to be published after weakness is overcome

The weakness outlined above is expected to be overcome by Mozilla in November 2017. Out of consideration for security, we will therefore first publish the report at a later point. In it, the method of attack will be described in detail. The report is already available to Mailvelope and the BSI (German Federal Office for Information Security).

The security audit has also yielded some positive results for Mailvelope, which we would like to outline here: There was a check made as to whether email providers for which Mailvelope is used could access a Mailvelope user’s private keys saved in the browser – this was not possible. All other attempts made by the security engineers to access private keys saved in Mailvelope, such as operating third party websites or man-in-the-middle attacks, were also unsuccessful.

Weakness shows that open source increases security

For security reasons, we exclusively support open source components with transparent code – such as the encryption plug-in Mailvelope. In our view, transparent code is essential for the security and democratic control of the internet: Independent experts can at any time identify weaknesses or backdoors via code analysis, as happened here. A provider or developer’s security claims do not need to be trusted. With the security audits that we commission, we want to contribute to further increasing the security of established open source components and genuine end-to-end encryption.

Best regards,

The Posteo team

Transparency report: Requests from authorities to Posteo have markedly decreased

2017-02-03T16:30:00+01:00

Dear Posteo users,

We would like you to know how often authorities request user information from us. We have therefore released our transparency report for the year 2016. In the report, we detail how often investigative authorities reached out to us in the year 2016 – and how often we actually had to release data. The report contains all requests from authorities that we received in the year 2016. In addition, we also list the number of illegal requests in our statistics, because in practice, grievances exist, which we have for a while now been documenting with blacked-out examples.

Number of requests from authorities to Posteo markedly decreased

The number of email accounts operated by Posteo increased during 2016 by about 40%, while the number of requests from authorities markedly decreased. Altogether we received 35 requests from authorities in 2016 – in 2015 there were 48.

For content data, the number of requests decreased by 50%. In 2015, authorities requested content data from us on eight occasions, while in 2016 only four requests reached us. The number of accounts affected by releases also decreased from five to three.

For traffic data, the number of requests decreased even more. There were six such requests in 2015 and two in 2016.

Only the number of requests for user information increased slightly, from 27 in 2015 to 28 in 2016. As we do not collect any user or traffic information for email accounts for reasons of data economy, this data does not exist at Posteo – and therefore can not be released. We always quickly inform the authorities making these requests of this fact. All requests that arrived came from German authorities. Among them – as was the case last year – there was one request from an intelligence service.

Number of illegal requests unchanged

Unfortunately, numerous requests continue to arrive with us that are not formally correct. In 2016, this was the case for half of all requests for user information. The proportion of illegal requests for user information has therefore remained practically the same in comparison to last year. In all these cases we made complaints to the respective privacy offers responsible.

A new format for our transparency report in 2017

Until now, we always published our transparency reports in the summer. The reason that the publication date occurred later in the year was that we added emphases to the content of the reports, which often involved intensive research. Many of you desired publication of the numbers at the beginning of the year. For this reason, our transparency report for 2017 takes a different form. We now want to always publish numbers on the requests from authorities at the beginning of the year.

A second change is that we will in future publish thematic emphases spread between our transparency report site and this blog, during the year. These could, for example, be legal opinions that we have obtained, grievances that we identify in practice, or successes that we would like to report.

We have decided on this new, more flexible format for transparency because it fits better with our practical work. In addition, we are more often experiencing that the particularly privacy-oriented nature of our service is new to some authorities and leads to discussion about content or decisions that set a precedent. We would like to inform you about this outside of pre-specified times.

Transparency reports should become more comparable

Posteo was in 2014 the first German telecommunications provider to publish a transparency report. In the meantime, numerous other providers also publish similar reports.

We believe that transparency reports strengthen the informational self-determination of users. We are therefore pleased about this development. We would like to note that for users, these reports only have real value if they take a form that is as comparable as possible – and when the numbers provided are complete.

We therefore insist that two pieces of information are provided in reports on all requests from authorities for different types of data. First, how many requests there were for specific data, e.g. user information or traffic data. And second, how often the data was released in response to the request. In our view, transparency will only be obtained by providing both of these.

You can find our transparency report here.

Best regards,

The Posteo team

New security certificates

2017-01-17T10:00:00+01:00

Dear Posteo users,

In the coming days we will be updating our security certificates. Security certificates are only valid for a specified time period and need to be renewed from time to time. We will therefore be changing them by 22.01.2017. We continue to use certificates from Geotrust and the Bundesdruckerei (D-Trust).

New fingerprints for TLS security certificates

Geotrust:
SHA256: 30:2A:06:B8:CF:A8:5B:93:66:5A:44:66:E2:BB:84:05:FE:80:95:3F:5A:FE:D1:08:DB:3B:B0:0D:7C:42:B4:39
SHA1: BD:16:71:84:B0:B1:40:D9:0A:65:99:8C:E6:7B:01:D6:AA:5B:8B:67
MD5: 55:F5:81:51:91:CD:88:64:14:D5:AA:E2:D5:2E:2C:AB

D-Trust:
SHA256: 06:48:D6:E4:D3:79:42:79:81:77:0F:49:88:43:D7:65:EE:A8:6F:1F:12:6F:72:11:8F:A9:4C:A9:66:34:FE:B5
SHA1: 79:DB:A0:A9:57:D9:30:FA:EF:5F:72:69:FB:1B:EA:06:90:27:9F:4D
MD5: DA:59:74:62:7C:D1:12:4E:15:41:25:37:9B:56:D0:58

Best regards,

The Posteo team

Posteo becomes the first provider to receive a certificate for secure sending of emails

2016-12-08T18:40:00+01:00

Dear Posteo users and interested parties,

At Posteo it is especially important to us that you can securely send and receive emails. Today there is news on this front: We have become the first provider to receive a certificate for the new “secure email transport” technical guidelines by the Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, henceforth BSI). The goal of the BSI is to promote IT security.

The certificate was today awarded to us by the certifying authority “datenschutz cert”. Representatives of the BSI were also present. Via the certificate on our website, you can now identify that our security measures have been independently checked and proven to conform to BSI requirements.

Thomas Gast (BSI), Thomas Gilles (BSI), Ralf von Rahden (datenschutz cert), Patrik Löhr (Posteo), Florian Bierhoff (BSI)

The new technical guidelines detail the measures that an email service is to undertake in order to actively protect emails from unauthorised third parties during their transport. Email providers need to implement DANE if they wish to receive certification. DANE overcomes various weaknesses in the commonly-used transport route encryption, TLS. Among other things, DANE prevents so-called man-in-the-middle attacks, in which an attacker latches onto a communication process, annulling the encryption. In 2014, Posteo became the first provider to implement DANE. Since then we have committed ourselves to the dissemination of this new technology, which is pioneering in the confidentiality of digital communication. Thus our users can not only securely communicate with one another, but also with the users of other email services. We were therefore especially pleased that the free standard DANE has become necessary for the certification.

Since 2014 we have been engaged in a working group together with other email providers involved in a dialogue with the BSI that led to the formation of the technical guidelines. We pushed for high security requirements and simple implementation.

We frequently criticise authorities when things don’t work in practice, for example, in our transparency reports. On the other hand, we welcome the BSI’s new guidelines for secure email transport. The BSI was especially interested in working together with the providers to design the guidelines with a practical orientation. The guidelines correlate with the highest security requirements and the certification is also implementable in terms of the time and money involved for smaller providers such as Posteo.

New certificate identifies secure email services

In our view, the fact that claims made by email providers about their security measures can now be evaluated by independent authorities also constitutes great progress for users. From now on, users can identify whether a service has been proven to fulfil the criteria in the guidelines via the certificates on the providers’ websites. The logo with text “BSI TR-03108 zertifiziert” indicates the corresponding guidelines.

The BSI guidelines do not constitute a legal requirement, but rather recommend security measures to email providers. Providers that wish to receive a corresponding certificate need to prove that they fulfil all requirements set out.

Certification is undertaken by an independent body – Posteo was certified by datenschutz cert. Certification occurs entirely remotely, checking the email service’s public interfaces. Other email providers and services such as those of companies or universities, for example, can now register to be evaluated according to the technical guidelines. We hope that the guidelines further increase dissemination of the recommended security technology. High common standards also increase the level of security for emails that you send to contacts that use other email providers. Thus communication becomes more secure overall.

Best regards,

The Posteo team

Additional information for those with technical interests:

- The technical guidelines can be found on the BSI website,
- Posteo has used DANE since May 2014. You can read more about DANE here.
- End-to-end encryption does not render transport route encryption redundant. End-to-end encryption generally only protects the content of your communication, but not metadata such as the subject field and information as to who is communicating with whom. Transport route encryption with TLS protects the content as well as the metadata for emails on their way across the internet. DANE additionally secures this encryption. End-to-end encryption is always in the hands of the users, because no-one else can have access to the private keys. We recommend combining end-to-end encryption with strong transport route encryption on the provider’s side.

New: Webmail interface displays servers with the highest sending security

2016-08-18T17:00:00+02:00

Dear Posteo users,

We have just released a new feature for you: Our webmail interface now shows you which of your contacts you can send to with the optimal security of DANE technology. This can be recognised by a small, green DANE symbol above an email address.

For us, the new DANE display is something very special. When we introduced this new piece of security technology in May 2014, Posteo was according to heise.de the first provider worldwide to support DANE. Many IT experts were unsure at that time whether the new technology would become established. In the meantime, this has changed – it is now worthwhile displaying whether another server supports DANE: We now transfer emails to many email servers worldwide using DANE as standard, including large email providers such as 1&1 (as well as mail.com, GMX and web.de) and Comcast.

The technology is becoming widespread for good reason: DANE eliminates various weaknesses in the widely used transport route encryption between servers – STARTTLS, and increases security of the encrypted transport of emails. Without DANE, encryption would not be “forced”, for example, but instead newly-negotiated for each connection between the email servers involved. With DANE, email servers communicating with one another must encrypt every connection. If the encryption is disrupted or the communication is subject to an attack, the email will not be sent. Servers that are capable of DANE also undertake a check of their security certificates prior to sending – in a process similar to an ID check. This ensures that the other server is in fact the “actual target” of the communication and not a so-called man-in-the-middle placed in between. With DANE, encrypted sending can be ensured in advance, which is why we are providing a DANE status display in the webmail interface. In summary, for you the new display means that if you see the symbol displayed, your email is guaranteed to be transferred to that recipient with DANE. Firstly, it will be sent over an encrypted transport route, and secondly, it will be sent to the actual, legitimate recipient.

Tip: The TLS-sending guarantee also protects you for servers without DANE

If the DANE symbol is not displayed for an address, then the receiving server does not yet support DANE. Examples of large providers that do not yet support DANE include Gmail and Yahoo.

These do support encrypted connections between email servers. Without DANE, however, in case of interruptions or attacks as described above, unencrypted connections can occur. This the case anew for every single email. Without DANE, therefore, no serious assertion can be made about the security of a connection between two email servers.

Here is an important tip for you: With Posteo, you can categorically prevent sending without TLS.

Activate your personal TLS-sending guarantee in your account settings

This ensures that the transport route for your emails is guaranteed to be encrypted with TLS, even to servers that do not support DANE. If you activate the TLS-sending guarantee, we will only send your email when the message can be sent with encryption. If secure sending over an encrypted connection is not possible, sending of the email will not occur – and you receive a notification from us. Therefore, if an unauthorised third party attacks a secure connection wanting to force an unencrypted connection, sending will be prevented.

Best regards,

The Posteo team

Related reading: Why does Posteo display the DANE status but not the TLS status?

Kindle, GOP etc: What to do with insecure email servers

2016-07-28T17:00:00+02:00

Dear Posteo users,

In the last few days we have received a lot of positive feedback on our new TLS-sending guarantee, for which we would like to say thank you. We’re very pleased about how well the new security feature is being adopted. Within just a few days more than 20% of our users have activated the new feature. With the TLS-sending guarantee activated, your emails are only sent if they can be transferred to the recipient over an encrypted transport route. Because we are currently receiving a lot of queries, we will here look at some insecure email servers and show what options are available when sending is stopped.

First, here is an example, which we are receiving many enquiries about: Amazon “@kindle.com”.

The email servers for the commonly-used domain “@kindle.com” are in fact not secure. Even three years after the NSA scandal, the domain still does not support TLS encryption when receiving emails. Our tests confirm this. We have received numerous queries about the security of “@kindle.com” from users with the TLS-sending guarantee activated. In our view, the lacking TLS support presents a large problem, because customers use “@kindle.com” addresses to send their own documents to their Kindles. Amazon describes this feature as follows: “Kindle customers can send documents to their registered Kindle devices, free Kindle reading applications, and their Kindle Library in the Amazon Cloud by e-mailing them to their Send-to-Kindle e-mail address name@kindle.com.”

It appears that Amazon domains are not generally affected.

#more#

The current configuration of “@kindle.com” is insecure and presents a security risk. Whether you wish to continue sending sensitive data to “@kindle.com” addresses is your own personal decision. If desired, you could temporarily disable the TLS-sending guarantee in order to send. Please note, however, that due to the lacking security of @kindle.com, these communications can be read by unauthorised third parties such as criminals and intelligence services. For privacy reasons, you should not send other people’s data to kindle.com addresses – the others should be able to decide this for themselves.
We have no influence over Amazon’s IT. You could contact Amazon directly. It is generally not especially difficult for administrators of email services to activate TLS encryption on their servers. We assume that the domain will soon be secured if complaints arrive, as the lacking security constitutes a grave security risk. You would then once again be able to send emails to kindle.com addresses with the TLS-sending guarantee activated.

No encryption for GOP (Republican National Committee), the University of Oxford or Ryanair either

We are asking all users who have contacted us regarding email servers that are not capable of TLS encryption such as @gop.com, @kodakpulse.com, @communication.microsoft.com, @ox.ac.uk, @ryanair.com, @unog.ch, @melia.com and other domains (listed below) to decide in each individual case whether they wish to send an email to the insecure email system. For all servers that are not capable of TLS, communicating with these outdated email systems is insecure.

When sending is stopped, you have the following options:
- You can inform the recipient (if desired, using an alternative contact method) that securely sending an email to their address is not possible and ask them to provide an alternative email address.
- You can temporarily deactivate the Posteo TLS-sending guarantee and send the email securely, by furnishing it with end-to-end encryption.
- You can temporarily deactivate the TLS-sending guarantee and send the email unencrypted/insecurely, as an exception.

Ask the domain holders for better security

If you would like to, you could contact the holder of a domain to ask them to activate TLS encryption on their servers. By doing this, you contribute to achieving an improved overall security of email traffic.
Overall, it can be said that these days, mainly only outdated and poorly-maintained email servers do not support TLS. If you activate the TLS-sending guarantee, it will generally only rarely occur that one of your emails is not sent for security reasons.

Last of all, we have collated a list of examples of commonly-used email domains that astonishingly do not yet support TLS, about which we have received queries during the last few days:

- Amazon Kindle: @kindle.com
- Microsoft: @communication.microsoft.com
- United Nations Office at Geneva: @unog.ch
- University of Oxford: @ox.ac.uk
- Yahoo! Japan: @yahoo.co.jp
- Melia Hotels: @melia.com
- Kodak Pulse “Email pictures to the display”: @kodakpulse.com
- Germanwings: @germanwings.com
- eBay: @members.ebay.com
- German American Chamber of Commerce: @gaccny.com
- Pacific National Bank: @pnb.com
- Ryanair: @ryanair.com
- Voyages SNCF: @voyages-sncf.com
- Republican National Committee: @gop.com

Best regards,

The Posteo team

New: TLS-sending guarantee for additional security

2016-07-13T15:45:00+02:00

Dear Posteo users,

Today we have made a new, important feature available to you – our TLS-sending guarantee. This new security feature protects you from sending emails to insecure systems. You can now activate the new feature in the settings of your account.

Emails need to be transferred over encrypted connections so that criminals and intelligence services can not read them in an unauthorised manner. Three years after the NSA scandal, transport route encryption (TLS) has as a result become commonplace: All large email providers have now activated it on their systems. But what about the email systems to which you frequently send everyday emails or work-related emails? Prior to sending an email, it is not visible to the user whether the email systems used by business partners, doctors, clubs or schools support secure connections. Our systems, on the other hand, recognise this. Before sending each and every email, Posteo attempts to create an encrypted connection with the other email server in order to achieve secure sending.

If secure sending is not possible, the transfer is stopped
This is exactly where our new TLS-sending guarantee comes in: If you activate this security feature, we will only send your emails when the message can be securely delivered to the recipient. If secure sending over an encrypted connection is not possible, transfer of the email will be stopped – and you receive a notification from us. Sending is also stopped if an unauthorised third party attacks a secure connection, wanting to force an unencrypted connection.

If we notify you that sending was stopped, you can then decide yourself whether you would still like to send your message to the insecure system. To do this you can temporarily deactivate the TLS-sending guarantee and send your message (as an exception) without TLS. We designed the new feature as practically as possible: Whether you access your emails with a smartphone, in the webmail interface or in local email programs such as Outlook or Thunderbird, makes no difference. Each sending of an email undergoes our TLS security test. If you send an email to multiple recipients, sending is only stopped for those recipients to which the email can not be securely transferred. You are then notified by us via email as to which recipients were affected.

#more#
New security test before each email is sent
The new feature affords you additional clarity: You always find out about your contacts’ current communication security. For security reasons, a new TLS check occurs before sending every email, even for known recipients. Thus we ensure that your emails are not sent insecurely if a server is temporarily incapable of TLS, for example, due to technical problems or an attack.

You can now activate the TLS-sending guarantee in the settings of your Posteo account under “Settings” → “My account” → “Transport route encryption”. In our help section we have prepared an article on the new TLS-sending guarantee. There you can find out how to activate and deactivate the feature and how to proceed when the sending of an email to an insecure email server is stopped.

Additional information for IT pros:
- The TLS-sending guarantee prevents downgrade attacks, whose goal is to revert to unencrypted connections.
- Outdated and insecure encryption protocols such as SSLv3 or RC4 will not be tolerated: These also cause a stop on sending.
- Man-in-the-middle attacks are made more difficult and are always prevented if, like Posteo, the receiving server also uses DANE.

More about encryption at Posteo
Transport route encryption is one building block in our innovative encryption model. On our Encryption info page you can also learn about our other features: Here you discover, for example, how you can conveniently encrypt all saved data at the click of a button (crypto mail storage, address book and calendar encryption). We also inform about how we encrypt each access and all sensitive data, and present our end-to-end encryption features (key directory, PGP in the webmail interface, and more).

Best regards,

The Posteo team

New security technology and additional certificate

2016-04-04T14:30:00+02:00

Dear Posteo users and interested parties,

We would like to inform you about some new pieces of security technology at Posteo.

We have begun to support “Certificate Transparency” technology. In addition, we started using new technology known as “Certification Authority Authorization (CAA)” and “HTTP Public Key Pinning (HPKP)” a few weeks ago. These further increase the security of Posteo for you.

Nothing changes for you – and you do not need to do anything. In this blog article we merely wish to provide an insight into how we are protecting your data at Posteo using these features.

Certificate Transparency: No chance for certificate forgers

With Certificate Transparency, we can automatically monitor worldwide whether an unauthorised third party (criminal or intelligence service) attempts to represent itself as Posteo by falsifying certificates for our Posteo domains. Until now, it was very unlikely that a certifying authority would actually incorrectly authenticate an unauthorised party to be Posteo. The reason for this is that for many years we have used a so-called extended security certificate (EV certificate). These certificates are only issued following presentation of a range of documents. Criminals and intelligence services do, however, attempt to take on another identity using falsified certificates. They do this, for example, to lure customers of internet services to falsified phishing sites and capture their login details there, or to place themselves as the “Man-in-the-Middle” of a communications process.

With the new technology, we can evaluate 24 hours a day in close to real time whether someone attempts to manipulate our certificates and can therefore react immediately – ideally, before an attacker can make an attempt at fraud. You no longer need to trust the diligence of the certification authorities’ (CA) issuing of certificates: With the new technology, online services such as Posteo can check for themselves whether a certifying authority has incorrectly issued a certificate to an unauthorised party.

New certificate in the course of the changes

In order to be able to support the new pieces of security technology, we will in April begin implementing an additional certificate from Geotrust. This certifying authority already supports the new technology. Interested parties can find the fingerprints of all certificates (a series of characters with which a certificate can be verified as “real”) from now on the legal notice page of our website. All programs such as Thunderbird or Outlook will find the new certificate automatically. You do not need to do anything. If your program produces a certificate error during the transition process, please simply restart it, which should overcome the issue.

#more#

New security technology “Certification Authority Authorization” (CAA) in use for some weeks

For a few weeks we have been using an additional new piece of security technology in connection with certificates: Certification Authority Authorization (CAA). CAA is very new technology that is not yet widely circulated. With this new technology, we have lodged information in the DNS (the central request registry of the internet) as to which certifying authorities are authorised to issue certificates for our domains. This technology is still very new, which means that there is not yet any requirement for certifying authorities to observe it. We are nonetheless of the opinion that these entries are already very sensible: We want to show what is technically possible today and we hope that many telecommunications providers and certification authorities will soon use CAA. The technology can make internet access more secure overall, and further minimise the risk of falsified certificates.

German certifiers with Certificate Transparency are not yet practical

At the moment, it remains impossible for email services such as Posteo to implement certificates from German certification authorities as a main certificate in practice. Providers such as D-Trust (the Bundesdruckerei) do not (yet) know of some devices and programs that are widely in use. If an email service nonetheless uses a certificate from such an “unknown” certification authority, a large number of users receive constantly repeating error messages. The programs state that the certificates in place are not trusted. The situation does not look good in terms of the support of new technology, either: The Telekom Trust Center (TeleSec), for example, which is the certification authority for Deutsche Telekom AG, has indicated to us that it has no plans to support Certificate Transparency. These existing problems with German certifiers will only improve in the course of the coming years, if at all. A prerequisite for this, for example, is that German certifiers ensure that their so-called root certificates are recognised as trustworthy in all new-generation devices and programs.

Additional information for pros: Additional certificate security technology at Posteo

- For each secured domain, we always use at least two extended validation certificates on an equal basis. In case problems with a certification authority arise, we can immediately switch to the other certificate, without any disturbance to our users.
- We use HPKP (HTTP Public Key Pinning) to force browsers to accept our certificates only.
- We use DANE so that other email servers, browsers and programs can check our certificates with a falsification-proof DNS request.

Best regards,

The Posteo team

Chief privacy officer praises Posteo in yearly report

2016-03-30T16:30:00+02:00

Dear Posteo users and interested parties,

The new chief privacy officer for Berlin, Maja Smoltczyk, has presented Posteo in her yearly report for 2015 as a positive example of innovative privacy concepts. We are very pleased to receive this mention of praise from such a senior figure. We therefore present a translation for you to read:

“Posteo (posteo.de) is a webmail service with all the necessary features. As opposed to other webmail services, the user pays. For this fee, many things are avoided including any data identifying the user, analysis of user behaviour or even the content of messages. This begins with the user creating their account under a pseudonym: Apart from the desired email address and a password, no data is mandatorily collected. Even the prepaid payment can occur completely anonymously in cash. If the user chooses a payment process which involves their personal information, the connection to the email account made via a payment code is immediately deleted after the payment is processed. As well as the implementation of possibilities for transport route encryption when sending and receiving emails and when accessing the webmail interface, optional end-to-end encryption with PGP and S/MIME is also supported. One special characteristic is the feature to encrypt account content and address book: This allows for unencrypted emails to be saved with encryption in a simple manner. As opposed to encryption with PGP and S/MIME, traffic data is also encrypted in the email header. The encryption occurs in the background at the moment that the relevant email is opened. When using this feature, choosing a secure and long password is particularly important.” (p51)

“Data protection is a completely successful selling point, as the example of Posteo shows.” (p53)

The complete report by the Berlin chief privacy officer can be found (in German) at datenschutz-berlin.de.

Best regards,

The Posteo team

New: Who we support with donations

2016-03-16T18:30:00+01:00

Dear Posteo users and interested parties,

In the name of transparency, we are now openly listing the organisations that we supported with donations last year (2015). We were asked to provide this information as remaining Posteo credit can be donated, if desired. Our new “Who we donate to” page can be found on our website in the “About us” section.

It is important to us to encourage social engagement and to take responsibility as a company. We therefore support selected charitable organisations in the areas of environment, internet politics and freedom of opinion, as well as refugee aid. #more#

During last year, Posteo donated a total of 24,350.00 EUR. Of this, 22,957.30 EUR constituted voluntary donations by Posteo.
The remaining 1,392.70 EUR came from users’ remaining credit.

In 2015, recipients of Posteo donations included Friends of the Earth Germany (BUND), Reporters Without Borders, The UN Refugee Agency (UNHCR) and Netzpolitik.org.

Best regards,

The Posteo team

Cryptoparty for women in the Posteo Lab on Feb 24

2016-02-08T17:15:00+01:00

Dear Posteo users and interested parties,

On Wednesday 24th February there will be a cryptoparty for women in the Posteo Lab in Berlin (Kreuzberg). Hosting the event are the hacker girls from Heart of Code.

The hackers will be our guests from 7pm. The event begins with two short talks on the topic of encryption. After that, workshop participants will be shown how to communicate securely on the internet and how to be protected from spying by intelligence agencies and advertisers.

Background info:
The “Heart of Code” hackers want to facilitate women’s access to information technology, tools and content, to make the hacking community and tech landscape more diverse in the long term. We support this aim, as women are clearly underrepresented in the field of IT. For this reason we are happy to make the Posteo Lab available to the hackers for their event.

Best regards,

The Posteo team

Second extended certificate

2015-12-22T18:30:00+01:00

Dear Posteo users,

From now on, we are also deploying a second extended security certificate.

Such authenticated, “green security certificates” are used first and foremost by organisations that deal with sensitive data, such as banks. It can be seen on the left of our web address (https://posteo.de) in your browser (usually a key symbol with green background). In this way you can always recognise that you are actually on the Posteo website – and not some sort of phishing site. If you use a local email program, it will additionally check the security certificate before establishing an encrypted connection with Posteo – confirming the validity of the encryption partner. Email providers use certification authorities for this, who confirm the validity of a security certificate before an encrypted connection is established. OCSP is an additional security measure: An OCSP server confirms that a certificate has not been revoked.

We therefore use a second certificate
The reason for additionally deploying a second certificate is that the OCSP servers of the certification authority StartCom were not reliably reachable over the past few days. In some individual cases, this led to restrictions in programs that additionally check OCSP, such as Thunderbird and Firefox. We know that for this reason some of our users experienced an error when opening our website or working in a local email program. At Posteo itself, there was no problem at any time, and the security of your connections was not affected at any time. Because it is completely unacceptable to us that a problem at a single certification authority repeatedly affects our customers, we are from now on using a certificate certified by the Bundesdruckerei, which we had recently already created as a second certificate. #more#

What a certification authority does
Email providers use certification authorities to confirm the validity of their certificates before an encrypted connection is established. A certifier in addition certifies the public key of a provider’s SSL certificate. It’s similar to a notary: After checking multiple documents, (including company registration, personal identity documents, telephone calls with us and our lawyers, etc) the certification authority confirms that the public key really does belong to the provider, in this case, therefore, to Posteo e.K. The certification authority does not create our certificate and/or key pair – we do this ourselves. They can therefore not manipulate or exchange the keys.

Our new certificate, certified by the Bundesdruckerei, conforms to current security standards and was signed using the SHA-256 algorithm.

If your browser, email program, smartphone or tablet happens to produce an error message due to an invalid certificate following our change, this is not due to an attack or an error. It merely means your program has the old certificate saved. In most cases, restarting the program or device should remedy this.

The “electronic fingerprints” for our new security certificate are:
SHA256: 6A:B1:9D:FB:FB:10:2E:D8:89:01:76:8C:B1:6B:61:13:A1:E3:B6:A5:47:D6:85:A3:FD:08:7F:11:DA:35:77:E7
SHA1: 8D:D7:97:B4:45:79:4D:EC:64:AE:D1:90:88:AC:B4:F4:5A:21:EA:6A
MD5: DA:CC:03:04:8C:E8:03:54:4F:6B:B2:2E:C2:ED:94:D8

You can also find the fingerprints for both certificates in our legal notice page. This information is only relevant for users who manually check our certificates.

If a program or system that you use does not have the Bundesdruckerei root certificate pre-installed and therefore does not trust the connection to Posteo, you can simply install it. It can be found for download from the Bundesdruckerei website. There, you can also find the fingerprint of the root certificate “D-TRUST Root Class 3 CA 2 EV 2009” on the downloads page, which we also publish here for comparison purposes:
SHA-256 EE:C5:49:6B:98:8C:E9:86:25:B9:34:09:2E:EC:29:08:BE:D0:B0:F3:16:C2:D4:73:0C:84:EA:F1:F3:D3:48:81
SHA-1 96:C9:1B:0B:95:B4:10:98:42:FA:D0:D8:22:79:FE:60:FA:B9:16:83

The Posteo domains that we use with the SSL certificate are in our possession. The entries of our name server in the DNS are also additionally secured with DNSSEC, to prevent manipulation. And using DANE anyone can check our key’s fingerprints without doubt.

Even if we did not have any influence over the disturbances caused by the error at the certification authority, we would still like to apologise if you were affected by this annoying problem.

Best regards,

The Posteo team

New: Posteo webmail interface can find public keys

2015-12-22T14:00:00+01:00

Dear Posteo users,

We have now made end-to-end encryption in the Posteo webmail interface even easier.
Attachments can now also be conveniently encrypted (with PGP/MIME) in the webmail interface.

At the same time we have made the first application for our new Posteo key directory available:

If you use end-to-end encryption with Posteo in the browser, Posteo finds the public keys for your contacts – in many cases, automatically. This is made possible by the Posteo key directory and Posteo key search: Our key search automatically searches worldwide for corresponding public keys for your contacts and displays them to you before you send an email.

In many cases, therefore, you no longer need to ask a contact for their public key before being able to send them an encrypted email.
#more#
It occurs in the background:
When you enter a recipient for your email, our innovative key search peforms a search for corresponding keys for the email address. It searches not only the worldwide PGP key servers, but also the DNS – the so-called “internet telephone book”, as well as additional sources of the Posteo key directory. If the key search finds a key for your contact’s email address, this will be displayed. Thus end-to-end encryption becomes convenient and modern, and without losing security: The encryption in the webmail interface occurs with the open source plug-in Mailvelope, which is installed locally. This ensures genuine end-to-end encryption in which your private key always remains locally on your devices. It is not saved on our servers at any point, as this would reduce the principle of end-to-end encryption (between the sender and recipient of an email) to an absurdity. The encryption and key search also work with all email providers that adhere to internationally agreed-upon standards for the field of email. This is no stand-alone or proprietary solution for which both communication partners would need to use the same provider in order to communicate with one another using encryption.

For security reasons, our philosophy is to exclusively use genuine end-to-end solutions, open-source technologies and free standards. In our view, only thus can maximum security, transparency, comfort and compatibility be obtained. The Mailvelope plug-in is open source and has undergone a security audit (by Cure53).

Instructions:
Step-by-step instructions for the setup and use of end-to-end encryption in the Posteo webmail interface can be found in our help section.

Customers who already use end-to-end encryption in the Posteo webmail interface can also find instructions in the Posteo help section on activating the new Posteo key search and encrypting attachments in a few easy steps.

For developers:
We have developed an open source plug-in for the Roundcube email client, which is published under the AGPL licence and can be found on Github.

Best regards and happy holidays,

The Posteo team

New: Posteo public key directory

2015-12-04T15:30:00+01:00

Dear Posteo users and interested parties,

It is our desire to make the exchange of public keys for end-to-end encryption easier and more secure. Today we have taken a first step to this end: You can now publish your public PGP or S/MIME key in our new Posteo key directory and thereby also securely in the DNS, the internet’s so-called telephone book. In the coming weeks we will be progressively activating further options for the new Posteo key directory.

Background:
For a while now, various players in the area of internet security have been working on making the exchange of keys for end-to-end encryption easier and more secure. Public keys are to be securely stored and made available in the DNS. To this end, new, free standards will soon be adopted. For a long time, behind the scenes, we have worked on simplifying the key exchange process in multiple steps, to occur in line with the new standards. So far, the standards remain in draft format, but we consider them advanced enough that we have begun to use them.
#more#
The technical designation for the upload of PGP keys was determined some months ago. Over the last few months we engaged ourselves in the responsible working group, such that the DNS parameters for S/MIME keys also be determined by IANA, which is responsible for administration of the DNS in the internet. For us, S/MIME is an equally worthy and just as important encryption standard.

On Tuesday, the organisation also determined the technical designation for lodging S/MIME keys in the DNS.

Your public S/MIME or PGP key used to encrypt emails can therefore now be securely added by us to the DNS. There, others can find your key and use it to encrypt emails to you. Your key is stored in the key directory secure against falsification with standards OPENPGPKEY and SMIMEA, which are soon to arrive. This process corresponds to DANE technology: DANE secures TLS server certificates in the DNS, while OPENPGPKEY and SMIMEA secure (against falsification) public keys used for email communication, in the DNS. Keys for end-to-end encryption that are published in the DNS are also secured with DNSSEC, as for DANE.

Through the use of security technologies such as NSEC3, we also prevent the mass-collection of email addresses and keys from the DNS: A key can only be retrieved for a specific email address known to the person searching. This actively prevents the misuse of the DNS as a source of email addresses for spammers.

OPENPGPKEY and SMIMEA are to constitute an alternative to previously widespread key servers, which exhibit multiple problems:
Until now, anyone can upload your public key to worldwide key servers, even if you personally do not want this. In addition, anyone can upload a falsified key for you. Keys that are uploaded there can no longer be deleted. This results in multiple as well as outdated or incorrect keys for an email address being found in key searches on the worldwide key servers. On the key servers, a multitude of valid email addresses are saved, and can be found by spammers who request email addresses from key servers on a mass scale in order to send spam to these addresses. Anonymity is also affected by the key servers: With OpenPGP, anyone can see who has declared their “trust”, similar to a social network. Thus social connections can be openly viewed for each person. The new process at Posteo is implemented without exhibiting any of these weaknesses.

The Posteo key directory is found in the settings of your Posteo account, under “PGP and S/MIME encryption”.

Before uploading your key to the Posteo key directory, please check whether it conforms to the Posteo guidelines. To protect your privacy, you can only upload a key that contains your Posteo email address or one of your aliases, among other things.

The new OPENPGPKEY technology is already implemented in the standard software GnuPG, and Verisign is working on an SMIMEA plugin for Thunderbird. We hope that the dissemination of OPENPGPKEY and SMIMEA proceeds quickly, so that the exchange of public keys becomes easier and more secure.

Best regards,

The Posteo team

Migration service now includes address book

2015-11-16T18:00:00+01:00

Dear Posteo users and interested parties,

Moving to Posteo just became even easier. With the Posteo migration service, you can now transfer more than just your existing email accounts (including folder structures) to Posteo at the click of a button.

From now on, the migration service also transfers your previous address book from most large providers to Posteo. You can conveniently transfer your contacts to Posteo without requiring any special technical knowledge.
#more#
Because we do not use any third-party solutions at Posteo for the transfer of your personal data, we have developed individual solutions for the secure transfer of your data from each of the providers listed. In particular, your contacts’ sensitive data (e.g. name, address and phone numbers) are not transferred via a third party at any point. The data is collected by Posteo directly from your previous provider and transferred to your Posteo address book via an encrypted connection.

Posteo address book migration is available for the following providers:

AOL
Gmail
GMX
iCloud
Microsoft services such as Outlook.com, Hotmail, Office 365
Yahoo!
WEB.DE

The migration service is found in the settings of your Posteo account under “My account”.

You can decide yourself whether you would like to permanently delete your email and address book data from your previous provider.

The Posteo migration service is free of charge. It was developed in line with our principle of maximum data economy. Thus, for example, we do not save the email address from which you have transferred data to Posteo.

Tip: After migration you can individually encrypt all data you have saved with Posteo. Available for this purpose are Posteo’s address book and calendar encryption and Posteo crypto mail storage (for your email data). For both features you do not require any special technical knowledge; the encryption occurs at the click of a button. These encryption features are found in the settings of your account under “Encryption”.

Best regards,

The Posteo team

Transparency report: German authorities mess up

2015-08-25T17:00:00+02:00

Dear Posteo users,

We would like you to know how often authorities request user information from Posteo. We have therefore today published our transparency report for the year 2014. In the report, we lay out how often German investigative authorities approached us in 2014 – and how often Posteo actually had to release data. The report covers all requests from authorities that Posteo received in the year 2014. Posteo operates more than 100,000 paid email accounts. In 2014, we received 22 requests from authorities. In Germany, there is no such thing as secret requests that are not allowed to be mentioned. You will also find out how often these requests were formally correct and how many of the requests were illegal. #more#

Because almost all requests from authorities that reached Posteo until now were illegal, we devote emphasis to the information process in our report this year. We critique the chaotic circumstances that rule, in particular in requests for user information under § 113 TKG (German telecommunications law). We reveal that grave deficiencies exist in practice, there are regularly breaches of the law and the deficiencies in controls of the situation are becoming even worse. Germany might be known for its exactness, but German authorities have failed miserably at abiding by the legal requirements. Posteo has not yet received any requests from foreign authorities.

To document our critique of the information and surveillance processes, we have today published numerous examples of illegal requests from authorities on our website. In addition, we present our exchanges of correspondence with public positions such as the state privacy officers, the privacy officers of the respective German federal states as well as the respective ministries of justice of the German federal states.

Thus you will obtain an insight into our privacy-oriented work that takes place at Posteo all year round. In addition, we occupy ourselves in the report with the control instrument of the judicial reservation, which is in our view no longer equitable in respect of its intended purpose: in practice, clearly all applications for surveillance in Germany were granted. Although statistics are not even kept to determine the effectiveness of the judicial reservation, we have found numbers that prove this.

The German government meanwhile remains idle, even though it has been informed of some of the grievances for many years and continues to be questioned, as we show in the first part of our report. We demonstrate this with a reply from the Federal Ministry of the Interior that was published last Wednesday (19th August), among other things.

The complete transparency report can now be found on the Posteo website.

We call on Justice Minister Heiko Maas to stop the draft law for the reintroduction of data retention. If the possibilities for surveillance in Germany continue to be enlarged while the deficiencies shown in our transparency report still exist and clearly every application for surveillance is approved, this would be a development that can not be beneficial to democracy.

Note: The German government’s draft law for the planned reintroduction of data retention (“Gesetz zur Einführung einer Speicherpflicht und einer Höchstspeicherfrist für Verkehrsdaten”) currently stipulates that the entire area of email should be exempt from retention. This means that Posteo does not belong to the group of obligated parties. We assume, however, that the introduction of the law would further increase the number of illegal requests for user information made to us.

If you would like to support our work, we would be very pleased if you would circulate our transparency report and the information contained within it, as well as making enquiries with the parties responsible. Last May, Posteo became the first German telecommunications provider to publish a transparency report. With our move, we induced other German providers to in the meantime also publish transparency reports – including, among others, Deutsche Telekom. With our transparency report this year, we would like to contribute to making existing grievances and legal realities public and allowing them to be debated. We want change: the grievances must be eliminated and democratic control of state information processes in Germany must be strengthened.

Best regards,

The Posteo team

Crypto mail storage available for all users

2015-05-29T16:00:00+02:00

Dear Posteo users,

Introduction of the new crypto mail storage is complete: all Posteo users can now encrypt the email data they have saved with us at the click of a button. We make this new encryption feature available to you at no extra charge.

You don’t require any special technical knowledge: the encryption is activated at the click of a button and occurs in the background without you needing to do anything. You can find the new encryption option in the settings of your account via “Encryption” > “Posteo crypto mail storage”. Step-by-step instructions are found in the Posteo help section. If you have additional questions, our support team is available to you at no extra charge. #more#

When you activate crypto mail storage, all email data saved with Posteo is encrypted at the click of a button – with the help of your password. The encryption encompasses the content and attachments of all emails saved with Posteo as well as their corresponding metadata (e.g. subject and header). As well as your existing email archive, all newly-arriving emails are also encrypted. The encrypted data within crypto mail storage are no longer readable by us. Posteo can not deactivate the encryption; only you can do this yourself. If you are interested, you can find out concretely how the data is encrypted and where the technical data for encryption is viewable on our encryption info page.

Password must be taken special care of

When you have activated crypto mail storage, you need to take special care with your password. The password is the key to your data. If crypto mail storage is activated and you forget your password, you will lose access to your encrypted email storage. The password reset function is no longer available to you, as your data is encrypted using your forgotten password. Posteo support can no longer reset your password or deactivate the encryption. Please therefore consider carefully whether you would like to use this password-based encryption function before activating it.

Can be combined with all other encryption options

Posteo crypto mail storage constitutes an additional layer of encryption in our security model, with which you can protect the data you have saved with us. It can be combined with all other Posteo encryption features, for example, inbound encryption, without issue. Please note that each layer of encryption fulfills different protective purposes: crypto mail storage protects your saved email data and their corresponding metadata. By combining it with end-to-end encryption, which protects your emails during the communication process (when sending and receiving emails via the internet), you can further increase the security level of your communication.

The most frequently asked questions on crypto mail storage

Following our first blog entry we received many questions from users. We would like to respond to the most frequent ones again here.

– You can continue to use your account in the webmail interface as usual, though the search function could take a little longer.
– You can continue to access emails via IMAP and POP3 as usual.
– You can continue to manage your emails in local email programs.
– You can continue to access your emails on a smartphone, tablet or other device.
– Posteo crypto mail storage encrypts all email data saved on our servers. If local, insecure copies of your email data are created by a program, we recommend securing all devices used for this or deactivating creation of local copies.
– Legal: we had the legal situation checked by our lawyers. In Germany, email providers can not be compelled to “break” encryption. We designed crypto mail storage such that technically, Posteo can not remove the encryption of all saved email data applied by the users.
– Because incoming emails are first encrypted when they reach our server, crypto mail storage does not protect against lawful interception (TKÜ) of an account.
– Our encryption plug-in underwent an external, multi-level security audit (by Cure53). For reasons of transparency, the code for the encryption is also openly viewable. This conforms to our open-source strategy and is an essential trust-building measure in the post-Snowden era.
– We recommend that you further secure your account with two-factor authentication, to additionally increase your level of security.

Best regards,

The Posteo team

Posteo users safe from Logjam attack

2015-05-22T16:00:00+02:00

Dear Posteo users,

For the last couple of days a so-called Logjam security flaw has been reported in the media. This was discovered by US scientists and can provide attackers with access to individual encrypted connections, which, for example, are used for secure access to websites, email traffic and online banking.

We wish to inform that as a user accessing Posteo, you are not affected by Logjam: our team observes developments in cryptography and security very intently and we always employ the newest encryption technologies. This means that when you access Posteo via your browser or a local email program, you are not vulnerable to Logjam as we do not offer the target over which this attack occurs. #more#

In your communications with other email providers, please be aware that for the moment, not all of them have secured their systems against Logjam.

Meantime, independent server test websites have extended their tests to include Logjam. You can confirm that Posteo is not affected by Logjam on these independent sites: on the Qualys test site we still obtain the best mark of A+ for web access, for example. Any vulnerability leads to a lower score.

Independent of Posteo, your browsers as well as local programs could still be vulnerable when using other services. In the coming days, please pay special attention as to whether updates are offered for your browser (e.g. Firefox, Safari or Chrome) or programs. You should install these important updates in order to increase the security of your online activities in this regard. In terms of security when accessing Posteo, no updates are necessary on your part.

Best regards,

The Posteo team

New Posteo migration service

2015-05-21T17:00:00+02:00

Dear Posteo users and interested parties,

Migrating your previous email accounts to Posteo just got easier: as of today, the new Posteo migration service is available to you, with which you can bring your previous accounts (including their folder structures) across to your Posteo account.

Many of you desired an ability to transfer folder structures without needing any particular technical knowledge.

For security reasons, we did not want to employ or recommend any third parties to transfer your sensitive email data; we therefore developed our own solution for secure and convenient migration to Posteo. #more#

The new migration service can now be found in the settings of your Posteo account (via “My account”).

You can now completely copy up to three external email accounts across to Posteo.

You do not require any special technical knowledge: when you set up a new migration service in the settings of your Posteo account, it will display the folders in your previous account. Conveniently, you can then decide which folders you would like to copy to Posteo with a click of the mouse. Our migration service will then transfer all selected folders across to your Posteo account.

You can decide yourself whether you would like to permanently delete the emails from your previous provider. The Posteo migration service is free of charge – and you retain control over your data:
At no point are your emails transferred via a third party.
The selected folders are collected from your previous provider by Posteo and transferred directly to your Posteo account over an encrypted connection.
We have designed the Posteo migration service in line with our policy of maximum data economy: we do not, for example, save information such as which email address the data is copied to your Posteo account from.

Best regards,

The Posteo team

New: Posteo introduces crypto mail storage

2015-04-09T16:15:00+02:00

New: Posteo introduces crypto mail storage

Dear Posteo users,

We have news:
Today we have introduced a new encryption option for you: Posteo crypto mail storage. The new function was already made available to users this morning. In the coming weeks, we will progressively make crypto mail storage available for all accounts. With crypto mail storage you have the ability to personally encrypt all email data you have saved with Posteo at the click of a button. The encryption is comprehensive. It encompasses the content and attachments of all emails saved at Posteo as well as their corresponding metadata (for example, the subject and email header). As well as your existing email storage, all newly-arriving emails will be encrypted.

We are making this new encryption feature available to you at no additional charge. It is important to us that all Posteo users obtain maximum security. You don’t need any special technical knowledge, either: the encryption is activated at the click of a button. It occurs in the background without you needing to do anything. #more#

The data within the crypto mail storage is no longer readable by us. We can not deactivate the encryption; only you can do this yourself. You can see whether this new encryption option is already available for your account via “Encryption” > “Posteo crypto mail storage”. If it is not yet available, we ask for your patience. Crypto mail storage will be made available to all users in the coming weeks.

Encryption at the click of a button – with the help of your password:

As soon as you have activated crypto mail storage in the settings of your account, Posteo creates a personalised key pair for you. Using this, we encrypt all the email data (content, attachments and metadata). This occurs with the part of your key that is responsible for “encrypting”. Each email is encrypted individually. The key that can make an email “readable” again is stored in the Posteo database, protected by your password. Thus, only you can access your encrypted email storage. Nothing changes in the workflow in your account: if you click on an email when crypto mail storage is activated, it is made readable for you in the background – and only for the moment of access. You manage your emails just as simply and conveniently as before.

Password must be taken special care of
When you have activated crypto mail storage, you need to take special care with your password. The password is the key to your data. If crypto mail storage is activated and you forget your password, you will lose access to your encrypted email storage. The password reset function is no longer available to you, as your data is encrypted using your forgotten password. Posteo support can no longer reset your password or deactivate the encryption.

Crypto mail storage is a plug-in we developed for the open-source email server Dovecot. Asymmetrical encryption occurs with the help of RSA; symmetrical encryption and authentication happens with AES and HMAC. Hashing occurs with bcrypt.

Further information can be found on our encryption info page.

Comprehensive tests and external security audit
Your personal email data is a sensitive commodity and worthy of protection. For this reason, extensive preparation work has been done prior to making crypto mail storage available. We not only comprehensively tested our encryption plug-in internally: the feature was also submitted to an external, multi-level security audit (by Cure53).

Transparent code and legal check
In addition, we had the legal situation clarified in advance. The result was that in Germany, email providers can not be compelled to “break” encryption.

We have implemented the crypto mail storage such that from a technical standpoint, the encryption initiated by Posteo users can not be removed by Posteo. In addition, the code for the encryption is openly viewable for reasons of transparency. This conforms to our open-source strategy and is an essential trust-building measure in the post-Snowden era.

Can be combined with all other encryption options
Posteo crypto mail storage can be combined with all other Posteo encryption features without issue. Thus, you can encrypt all your calendar and address book data at the click of a button. Posteo inbound encryption, which encrypts all newly-arriving emails with OpenPGP or S/MIME, can also be combined with crypto mail storage without issue.

If you already use inbound encryption, we recommend also activating crypto mail storage, as crypto mail storage encrypts not only newly-arriving emails but also all emails in all folders of the account as well as their corresponding metadata.

If you already use end-to-end encryption, you will also profit from crypto mail storage. The end-to-end process such as OpenPGP will generally only encrypt the content of individual emails, and not your saved emails or the emails’ metadata. Our password-based crypto mail storage constitutes comprehensive encryption, which distinctly increases the security level at Posteo. For maximum security, we recommend securing access to your crypto mail storage with Posteo two-factor authentication. Then, at login, not only your regular password will be required, but also a current one-time password. Such is the overall security level further increased. If you create local, insecure copies of your email data, we recommend securing all devices used for this.

We have made numerous pages with information and help instructions on Posteo crypto mail storage and our other encryption options available on our website.

Best regards,

The Posteo team

Posteo webmail: New "Gentle Grey" theme available

2015-04-07T14:30:00+02:00

Dear Posteo users,

As of today, a new “Gentle Grey” theme for our webmail interface is available. This is a reduced-colour version of our new standard design for those who prefer a more discreet colour scheme.

You can now activate the “Gentle Grey” theme in your account settings via “Settings” → “Preferences” → “User Interface”. To use the theme, simply select “Gentle Grey” and confirm by clicking “Save”.

We will soon be making additional versions of the webmail interface available to choose from.

Best regards,

The Posteo team

German Bundestag: Posteo statement on privacy

2015-03-13T16:15:00+01:00

Dear Posteo users,   

As of today you can find a statement from Posteo on the topic of “Privacy in the digital world” at bundestag.de. Our vice president of communications, Dean Ceulic, was a guest expert on the committee for the German parliament’s digital agenda. The topic of the discussion was “Startups, small to medium-sized businesses and privacy in the digital world”. In addition, we were asked to provide written replies to a list of questions that the various fractions prepared prior to the discussion. Our statement is now available on the Bundestag website (in German).  The discussion itself is available as a video at bundestag.de (in German).

An overview of the most important points for us

On German and European privacy standards:

We emphasised that strict German and European privacy regulations do not stand in the way of the economy. The opposite is true: European companies can use stricter privacy regulations to their advantage, protecting themselves (for example, from American competitors) using sophisticated privacy measures. Stricter privacy standards do not inhibit innovation; they actually constitute a competitive advantage for European companies. This view is shared by an overwhelming majority of the experts who took part in the discussion. #more#

We criticise the German government’s current plans to weaken the high German and European privacy standards:

“Germany’s high standards for privacy have become a relevant factor for a company’s location, and should not be given up lightly. The principles of data reduction and purposeful use strengthen consumers’ trust in German companies and help strengthen citizens’ fundamental right to informational self-determination.”

We therefore demanded that the law stipulates that personal information can only be processed if allowed by law and with the affected party’s consent.

On data preservation, we stated the following:  “Sensitive metadata such as IP addresses, for example, are currently under special protection in Germany. Connection and traffic data (such as IP addresses) must also be under special protection on a European level, as their evaluation enables compilation of extensive personality profiles. In particular, the retention of data should be opposed, as this severely impairs citizens’ fundamental rights according to several of the highest law courts.”   On data economy and purposeful use:   The German government will in future consider the principles of data reduction and purposeful use when handling data.

We engaged ourselves with maintaining both of these fundamental privacy principles, stating:

“When handling data, the principles of data reduction and purposeful use strengthen not only the citizens’ fundamental right to informational determination. Both factors also give companies a clear course of action and minimise uncertainties as to how they collect and process data – in particular also amongst one another.”

On the relationship between fundamental rights and security interests:

We emphasised that there is no conflict between objectives in security interests and the effective protection of citizens’ privacy. In a constitutional state, both poles should be in a far more balanced relationship with each other:

“To further strengthen democracy in the digital world, it is essential to restore a more balanced relationship between both poles. International, comprehensive surveillance activities by intelligence agencies can only be countered with measures for encryption, data economy and anonymisation. This is in the interest of citizens – as well as in the interest of companies and authorities.”   

Best regards,

The Posteo team

New: Anonymous payment system extended

2015-01-06T18:00:00+01:00

Dear Posteo users,   

Today our payment process has been superseded by our new, extended single-use code system for anonymised payments. Until now, our code-based payment system was used exclusively to separate payment data from the email accounts. From now on, the single-use codes also contain an encoded country determination, such that we can continue to maintain our concept of data economy despite new legal requirements.#more#

On January 1st, the so-called “Kroatiengesetz” came into effect. This law is the German implementation of an EU regulation. It specifies that for electronic services, value added tax must be paid in the country in which the user lives. Previously, the service provider’s headquarters determined the tax location. From January 1st we are therefore required for each payment process to determine which country each payment comes to us from, using multiple measures. This can be done, for example, with the help of a Geo-IP determination or an evaluation of the payment information. The lawmakers require at least two attributes to be ascertained, which do not differ. Fulfilling these new legal requirements was a challenge for us as we don’t save any of your personal information and wish to continue not to do so.

We have therefore extended our anonymous payment process for the event of the new law coming into effect, in order to maintain our consistent concept of data economy. We are now required to conduct a legally-specified country determination. Its result is encoded in a part of our payment codes that only you receive, when you now start a payment process. This part of the code contains the result of a Geo-IP determination and a browser region determination (your IP address is not saved). The part of the code that is in our system is somewhat shorter and does not contain this sensitive information. The encoded part is “outsourced” to you until the payment is completed. This is important, because otherwise we would have personal data connected to your account in our system until completion of the payment, which is something we don’t want.

You provide us with the complete code, and thereby also the result of the country determination, in the purpose/description field of your payment. When a payment arrives at Posteo via bank transfer or in the post, our payment system automatically evaluates the code and can then allocate the payment to your account. The encoded country determination in the last three characters is also automatically evaluated, to determine the value added tax payable in the relevant EU country. The result is not connected with your account. The evaluation process only takes a fraction of a second. When the code is evaluated, credit is added to your account and the single-use code is deleted from the system. Thus it is no longer possible to tell which account you have transferred funds for. Nor is it possible to tell which country the user of an account lives in.

PayPal and credit card payments occur directly after starting a payment process. The use of a code system is therefore unnecessary here. Information on the country determination is also immediately evaluated and does not need to be temporarily saved. Neither the PayPal or credit card payment nor the country determination collected is connected with the email account.

We understand the lawmakers’ intention to block tax loopholes with the new law. It is, however, problematic that companies who want to operate with data reduction can become required to collect and save users’ personal information via this EU regulation. Providers generally do not have complicated code-based systems allowing data reduction available to them – plainly, they must then retrieve and save the information. This is how mounds of data pile up. In addition, a bank account is very secure against manipulation. We doubt whether additional measures such as geolocation would markedly increase reliability.

Further information on Posteo’s anonymous payment system can be found on the payment info page that we have set up.

Kind regards and all the best in the new year,

The Posteo team

New two-factor authentication available

2014-11-12T14:45:00+01:00

Dear Posteo users,

We have news: You now have the possibility to enable two-factor authentication for additional security of access to your Posteo account (in the browser).
#more#
The technology is comparable with multilevel security processes in the banking industry. At an ATM, you can only withdraw cash if you know something (your PIN) and possess something (your ATM card). With two-factor authentication, the situation is similar. In order to log in, you need something that you know (your Posteo password) as well as something that you possess (e.g. your mobile phone). The Posteo login process only changes slightly with the additional security: After entering your username and password, you will in addition be asked for a current one-time password. The current one-time password will be shown to you on a device (e.g. a mobile phone, tablet or desktop) on which you have activated two-factor authentication.

If criminals or intelligence agencies obtain your access information (username and password), they will have no way to access your account via the webmail interface and, for example, to manipulate your account and security settings. The conventional access details are no longer sufficient for the login process.

We have set up two-factor authentication to be as simple and secure as possible. With Posteo, two-factor authentication technology can be used not only with free apps for all current platforms, but also with special hardware (such as a Yubikey). All users who only access Posteo in the browser (i.e. webmail) can distinctly increase the overall security of their emails and account by enabling two-factor authentication. If you specify in the settings that you use webmail only, access will be blocked for local email programs. This eliminates the possibility of attacks, which don’t happen via the browser but rather via external programs (by IMAP and POP3).

Setting up two-factor authentication is simple. It is also recommended for users without technical knowledge. The technology is based on the open TOTP standard. There are no additional costs – the new function is provided at no extra charge. You can find out how to activate two-factor authentication in our help section.

Two-factor authentication significantly increases the security of webmail access. Our development team is currently also working on a solution that will also increase security of access via local email programs using a multilevel security process. We hope we can also make this solution available to you soon.

Best regards,

The Posteo team

Email encryption in your browser with Mailvelope

2014-10-10T18:47:00+02:00

Dear Posteo users,

A few days ago, a new version of the encryption add-on Mailvelope (available for Firefox and Chrome) was released. The new version is preconfigured to work with Posteo.
#more#
Using the add-on, it is now possible to easily encrypt the content of emails using OpenPGP within the Posteo webmail interface. You can also sign your emails, but attachments can not be encrypted using the add-on. Mailvelope is especially interesting for all who prefer to use the Posteo webmail interface and who would like to secure their emails with end-to-end encryption. Mailvelope is open source: The program code for the add-on is visible and based on open standards.

In the Posteo help section “Webmail”, you can find instructions on how to install the add-on in Firefox or Chrome and how encryption using Mailvelope works. Other browsers such as Safari or Internet Explorer do not yet support Mailvelope. If you encounter problems using Mailvelope or have questions about the add-on, please contact Mailvelope support.

Best regards,

The Posteo team

New webmail interface available

2014-09-23T18:53:00+02:00

Dear Posteo users,

We have some important information for you: From today, the new standard
design of our webmail interface is available.
#more#
You can now activate the new design in the settings of your account via
“Einstellungen” → “Benutzeroberfläche” → “Oberflächendesign” (or “Settings”
→ “User Interface” → “Interface Skin”, if your interface is set to English).
If you would like to use the design, simply choose “Standard” and confirm by
clicking “Save”.

During the last few months, our team has been working on the appearance of the
user interface. The webmail site is now more appealing, and easier to use. We
will continue to support the old design until early 2015. We recommend
switching to the new design now.

We will soon make additional versions of the new standard design available to
choose from. Other parts of the website – for example, the help section – will
be progressively updated to match the new design.

As part of the design update, some technological improvements have been made
in the background. These lay the foundation for various new features, such as
Posteo email account encryption, which we will be introducing this autumn.

Best regards,

The Posteo team

Posteo supports DANE/TLSA

2014-05-12T08:45:00+02:00

Dear Posteo users,

From today onwards, we support the innovative technology DANE/TLSA (DNS-based Authentication of Named Entities). DANE eliminates various weaknesses in the widely-used transport route encryption SSL/TLS – and increases the security of encrypted transport of emails and when accessing websites.
#more#
With DANE, the so-called “digital fingerprints” of an encryption certificate are stored in the internet’s “telephone book” (DNS). There they can be automatically checked by email servers, email programs and browsers before an encrypted connection to a website is established or an email is delivered. The authenticity of a server can thereby be verified before each connection. Until now, most servers sent data over an encrypted connection without first verifying the authenticity of the other server. DANE effectively prevents third parties (such as criminals or intelligence agencies) from pretending to be a particular web or email server in order to obtain login data or content (using a falsified certificate).

Entries in the internet’s so-called “telephone book” are additionally secured with DNSSEC technology, such that DANE can be trusted. DNSSEC prevents third parties from altering entries and switching the “digital fingerprints” of the encryption certificates. Unfortunately, DNSSEC is not yet supported by most domain providers. Posteo had to change its domain provider in order to introduce DANE.

DANE also opens possibilities on another level: Email servers can now force a connection to be encrypted with the help of a DANE entry. Previously, email servers would negotiate whether they could support encryption before establishing the connection. Posteo has already configured its server for this: If other email providers also have a DANE entry, then Posteo sends to their servers with encrypted connections. If no encrypted connection can be achieved, then email sending will be cancelled for security reasons. This not only prevents man-in-the-middle attacks, but is also important for the following reason: With DANE, email servers can clearly authenticate themselves worldwide – and mutually guarantee that emails are always exchanged over an encrypted connection. This is not the case, for example, with “Email Made in Germany”, a group of a few German providers that leaves out all other email servers and only promises its users encrypted connections between each other. Posteo rejects such “partitioning” of some German providers: A global network requires global improvements to the security of communication via consistent, open standards.

Because the technology is not yet widespread, there are currently hardly any other programs or providers who support DANE. Despite this, we want to lead by example, and promote the spread of this important process – DANE will, in the future, make an essential contribution to making the internet safer.

There are already DANE add-ons for all current browsers, with which internet users can secure their access to Posteo using DANE. Via this link, you can find a list of all currently available extensions. We can not provide any support for add-ons or tools. We appreciate your understanding.

The technology is, however, not yet directly implemented in any browser. We hope that the developers of DANE and DNSSEC will achieve this as soon as possible. We also encourage other email providers to implement DANE, so that communication between email servers over encrypted connections becomes more secure worldwide.

Best regards,

The Posteo team

Posteo on the myths of the SINA box

2014-01-29T18:00:00+01:00

Dear Posteo users,

This blog entry is about a topic that has made many of you anxious, and about which we are currently receiving enquiries. The question concerns when and how German email providers give out data to investigative authorities when a judicial ruling exists for the surrender or surveillance of an email account. #more#

Computer magazine c’t states in its current edition (4/2014):

“Email providers with more than 10,000 customers must operate a so-called SINA box, which can channel the email traffic of all users without the provider or the user being aware.”

This is incorrect. It is not possible for German authorities to access users’ emails without the knowledge of the provider. In addition, a SINA box has no access to a provider’s systems.
We asked the editors to issue a correction. They then acknowledged the error and published a correction on the c’t blog. Because we can not individually answer all the questions we are receiving, we inform here exactly what the situation is with the SINA box:

So far, there is no SINA box at Posteo.
The (German) Telecommunications Monitoring Ordinance (Telekommunikations-Überwachungsverordnung, TKÜ) requires telecommunication providers with at least 10,000 users to install a special computer (the SINA box). We can not say exactly how many users our service has, because we don’t collect our users’ personal information. We only know the number of email accounts.

We will, at some point, have to acquire a SINA box – but we leave estimating when this might be to our experienced lawyers, who have negotiated SINA solutions for various telecommunications organisations with the Federal Network Agency. This is more of a financial nuisance. It will not impair the security of our users’ data. We have become convinced of this following an intensive debate on this topic (with lawyers and authorities, among others), and we can assure you of it.

A SINA box is a computer that establishes an encrypted connection to authorised authorities – a so-called VPN. We would have no access to the SINA box, but neither would the authorities have any access to our servers or network traffic via the SINA box. The authority would have no access to our servers whatsoever. We would, however, have the possibility to save the content of an email account on an authority’s server via the SINA box, if a judge had ordered the surrender or surveillance of the account.

We would then have no access to this data – only the authority would. The only data found on that computer would be that which we (Posteo) had deposited there, however.
————
Please note: c’t magazine writes that the email traffic of all users can be channeled over the SINA box without the provider or user noticing. This is incorrect.
————
The authority’s computer (behind the SINA box) would, like the SINA box itself, be connected neither with our servers, nor would it allow access to our servers. For the authority, the point is to establish a completely isolated system, such that third parties have no way to intercept data that we are required to provide manually. If a judicial ruling exists, we need to provide copies of the data via this computer, for example, transfer by FTP access (one-way).

Even without a SINA box, we are – in the event of a judicial ruling – already required to surrender an email account’s data, which we also point out in our privacy policy. Every email provider in Germany is required to do this, no matter how small.

The legislator has set the hurdle for surrender of content very high: Your emails are governed by secrecy of telecommunications. Because we never surrender email accounts of our own free will (§ 94 Abs. 1 StPO), instead always formally objecting, the lawful seizure of a Posteo account must always be ordered by a judge (§ 94 Abs. 2 StPO, § 98 Abs. 1 S. 1 and Abs. 2 S. 1 StPO). The command to lawfully surveil an email account can only be obtained in cases of specific, severe crimes, and not for infringements, among other things. The legal ruling on this can be found, for example here. The judicial ruling must be presented to us (the provider) and will be checked by our lawyers for scope and formal correctness before we provide any data.

After submission of a judicial ruling, the provider therefore delivers the data itself. The user must not be informed about the order for lawful interception. This is prohibited; we would make ourselves liable for prosecution.

At present, for example, we would have to send a DVD containing the email account contents to the authority – via the SINA box, the authority would obtain the data more quickly and securely. Otherwise, there is no difference to the previous procedure. In addition, there is no possibility for the authorities to access our users’ data.

We would like to release a transparency report on the number of requests from authorities as soon as possible. This would certainly counter general uncertainty. Unfortunately, it is not yet fully clear if this is permitted under German law. It is possible that we could make ourselves liable for prosecution by publishing a transparency report. We are currently obtaining a legal opinion on this. We will shortly provide a page with information about common legal questions.

We hope we have provided some clarity with this piece.

Best regards,

The Posteo team