-WARNING- safe-mail.net, not so safe

[Amnesic]

Safe-mail.net is one of several e-mail services that offer to provide secure, encrypted, web-based e-mail service to general public. The idea seems to be that people who would not be willing to take the fairly short amount of time to learn to use PGP encryption would be able to secure their e-mail by trusting a third party, in this case the folks at Safe-mail.net.

We reject that idea on several grounds. First, the company that provides Internet services for hosting the Safe-mail.net system is Barak.net.il, based on our review of the domain registration for Safe-mail.net. Barak.net.il is one of three companies with a license from the Israeli government for providing similar Internet services, according to the English-language version of their web site, as we understand it. Perhaps it is merely a coincidence that Ehud Barak was once head of the Israeli Defense Forces intelligence branch.

Second, the Safe-mail.net system is “an IP trap.” Our anonymous friend indicates that your IP address is linked to your e-mail account. The user agreement indicates that it is a violation of the user agreement to employ an anonymous proxy or otherwise attempt to mask your true IP address. So, while no identifying information (name, address, phone) is requested when you set up an account, your IP address may be traced to your physical location, or at least to your specific Internet Service Provider, even if dynamic IP addresses are used. Thus, your location and possibly your identity would be exposed. Also, IP addresses are not stripped from e-mails you send from your Safe-mail account, so your recipients see this information. (And, of course, you may be tempted to identify yourself to your correspondents within your purportedly encrypted e-mails.)

Third, Safe-mail.net makes the usual disclosure that they may disclose your account activity, stored e-mails, and other information upon court order or law enforcement request. They make the unusual variation of this disclosure by stating that they may disclose these things whenever it is in their interest to do so. This vague contract clause should scare anyone who thinks about it even briefly. Given that Barak.net.il is licensed by the Israeli government, it would seem quite likely that the Israeli government could command that the data from all Safe-mail.net accounts be provided to the government, and it would clearly be in the best interests of Barak.net.il and conceivably, by extension, Safe-mail.net to make such disclosure. Then it would seem to become a question of whether you have reason to trust the Israeli government.

We found no details about the encryption algorithms used to provide for security with Safe-mail.net. An investigation of Israeli law suggests that there is a mandate that encryption have back doors or key escrow for use by Israeli authorities. So, again, it would appear to be a matter of whether you have reason to trust the Israeli government. We don’t have anything against the Israeli government that we don’t also hold against nearly all other governments worldwide.

It is widely known that Israeli security and intelligence services have cooperative relationships with the related services of other countries. For example, if a USA government agency wanted information on someone who happens to use a Safe-mail.net account, it seems logical to suppose that a request (formal or informal) might be made to the Israeli government.

While it is impossible to know whether or not Safe-mail.net accounts are “Mossad-transparent” or a kind of intelligence sting operation run by the Mossad, or others within the Israeli government, what is publicly stated about the system seems to be closely aligned with what one would expect to find in that case. We have no information presently at hand that would tend to disprove the hypothesis that Safe-mail.net is an intelligence sting operation.

There is always free meat in a bear trap. Be careful. Always use PGP.

[jayblunted]

If no safe-mail.net, who is recommended that is "safe" to use?

[Amnesic]

I'm not saying that we shouldn't use safe-mail or some other form of encrypted email service. Just that, as it has been said countless times, USE PGP and DON'T GET FOOLED by a false sense of security (ie. 'encrypted' doesn't mean shit when there's a backdoor). A LOT of users are still communicating through these services without taking the time to protect themselves. Law enforcement officers are obviously actively monitoring the old SR forums and this one also.

When everything collapsed, vendors and buyers all jumped on the forums to share their safe-mail addresses in an attempt to continue business as usual. This most probably resulted in flooded inboxes and I'm more than sure some customers/vendors were on such a rush that they decided not to or forgot to use PGP as to process things faster. Law enforcement agencies (NSA, FBI, etc.) can then just ask safe-mail to hand over the emails and IPs of those addresses that were posted and then track them down. This is just an hypothesis and I hope people realized that our methods of doing business are not completely fail-proof.


Again, just stay safe.

[psillybastard]

as long as you use encryption and secure method of browsing you can use many email clients

[cosmictourist]

It's probably a good idea to strip the metadata from the PGP messages you send/receive:

"Things About PGP You May Not Know: Your Ciphertext Can Identify You, Friends": http://silkroad5v7dywlc/index.php?topic=239.0

[Nucky]

I think it was about a year ago this guy was doing all this hacking....i believe SONY,,i cant remember to be exact .. but any way that is how they finally busted him  THRU HIS SAFEMAIL ACCOUNT. safe mail is not secure.

[Sarge]

If you do use safe-mail, send your emails encrypted with PGP..

I have noticed, that safe-mail doesn't work when javascript is disabled.. I always have javascript disabled.

[smoke2joints]

Quick tip about the javascript, When you log in if you select the "fast" icon from the drop down menu it lets you log in and use the service with no javascript.  Definitely always keep javascript disabled.

[AussieMitch]

The whole point of using safe-mail is that you can access your account through Tor.

[Sarge]

The whole point of using safe-mail is that you can access your account through Tor.

I'm not sure about that Mitch..

People use it so they can stay in contact with other members in case the forums are down..

If talking about illegal activities, I would always access every webpage through tor.

[AussieMitch]

The whole point of using safe-mail is that you can access your account through Tor.

I'm not sure about that Mitch..

People use it so they can stay in contact with other members in case the forums are down..

If talking about illegal activities, I would always access every webpage through tor.

Sorry I realize now what I said was a little ambiguous.

What I meant was that I thought the reason we have all been using Safe-mail instead of Gmail, Hotmail, etc, is that Safe-mail doesn't throw up any problems when you access your email through Tor, whereas Gmail, Hotmail and most other providers will keep locking you out of your account. In Safe-mail you just go to settings and turn off IP checks and you are good to go.

I would still definitely use PGP as well though.

[Sarge]

My mistake. I read it wrong.

[monoxide]

All people need to do is stop being lazy and learn PGP. I know it seems intimidating at first but once you wrap your head around it it gets easier. Encrypting your emails with PGP is the way to go..

[dieAntwoord]

It's safer to use the PM system here and PGP all your messages. fuck email it's outdated, shit 1990s protocol that is vuln to the worst kinds of failures and surveillance. it also copies your message around the world who knows how many times before recipient gets it leaving FBI breadcrumbs.

Stop using email.

[echo]

We have bitmessage now.

http://bitmessage.org

Why are you still using email?

[dieAntwoord]

Bitmessage is highly experimental crypto engineering I wouldn't trust it for at least another year. Matthew Green, PHd cryptologist and others have found fatal flaws in it's primitives. Then of course there was this attack: http://www.chronicles.no/2013/08/bitmessage-crackdown.html

[echo]

Ah. Thank you.

[jayblunted]

I barely use email for anything SR related. Only ever access it through TOR and practically never check it or publicly display email address for others to write to. Using the PM on SR between users with PGP then deleting inbox and sent messages when matters are resolved covers most if not nearly all communication needs. If SR is down then not much is getting done either way.
Others will ofcourse have a greater need for external comm's and will require reliable contact if SR is down. Safe-mail seems safe enough if used correctly. PGP is definitely a must after recent events. Safe-mail with TOR and PGP and never using it for anything other than SR and related anonymous activities. Ill stay with Safe-mail until advised of better alternative but like I said I barely use it anyway.

[palmergbl]

Is safe mail total free of charge to use or do you have to pay to sent emails? I am asking because I have an account there and since I sent one email when I opened this account I cant sent or compose another, it is like the option "compose" is not working when I click on it. Is it that I have to upgrade my safe mail or whatever for the compose button to work, anyone has the same problem?

[Amnesic]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

DieAntwoord (fucking great musicians btw) is right, using the forums with PGP is probably the best way security-wise to communicate. Also, I think everyone should be forced to fill the PGP section in their profile and everytime you message another user it would be automatically encrypted with their key, just like BMR's auto-encrypt feature.

And to palmergbl, yes it is free. They supposedly give 3MB of storage on their free plan. I'm not sure what's going on with your compose button as I don't use safe-mail.

-----BEGIN PGP SIGNATURE-----
iLsEAQEIACUFAlJYAQweHEFtbmVzaWMgPGFtbmVzaWNAYW1uZXNpYy5jb20+AAoJ
EIHTmj3yYEm2+QIEAKKVG68+D4veJqSo2uY1xRkx1mSYOnajL6+RyNpVhltPNht/
7hB+x0Cn6LsrDPWvs8uyfbbV306sO3WLyzvwfd3g745uRoQMh6OZae28chZE6yQd
gt8RUd1tPBzqZr2F6AFd9wp/ONaxg44X5ejWrWT8Dx4ucWunXBYvAuF2JH8c
=bbgQ
-----END PGP SIGNATURE-----

[wretched]

auto-encrypting is for the birds. There is no way to trust that it is only being encrypted with the key of the intended recipient. Take responsibility for your own safety and learn to use the simple gpg commands to ensure that what you want kept secret remains secret!

[Bibi Netanyahu]

As the Israeli prime minister i want to give a comment about one thing:
There's no connection between Ehud Barak and Barak company. It's just a name that means in hebrew "Lightning".
And if it's dick's cut, doesn't mean it's Mossad behind it too.

Anyway, i don't think that safe-mail is a safe alternative to TorMail.

[Bungee54]

As the Israeli prime minister i want to give a comment about one thing:
There's no connection between Ehud Barak and Barak company. It's just a name that means in hebrew "Lightning".
And if it's dick's cut, doesn't mean it's Mossad behind it too.

Anyway, i don't think that safe-mail is a safe alternative to TorMail.

 

[anontoker]

auto-encrypting is for the birds. There is no way to trust that it is only being encrypted with the key of the intended recipient. Take responsibility for your own safety and learn to use the simple gpg commands to ensure that what you want kept secret remains secret!

Question(s): Is the reason auto-encryption doesn't work well is because it requires so many cpu cycles that it can cause heavy server load, giving more room for encryption errors?
Or is that we have seen no evidence that it can be trusted?

Otherwise, using our own keys seems to be fairly secure. Only we could read them in theory.

[flwrchlds9]

Any e-mail is safe if you encrypt your messages.

No auto-encrypt anything. Cannot put trust into 3rd party.

[wretched]

No auto-encrypt anything. Cannot put trust into 3rd party.

this

[palmergbl]

And to palmergbl, yes it is free. They supposedly give 3MB of storage on their free plan. I'm not sure what's going on with your compose button as I don't use safe-mail.

Thanks for the answer Amnesic! I always will use PGP no matter what! And to answer my one question, just in case anybody else has the same problem, I couldnt compose the massage because I disabled Java. When I turn Java on its all right again to compose.

I cant sent or compose another, it is like the option "compose" is not working when I click on it. Is it that I have to upgrade my safe mail or whatever for the compose button to work, anyone has the same problem?

[rothchild]

as long as you use encryption and secure method of browsing you can use many email clients

That only protects you from them to view the contents of your communication.
But that doesn't defend you from them knowing who you are communicating with, and their IP address.

For me, it is completely clear that safe-mail is a honey-pot.

Use bitmessage.ch and read their FAQ:

http://bitmailendavkbec.onion/faq.html

At least they assure you that everything is stored encrypted, and you can use their webmail using Tor, so you can protect your IP. Plus they are located in Switzerland, so they are not forced to retain information because they don't have that kind of law (or I think so).

[Fluffhead!]

When I turn Java on its all right again to compose.

Dude. Keep javascript OFF AT ALL TIMES ON YOUR TOR BROWSER.  Read through this thread someone mentioned above how to get it to work without java

[Gregory House]

Quick tip about the javascript, When you log in if you select the "fast" icon from the drop down menu it lets you log in and use the service with no javascript.  Definitely always keep javascript disabled.

Thank you that had been pissing me off all day trying to use it.

[Nightcrawler]

And to palmergbl, yes it is free. They supposedly give 3MB of storage on their free plan. I'm not sure what's going on with your compose button as I don't use safe-mail.

Thanks for the answer Amnesic! I always will use PGP no matter what! And to answer my one question, just in case anybody else has the same problem, I couldnt compose the massage because I disabled Java. When I turn Java on its all right again to compose.

I cant sent or compose another, it is like the option "compose" is not working when I click on it. Is it that I have to upgrade my safe mail or whatever for the compose button to work, anyone has the same problem?

If you turn Java on, you're screwed. You might as well abandon the account. There is a 'no scripts' option you can select from the drop-down when you login.
Again, if you enable Java, you're risking having your real IP address harvested.

Nightcrawler
4096R/BBF7433B 2012-09-22 Nightcrawler <Nightcrawler@SR>
PGP Key Fingerprint = D870 C6AC CC6E 46B0 E0C7  3955 B8F1 D88E BBF7 433B

[oracle]

All people need to do is stop being lazy and learn PGP. I know it seems intimidating at first but once you wrap your head around it it gets easier. Encrypting your emails with PGP is the way to go..

The crux of the matter. There's no reason NOT to use PGP other then sheer laziness or incompetence. If you're too lazy to figure it out, you will pay the price.
If you're too incompetent or your intellect is inferior to most.. then you shouldn't be involving yourself in things that could/will harm or penalize you legally.

Safe-mail could be be run by the top Mossad and CIA techs for all it matters. If you're using strong PGP encryption, it doesn't matter.. the contents of your communications are safe. And if you're logging into the service via TOR, your location can not be determined.

It is as simple as that.

[Sn4ppy]

You should use countermail.com - It is the most secure email provider(Also they are located in Sweden that have laws making law enforcements unable to retrive any information, they dont log ip adresses, and they have a lot of extra security meassures to protect our privacy! You can also pay with bitcoin to be completely anonymous! I love countermail !

[DBRDT]

What do you guys think of the practical use of Cryptocat? Or would this not be secure enough for you?

[cosmictourist]

What do you guys think of the practical use of Cryptocat? Or would this not be secure enough for you?

I haven't read much discusson of Cryptocat on the forums, so you might have to do your own research. Start here: https://en.wikipedia.org/wiki/Nadim_Kobeissi#Cryptocat_vulnerability.

[MisterHyde]

I disconnect my internet connection when I am decrypting, composing, and encrypting messages. Internet is just to receive, copy, paste, and send. I figure this would solve many of the concerns most would have, but perhaps my simplistic view is lacking some basics?

I also do this unless I am actively using my internet connection. Sounds like a pain, but I don't mind. Don't see how much more secure you can get than that (on top of standard precautions while in use of course).

[Milkdud]

I disconnect my internet connection when I am decrypting, composing, and encrypting messages. Internet is just to receive, copy, paste, and send. I figure this would solve many of the concerns most would have, but perhaps my simplistic view is lacking some basics?

I also do this unless I am actively using my internet connection. Sounds like a pain, but I don't mind. Don't see how much more secure you can get than that (on top of standard precautions while in use of course).

you forgot to rap your head in aluminum foil and stick it in the mircrowave to get rid of the gps emitters in your fillings.

[cosmictourist]

I disconnect my internet connection when I am decrypting, composing, and encrypting messages. Internet is just to receive, copy, paste, and send. I figure this would solve many of the concerns most would have, but perhaps my simplistic view is lacking some basics?

I also do this unless I am actively using my internet connection. Sounds like a pain, but I don't mind. Don't see how much more secure you can get than that (on top of standard precautions while in use of course).

Malware/keyloggers don't switch off when you disconnect, they're smarter than that. To do what you want to do, you need to have an 'air gap' - encrypt and decrypt on a separate machine, never connected to the internet or any network.

[MisterHyde]

I disconnect my internet connection when I am decrypting, composing, and encrypting messages. Internet is just to receive, copy, paste, and send. I figure this would solve many of the concerns most would have, but perhaps my simplistic view is lacking some basics?

I also do this unless I am actively using my internet connection. Sounds like a pain, but I don't mind. Don't see how much more secure you can get than that (on top of standard precautions while in use of course).

you forgot to rap your head in aluminum foil and stick it in the mircrowave to get rid of the gps emitters in your fillings.

Oh. Understood.

[MisterHyde]

@cosmictourist   Ah, thanks for the advice. Simple!

[pperez664]

I just took the time (this week) to learn about pgp and now I think its fuckin great and I would never again send unencrypted personal messages without using pgp. I would like to thank the OP and anyone else pushing this pgp encryption agenda. If your as anti government as iam you should really fuckin be using pgp!

[eatp2p]

OP has a point.
Here's are some more analyzing results (CLEARNET*WARNING*)
https://www.ssllabs.com/ssltest/analyze.html?d=safe-mail.net

[kaliforniaProducts]

torbox seems to be working fine, you can only send emails to other torbox addresses.

http://torbox3uiot6wchz.onion

kP

[sammyjankis]

i would GLADLY move from safe-mail if i could find a better alternative.... after this shit went down i need to find a way and here is what i found after a lot of searching...

countermail.com - nope they won't let you use your existing key.  nobody goes for that around these parts.  changing your key is like being seen at the federal building it seems.

neomailbox - nope same.

riseup - i wish i could find some way to get an account damnit!!

hushmail - i'm not even going to address this one.

it was strike out after strike out.

i have claws but then i need domain mail, which i'mnot sure is any safer and that's a whole day of learning too.  just sucks tormail is gone.  i use pgp anyway, but man everyone had a fucking tormail.  no need for an address book it was just username@tormail

[Nightcrawler]

i would GLADLY move from safe-mail if i could find a better alternative.... after this shit went down i need to find a way and here is what i found after a lot of searching...

countermail.com - nope they won't let you use your existing key.  nobody goes for that around these parts.  changing your key is like being seen at the federal building it seems.

neomailbox - nope same.

riseup - i wish i could find some way to get an account damnit!!

hushmail - i'm not even going to address this one.

it was strike out after strike out.

i have claws but then i need domain mail, which i'mnot sure is any safer and that's a whole day of learning too.  just sucks tormail is gone.  i use pgp anyway, but man everyone had a fucking tormail.  no need for an address book it was just username@tormail

pub  1023R/79A0C4CB  created: 2013-08-30  expires: never       usage: SCEA
[ unknown] (1). sammyjankis <sammyjankis@fakemail.com>

You need to get rid of this key IMMEDIATELY! 1024-bit keys were abandoned by the PGP developers in the Fall of 2009, some 4 years ago now.

Here's what mine looks like:

pub  4096R/BBF7433B  created: 2012-09-22  expires: never       usage: SC 
sub  4096R/FF98C3EA  created: 2012-09-22  expires: never       usage: E   
[ultimate] (1). Nightcrawler <Nightcrawler@SR>
[ revoked] (2)  Nightcrawler <Nightcrawler1@tormail.org>
[ultimate] (3)  Nightcrawler <Nightcrawler@SR2>

Furthermore, you have no encryption sub-key. Keys like this, used for both signing and encryption were, under certain circumstances, found to leak secret key bits making them easier to break.

That is why the PGP/GPG developers switched to a dual-RSA keyformat in the Fall of 2009, when they raised the default key-size to 2048-bits. As a vendor, you would be well advised to generate a standards-compliant 4096-bit key.

Nightcrawler
4096R/BBF7433B 2012-09-22 Nightcrawler <Nightcrawler@SR>
PGP Key: http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090
PGP Key Fingerprint = D870 C6AC CC6E 46B0 E0C7  3955 B8F1 D88E BBF7 433B

Security is a bit like religion... some things have to be taken on faith.
Where security differs from religion is that security is NOT retroactive.
Unlike Christianity, where you can come to Jesus, be 'saved' and have all
your sins washed away, with security you can adopt Tails or PGP, and be
secure from that point forward, but rest assured that your previous sins
(security failings) WILL come back to haunt you and bite you in the ass.
The original DPR is the poster child for that, right now.

[Cailieg]

i would GLADLY move from safe-mail if i could find a better alternative.... after this shit went down i need to find a way and here is what i found after a lot of searching...

countermail.com - nope they won't let you use your existing key.  nobody goes for that around these parts.  changing your key is like being seen at the federal building it seems.

neomailbox - nope same.

riseup - i wish i could find some way to get an account damnit!!

hushmail - i'm not even going to address this one.

it was strike out after strike out.

i have claws but then i need domain mail, which i'mnot sure is any safer and that's a whole day of learning too.  just sucks tormail is gone.  i use pgp anyway, but man everyone had a fucking tormail.  no need for an address book it was just username@tormail

Two I am checking out atm are URSS and Lelantos. Lelantos costs .047 btc for a lifetime account, URSS is free and based in Russia (who gave Snowden asylum so not as US friendly)

Both are Onion based. If anyone knows anything negative about them please speak up.

http://lelantoss7bcnwbv.onion/index.html -lelantos

http://f3ljvgyyujmnfhvi.onion/ - URSS

Cheers.

[Artist]

Maybe I missed something but I'm not so sure why everyone is so up in arms about email providers. If you can access your webmail service through tor with javascript disabled then it should be good enough (assuming it is reliable). If you use PGP in combination with TOR I don't see much to worry about. There is no perfect security for email in its current state. The protocol used for mailing does not have a good way of otherwise implementing encryption. Any webmail provider, regardless of what they say (I'm looking at you Lavabit) can likely read your emails if they really wanted to. End-to-end encryption (PGP) must be utilized for maximum security and to prevent this.

Artist

[sammyjankis]

yeah, i know about my key... .to bad i didn't when i made it.

while i guess they could break it if they had a LOT of time on there hands..... have you ever seen a person/vendor change their key on the darknet?  oh jesus christ.

otherwise it takes a minute i'd do ti right now.  but i'd have to set aside a whole day just ot answer PM, post, and the like on three different boards and my badass safe mail account.  sorry, but no fucking thanks.   

i'll get around to it though.  its just tacky to have some lowgrade shit, even a pgp key.

[red5]

There are two GREAT technologiesfor keeping us safe
PGP
Tor
E-mail is not a perfect way to communicate, but it is BETTER when you use our best weapons to keep us safe

We are here, on the Darknet, talking in private. We KNOW that places this offer us BETTER security than ANYTHING on the clearnet -- from legal and governmental pressure specifically

Its not JUST about the e-mail content (which you can PGP encrypt) - the other problem on clearnet e-mail providers are the "meta data" from the e-mail... To.  From. Date. Time. Original Destination. Etc.... What happens if the person you e-mailed gets compromised... and they get their pgp key.... LE then goes and raids the mail server's clearnet physical address to get all the e-mail data (along with THOUSANDS of other users at the same time)
Use the benefits of PGP AND Tor.
My personal legal security issue with Safe-mail.net is that they also clearly allow CP and "guns for hire" sort of activity - I believe this makes them a HOT target for future LE raids.

If you only need to communicate within Tor.. I suggest Torbox3uiot6wchz.onion

If you need a regular e-mail address that routes to the whole Internet.. I suggest Lelantoss7bcnwbv.onion

I don't recommend URSS -- these guys are clearly not experienced in running servers and have alot of downtime.
f3ljvgyyujmnfhvi.onion/ - URSS
Read THIS before you choose URSS..http://jv7aqstbyhd5hqki.onion/viewtopic.php?f=f&t=174
----quote----
"- pG wrote:We actually had a few problems with $$$. It's only me and 1 more guy that are paying for all the costs. So we gone offline till I could manage a way to pay the hosts. It's not easy to maintain 3 different hosts by myself. But a managed to pay them, so we are up and running again for at least another month. We sure are secure and trusted. I'll not ask for money. My priority here is to have a great service and to contribute with de DW. Anyone that can help us and feel like helping, it will be welcome.
URSSMail is up and running again. Any questions, please do.---
Re: URSSMail the new anonymous and truly SECURE email host o
Postby Guest » Sun Sep 29, 2013 3:43 pm
Lol, seems like someone's a little poor and begging for money to run a service that never worked int he first place
----quote----


And please... if you have any exposure to safe-mail.net or any other clearnet provider --- move now before something like Tormail.org happens... massive raid and servers seized.

Stay safe

[Mr.X]

Last april I decided to invest 1000 into BTC right after the market crash. I put the coins into my account on bitstamp.net. To open an account I had to list a go-to email address. I used my tormail.org account

After a couple weeks I forgot my password, and bitstamp was kind enough to send me an email with all my account information. As luck would have it, however, that was the period of time that tormail was shut down for like three or four weeks with no explanation as to why no member could log in.

For three or four weeks I thought I had just lost 1000 dollars. Eventually I was able to access my account recovery info however, and I wrote my username and password down in an offline note file. Ever since then I refuse to use any anonymous email service.

P.S: I ended up spending all 1000 dollars on SR drugs, but with the inflation of BTC, and the amount of drugs that I sold, I ended up getting $1000 of drugs for about $200. If only I knew what the exchange rate would have been today. I would've made like $3000 dollars. I'm a dingus

[Synergy]

If no safe-mail.net, who is recommended that is "safe" to use?

After looking into this myself I have given up trying to find a safe option for now. The best you can do is use a clearnet provider hosted in a country like Russia, accessed over Tor of course and PGP everything.

Synergy

[holog1n]

fuck really, we need just to stay safe using PGP and thats it, i think there's any reliable mail to use, simple as that, encrypt and encrypt everything.

[Roo_Juice]

Thanks for that. best use a false IP and pgp as well

[Synergy]

fuck really, we need just to stay safe using PGP and thats it, i think there's any reliable mail to use, simple as that, encrypt and encrypt everything.

You also need to be mindful of what metadata you are transmitting, it's not just the email content you need to be security conscious about.