Frequently Asked Questions:
Can I send/receive emails with people with other email providers?Does Splintermail have webmail access?
What does the Splintermail application do?
Why can't my email client read Splintermail emails without the Splintermail application?
How does Splintermail encryption work?
How does Splintermail protect incoming email?
What about TLS encryption?
What about PGP encryption?
Are outgoing emails encrypted?
Can I send/receive emails with people with other email providers?
Yes. Splintermail sends and receives email using standard protocols, so communicating with users of other "normal" email providers is not an issue. The difference is that on our server, your emails are stored completely encrypted so that only you can read them, while with many other email providers, the server reads through your email looking for information useful to the provider.
Does Splintermail have webmail access?
No, not yet.
What does the Splintermail application do?
The splintermail
application implements CITM, or crypto-in-the-middle, which is Splintermail's model for storing fully-encrypted emails on our server while still allowing users to read them in unmodified third-party email clients. When you run the splintermail
application on your computer, it downloads the fully-encrypted emails from Splintermail's server, decrypts them locally, and passes the unencrypted emails to your email client.
You can find the source code for the splintermail
application here.
Why can't my email client read Splintermail emails without the Splintermail application?
Splintermail encrypts emails in their entirety (including metadata), which means emails stored on Splintermail's servers are secure, but not standards-compliant. That means that an unmodified email client would not be able to handle the emails if they were downloaded directly from the Splintermail server.
How does Splintermail encryption work?
- 3rd party email services send us unencrypted emails, which we encrypt as soon as we receive them, metadata and all.
- Encrypted emails cannot be decrypted until they reach your computer.
- You can read your email using any standard mail client (thunderbird, outlook, mutt, etc).
3rd party's Splintermail Your computer
server server _____________________
_____________ ____________ | ____ ____________ |
| | | | || | | ||
| 3rd party | |Splintermail| ||CITM| |Email client||
|email service| |____________| ||____| |____________||
|_____________| |__^__________^_______|
^ ^ ^
^ ^ ^ ^
^ ^ ^ ^
^ ^ ^ ^
sends email stores decrypts you still use
unencrypted everything email on your regular
encrypted your computer email client
How does Splintermail protect incoming email?
To, From
Splintermail receives Subject
unencrypted email Message
from any email domain: v
v
___v___
/ v \
/____v____\
Splintermail stores |\_________/|
message encrypted to | |
a key generated | Encrypted |
on your computer: |___________|
___________
We couldn't read |\ /|
your email or give | \_______/ |
it away even if | Encrypted |
we wanted to. |___________|
___________
On your computer | |
our software | |
decrypts the email: | _________ |
|/____v____\|
\ v /
\___v___/
v
To, From
Subject
Message
v
_______v______
Your email client | Thunderbird, |
connects directly | Outlook, |
to our software | Mutt, or |
to read your email | whatever |
like normal: |______________|
What about TLS encryption?
TLS is a completely separate, but complementary, layer of encryption than what Splintermail offers (although we use TLS everywhere we can, as well).
TLS encryption is used between email servers as your email is routed to its destination. It is encryption for data during transport. TLS encryption prevents outside computers from reading the contents of your email during that process, but it doesn't prevent those email servers from reading the contents of your email. To a certain extent, those email servers need to be able read the contents of the email so they know where to relay it to next.
Splintermail encryption is applied to emails before they are stored on our server for our own users. It is encryption for data at rest. Splintermail encryption ensures that after your email has reached your inbox our server, nobody (not even us) could ever read it, except you.
What about PGP encryption?
As with TLS encryption, PGP (or GPG) encryption is another completely separate, but complimentary, layer of encryption. However, unlike TLS encryption or Splintermail encryption, PGP encryption is something that must be manually set up by both the sender and the receiver of an email.
PGP is powerful because it hides the body of an email from the email servers that relay the email, while allowing them to continue to read the email headers, so they can successfully relay the email to its destination.
However, because PGP encryption only encrypts the body of the email, the metadata of the email (To, From, Sender, etc) is not encrypted at all. Many users also find it to be difficult to set up, and it must be set up and maintained manually.
Nonetheless, we encourage the use of PGP encryption whenever possible, as Splintermail encryption can only be applied to incoming mail (see Are outgoing emails encrypted?).
Are outgoing emails encrypted?
Yes and no. Yes, the Splintermail server always attempts to use TLS encryption when sending outgoing mail (we can't control if the receiving email server supports it, but most do). But no, the full encryption that Splintermail applies to incoming mail cannot be applied to outgoing mail. For the same reason that a standard email client can't read a fully-encrypted message without help, other email servers would be unable to relay a fully-encrypted email to its destination.
Note that for mail sent between two Splintermail users, neither the contents nor the metadata of an email are ever exposed beyond our server, where they are both promptly encrypted to the receiving user.
To protect as much of your email content as possible, we encourage the use of PGP encryption (perhaps via GNU Privacy Guard) whenever possible.
Note: although it is not possible for us encrypt outgoing email the way we encrypt incoming mail, there is good news. The Darkmail Technology Alliance is working to develop the Dark Internet Mail Environment (DIME), a new standard for sending and receiving email. DIME will support complete end-to-end encryption (including metadata) for all email communication, even between multiple email services (if they both support DIME). Splintermail will support DIME as soon as possible after the standard is completed.