Провайдеры электронной почты, или кого выбрать

  • Автор темы Admin

Admin

#1
Администратор
Регистрация
31.12.2019
Сообщения
6,888
Реакции
25
Отличная статья об Анонимный e-mail. Обсуждаем максимально защищённую и надёжную почту.

Список для обсуждений:
- Google, Яндекс, Outlook, Yahoo -
  • Hushmail -
  • VFEmail -
  • FastMail -
  • ProtonMail -
  • Scryptmail (сдох)-
  • Criptext -
  • Soverin -
  • SAFe-mail (safe-mail.net) -
  • OpenMailBox (сдох) -
  • Runbox -
  • Mailfence -
  • Safe-Mail (safe-mail.nl) -
  • Neomailbox -
  • Mailbox.org -
  • Secmail.pro -
  • CTemplar -
  • KolabNow -
  • Teknik -
  • Tutanota -
  • Autistici -
  • StartMail -
  • Dismail -
  • Cock.li -
  • Paranoid.email -
  • CounterMail -
  • Posteo -
  • Disroot -
  • Elude -
  • RiseUp -
  • Временный e-mail -

digdeeper.neocities.org/ghost/emailrus.html#encryption

Таблица со сравниением разных сервисов

prxbx.com/email/

https://dismail.de/serverlist.html

Список бесплатных почтовых серверов

MECSA CONFIDENTIAL DELIVERY [1]
MECSA PHISHING AND IDENTITY THEFT [1]MECSA INTEGRITY OF MESSAGES [1]IMAPS [3]POP3S [3]SMTPS [3]SMTP [3]DANESTARTTLS Everywhere [5]MTA-STS[6]DMARCSPF [8]DKIMMFA[10]Mozilla ObservatorySSL LabshtbridgeCrypt Checksecurity headersHSTS preload listCAAReferrers leakedCookiesThird-party requestsThird-parties contactedGeoIP (mx)Comments
mailbox.org5.0 / 5.05.0 / 5.05.0 / 5.084 (A+)84 (A+)84 (A)84 (A)YesYesTestingDisabledSoftfailYesYesA+A+A+A+AYesYesPartially300Germanygoogle captcha
posteo.de5.0 / 5.05.0 / 5.05.0 / 5.081 (A+)81 (A+)81 (A+)81 (A)YesQueuedTestingDisabledSoftfailYesYesB+A+A+A+AYesYesNo100Germany
dismail.de5.0 / 5.05.0 / 5.05.0 / 5.096 (A+)X96 (A+)84 (A+)YesYesYesRejectRejectYesYesA+A+A+A+A+YesYesNo000Germany
snopyta.org5.0 / 5.05.0 / 5.05.0 / 5.096 (A+)96 (A+)90 (A)84 (A)YesQueuedYesQuarantineRejectYesToDoA+A+A+A+A+YesYesNo000Finland
systemli.org5.0 / 5.05.0 / 5.05.0 / 5.084 (A)84 (A)84 (A)84 (A)YesYesYesReport onlySoftfailYesNoA+A+A+AAYesYesNo000Saint Kitts and Nevis
disroot.org5.0 / 5.05.0 / 5.05.0 / 5.084 (A)84 (A)84 (A)TimeoutYesNoTestingReport onlyRejectYesYesBA+A+A+AYesNoNo100Netherlands
riseup.net5.0 / 5.05.0 / 5.05.0 / 5.084 (A)84 (A)TimeoutTimeoutYesNoTestingDisabledRejectYesNoA+A+A+AAYesYesLeaked000United States
mail.de5.0 / 5.05.0 / 5.05.0 / 5.069 (B)69 (B)69 (B)69 (B)YesYesYesReport onlySoftfailYesYesBA+A+BAYesYesNo000GermanyPunkt 2 in der Datenschutzerklärung beachten; google captcha
protonmail.com5.0 / 5.05.0 / 5.05.0 / 5.0XXX84 (A)YesYesYesQuarantineSoftfailYesYesBA+A+A+BYesYesPartially211Switzerland
tutanota.com5.0 / 5.05.0 / 5.05.0 / 5.0XXX64 (B)YesYesNoDisabledRejectYesYesA+A+A+A+AYesNoNo000Germany
mailfence.com4.0 / 5.04.5 / 5.05.0 / 5.084 (A)84 (A)84 (A)84 (A+)NoNoYesQuarantineRejectYesYesB+A+A+A+AYesNoNo100France
gmail.com4.0 / 5.04.5 / 5.05.0 / 5.053 (C)53 (C)53 (C)53 (C)NoYesTestingReport onlySoftfailYesYesA-AA+CAYesNoLeaked253United StatesTypes of information google collects
kolabnow.com5.0 / 5.05.0 / 5.05.0 / 5.0TimeoutXXAYesNoNoQuarantineRejectYesToDoB+A+A+A+ANoYesNo311Switzerland
lavabit.com5.0 / 5.05.0 / 5.05.0 / 5.069 (B)69 (B)69 (B)TimeoutYesQueuedNoRejectRejectYesToDoDAACDNoNoLeaked000United States
systemausfall.org4.0 / 5.04.5 / 5.05.0 / 5.084 (A)84 (A)X84 (A)NoYesYesNoSoftfailYesToDoBA+A+A+AYesYesNo100Germany
mailjunky.de4.0 / 5.04.5 / 5.05.0 / 5.0XXXTimeoutNoQueuedYesReport onlySoftfailYesToDoBA+A+A+AYesYesLeaked4137Germany
vivaldi.net4.0 / 5.04.5 / 5.05.0 / 5.069 (B)Timeout53 (F)53 (F)NoQueuedNoRejectRejectYesNoC-A+ACCYesYesLeaked422Iceland
directbox.com5.0 / 5.05.0 / 5.05.0 / 5.068 (C)68 (C)84 (F)84 (F)YesNoNoReport onlyRejectYesToDoB+AA+AANoNoLeaked100Germany
netcologne.de4.0 / 5.04.5 / 5.05.0 / 5.084 (A)84 (A)X84 (A)NoNoNoQuarantineSoftfailYesToDoCAA+CBNoNoLeaked368037Germany
fastmail.com4.0 / 5.04.5 / 5.05.0 / 5.053 (C)53 (C)53 (C)TimeoutNoNoNoReport onlySoftfailYesYesA+A+ACAYesNoLeaked442United Statesgoogle captcha
aol.com4.0 / 5.04.5 / 5.05.0 / 5.053 (C)53 (C)XFNoYesNoRejectSoftfailYesYesDA-ACANoNoPartially136346103United States
5x2.de4.0 / 5.04.5 / 5.05.0 / 5.053 (C)X53 (C)53 (F)NoNoNoQuarantineRejectYesToDoFA-ABFNoYesLeaked842Russian Federation
icloud.com4.0 / 5.04.5 / 5.05.0 / 5.053 (C)XXToDoNoYesNoQuarantineSoftfailYesToDoC+A-A+BBNoNoLeaked3504United States
outlook.com4.0 / 5.04.5 / 5.05.0 / 5.053 (C)53 (C)X53 (C)NoYesNoReport onlyRejectYesYesDAA+CCNoNoLeaked3425United States
web.de5.0 / 5.04.5 / 5.04.0 / 5.053 (C)53 (C)X53 (C)YesQueuedTestingNoRejectNoNoFA+A+CBYesNoPartially5521057Germany
gmx.de5.0 / 5.04.5 / 5.04.0 / 5.053 (C)53 (C)53 (C)53 (C)YesNoNoNoRejectNoNoFA+A+CBYesNoPartially6022761Germany
mail.yandex.ru4.0 / 5.04.5 / 5.05.0 / 5.041 (F)41 (F)53 (C)TimeoutNoYesNoReport onlySoftfailYesYesB-AA+FBNoYesLeaked9452Russian Federation
hushmail.com4.0 / 5.03.5 / 5.03.5 / 5.069 (B)69 (B)69 (B)TimeoutNoNoNoQuarantineRejectYesYesDAA+BBNoNoLeaked200United States
autistici.org3.5 / 5.04.5 / 5.03.5 / 5.0X69 (B)69 (B)69 (B)NoNoNoNoRejectYesToDoCAABBNoNoLeaked000France
runbox.com4.0 / 5.03.5 / 5.03.5 / 5.068 (C)68 (C)68 (C)68 (C)NoQueuedNoReport onlyRejectYesYesBA+A+CANoNoLeaked100Norway
cock.li4.0 / 5.03.5 / 5.03.5 / 5.069 (B)69 (B)69 (F)69 (F)NoNoNoNoRejectYesToDoDA+A+BDYesNoLeaked200Romania
startmail.com4.0 / 5.03.5 / 5.03.5 / 5.053 (C)XX53 (C)NoNoNoNoSoftfailYesYesFA+A+BFNoNoLeaked100Netherlands
danwin1210.me0.0 / 5.04.0 / 5.03.5 / 5.069 (B)69 (B)69 (B)69 (B)NoNoNoQuarantineRejectYesToDoD-A+A+BAYesNoPartially100France
freenet.de5.0 / 5.03.5 / 5.02.0 / 5.069 (B)69 (B)69 (B)TimeoutNoNoNoNoSoftfailNoNoCA+A+CA+NoYesNo134543149Germany
schokokeks.org4.0 / 5.03.0 / 5.02.0 / 5.0ToDoToDoToDoBNoQueuedYesNoRejectNoToDoB+A+A+BAYesYesLeaked100Germany
arcor.de4.0 / 5.03.0 / 5.02.0 / 5.053 (F)XXTimeoutNoNoNoNoRejectNoToDoFA-A-CDNoNoLeaked7929691Netherlands
skymail.de4.0 / 5.03.0 / 5.02.0 / 5.0ToDoToDoToDoToDoNoNoNoNoRejectNoToDoFAA+BFNoNoLeaked032Germany
ok.de4.0 / 5.03.0 / 5.02.0 / 5.068 (F)68 (F)88 (A+)88 (A+)NoNoNoNoRejectNoToDoFBBCFNoNoLeaked3720849Germany
firemail.de4.0 / 5.03.0 / 5.02.0 / 5.0ToDoToDoToDoToDoNoNoNoNoSoftfailNoToDoFFBBFNoNoLeaked4138United StatesAdvertising
netcourrier.com4.0 / 5.03.0 / 5.02.0 / 5.069 (B)69 (B)69 (B)41 (F)NoNoNoNoRejectNoToDoDBDFDNoNoLeaked1191France
gandi.net4.0 / 5.03.0 / 5.02.0 / 5.069 (B)69 (B)69 (B)69 (B)NoNoNoNoRejectNoToDoB-AACBNoNoLeaked200France
eclipso.de4.0 / 5.03.0 / 5.02.0 / 5.069 (B)69 (B)69 (B)TimeoutNoNoNoNoRejectNoToDoC+A+ACBNoNoLeaked200Germanygoogle captcha, Advertising
ownbay.net4.0 / 5.00.0 / 5.03.0 / 5.084 (A)94 (A)??NoNoNoNoSoftfailNoToDoBA+A+AANoNoPartially255Germanygoogle captcha
t-online.de4.0 / 5.00.0 / 5.02.0 / 5.053 (C)53 (C)53 (M)CNoNoNoNoNoNoNoFAA-CFNoNoLeaked11623891Germany
emailn.de4.0 / 5.00.0 / 5.02.0 / 5.0XXXFNoNoNoNoRejectNoToDoDAACDNoNoLeaked53512Germanygoogle captcha, Advertising
online.de4.0 / 5.00.0 / 5.02.0 / 5.053 (C)53 (C)53 (C)69 (B)NoNoNoNoNoNoToDoFAABFNoNoLeaked10513063Germany1und1.de
so36.netToDoToDoToDo84 (A)84 (A)84 (A)84 (A)YesNoNoNoNoToDoToDoD+A+A+ADNoNoLeaked000Germany
immerda.chToDoToDoToDo84 (A)84 (A)96 (A)TimeoutNoNoNoNoSoftfailToDoToDoB+AA+AANoNoLeaked000Switzerland
tchncs.deToDoToDoToDo84 (A)84 (M)TimeoutNo TLSNoNoNoReport onlyNeutralToDoToDoBA+A+A+ANoNoPartially300Germany
hosted.mailcow.deToDoToDoToDo69 (B)69 (B)69 (B)69 (B)YesNoNoNoNeutralToDoToDoBA+ACBNoNoNo100Germany
tuffmail.comToDoToDoToDo69 (B)69 (B)69 (B)TimeoutNoNoNoNoSoftfailToDoToDoDA+A+BDNoNoLeaked000United States
zoho.euToDoToDoToDo53 (F)53 (F)53 (F)53 (F)NoNoNoQuarantineRejectToDoToDoFA+A+BDNoNoLeaked132211Switzerland
zoho.com4.0 / 5.03.0 / 5.02.0 / 5.0FFFFNoNoNoRejectRejectNoToDoFA+A+CDNoNoLeaked184215United States
mail.comToDoToDoToDoCCCTimeoutNoNoTestingNoRejectToDoNoD-A+A+CDYesNoLeaked5111331United States
mail.lilo.orgToDoToDoToDoFXXCNoNoNoReport onlyNeutralToDoToDoD+A+ACDNoNoLeaked240France
aikq.de4.0 / 5.03.0 / 5.02.0 / 5.0BBBBNoNoNoNoSoftfailToDoToDoDA+A+CDNoNoLeaked173Germany
virginmedia.comToDoToDoToDoCCCFNoNoNoQuarantineSoftfailToDoToDoFABBDNoNoLeaked336432Netherlands
pobox.comToDoToDoToDoBBBTimeoutNoNoNoReport onlyNeutralToDoYesB+AA+BANoNoLeaked432United States
strato.deToDoToDoToDoCCCFNoNoNoNoNoToDoToDoFA+A+CFNoNoLeaked141510Germany
mail.ruToDoToDoToDoTimeoutFFTimeoutNoNoNoRejectSoftfailToDoYesC+A+ACANoNoLeaked389839Russian Federation
countermail.comToDoToDoToDoFXFBNoNoNoNoSoftfailToDoToDoC+CBBDYesNoLeaked000Sweden
biomail.deToDoToDoToDoAAToDoToDoNoNoNoNoRejectToDoToDoFAACFNoNoLeaked000Germany
greensta.deToDoToDoToDoBBFBNoNoNoDisabledSoftfailToDoToDoFAA+BFNoNoLeaked621Germany
yahoo.com4.0 / 5.04.5 / 5.05.0 / 5.053 (C)53 (C)53 (C)TimeoutNoYesTestingRejectNeutralYesYesFAA+CDNoNoPartially1313315United States
unseen.isToDoToDoToDoCCFFNoNoNoNoRejectToDoToDoC+A+A+A+DYesNoLeaked000Iceland
vodafone.deToDoToDoToDoFTimeoutTimeoutFNoNoNoNoRejectToDoToDoFBCCDNoNoLeaked369040Netherlands
cryptix.deToDoToDoToDoMMMCNoNoNoNoNoToDoToDoFCABDNoNoLeaked300Germany
aktivix.orgToDoToDoToDoFFXTimeoutNoNoNoNoSoftfailToDoToDoFA+A+A+FNoNoLeaked200United States
neomailbox.comToDoToDoToDoCFFTimeoutNoNoNoNoSoftfailToDoToDoFABAFNoNoLeaked000Switzerland
goneo.deToDoToDoToDoFFCCNoNoNoNoNoToDoToDoDA+ACDNoNoLeaked141610Germany
bluewin.chToDoToDoToDoFFCCNoNoNoNoSoftfailToDoToDoFAA+BFNoNoLeaked4316144Switzerland
artikel-140.nlToDoToDoToDoFXANo TLSNoNoNoQuarantineRejectToDoToDoD+A+A+A+DNoNoLeaked200Netherlands
free.de4.0 / 5.03.0 / 5.02.0 / 5.0FFANo TLSNoNoNoNoSoftfailNoToDoFBFFFNoNoLeaked000Germanygreylister does not support TLS
inbox.comToDoToDoToDoCXFNo TLSNoNoNoNoSoftfailToDoToDoFBACFNoNoLeaked1195United States
one.comToDoToDoToDoFFFFNoNoNoReport onlySoftfailToDoToDoC-A+A+BDNoNoLeaked215220Denmark
simbamail.de0.0 / 5.04.0 / 5.02.5 / 5.0No TLSNo TLSNo TLSNo TLSNoNoNoYesPassNoYesB+AA+AAYesYesPartially Leaked000Germanygoogle captcha
safe-mail.net3.0 /5.03.0 / 5.01.0 / 5.0???No TLSNoNoNoNoSyntax ErrorToDoToDoFBAFFNoNoLeaked000Israel
islandnet.comToDoToDoToDoFFFTimeoutNoNoNoReport onlyNeutralToDoToDoFBAFFNoNoLeaked343Canada
cox.netToDoToDoToDoFFFNo TLSNoNoNoNoNeutralToDoToDoFNo HTTPSBNo HTTPSDNoNoLeaked180350112United States
teknik.ioToDoToDoToDoFFFFNoNoNoQuarantineSoftfailToDoToDoA+BABAYesNoLeaked200Netherlands
mc-free.com3.0 / 5.00.0 / 5.01.0 / 5.0ToDoToDoToDoToDoToDoNoNoNoNoNoToDoFAA+BFNoNoLeaked595Germany
rediffmail.com3.0 / 5.04.5 / 5.03.5 / 5.0ToDoToDoToDoToDoNoNoNoReport onlySoftfailYesToDoFFToDoTimeoutENoNoLeaked585India
anpa.de3.0 / 5.03.0 / 5.01.0 / 5.0BXBNo TLSNoNoNoNoSoftfailNoToDoFCCFFNoNoLeaked41911NetherlandsHostname Mismatch
netcup.net/deToDoToDoToDoFFFFNoNoNoNoNoToDoToDoFAABFNoNoLeaked200Germany
nixnet.emailToDoToDoToDo69 (B)69 (B)X69 (F)NoNoYesRejectRejectToDoToDoA+A+A+A+AYesYesNo000Germany

To be clear: This list does not want to make any statement about the quality of the email providers or their services. It takes more than just encryption, to provide a secure and reliable email service.

This is a manually created list which might be outdated in some places. In addition, test results may be wrong for various reasons. Please take into account the fact that email providers have to be very cautious when modifying there servers, e.g. to not lock out old clients and to avoid problems when receiving or sending emails.

So, please don't take this list too seriously, and/or try to ...

... understand the test results and the implications they might have:

  • [1] MECSA Technical Details
  • [3] Understanding the CryptCheck results (IMAPS,POP3S,SMTPS,SMTP and HTTPS)
  • [5] STARTTLS Everywhere - prevent/detect downgrade attacks and interception by hosting a preload list.
  • [6] MTA-STS - RFC 8461 (prevent/detect downgrade attacks and interception by publishing MTA-STS policy via HTTPS) has just been relased (September 2018).
    It is currently rarely used, partly because it is quite new (first draft 2016) and partly because it has some very unusual aspects, to say the least.
    Even those who submitted the draft (e.g yahoo, google and microsoft) are not using it.
    Please be aware that a published record does not automatically mean that it will actually be used.
  • [8] Sender Policy Framework (SPF) - RFC7208 (publish the Sender Policy via DNS Record to help receiving hosts to check authorization)":
    "No" - no SPF record
    "Neutral" - must be treated exactly like "none", but some spam filters use it
    "Softfail" - treated as somewhere between "Reject" and "Neutral"
    "Reject" reject message during the SMTP transaction (don't!), or use it for spam rating.
  • [10] Multi-factor authentication (MFA):
    "granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism".
    Some claim to have the only correct/secure implementation, but offer insecure reset functions. I don't want to score such things.
    So, the list only indicates whether there is any kind of MFA or not, regardless of the way it is implemented.
  • more to come



Please feel free to send links, corrections or extra infos to: [email protected] (email/xmpp)

Last update: 2020-01-02

Changes:

  • 2020-01-02: updated: systemausfall.org - SMTP ? -> A; HSTS No -> Yes
  • 2020-01-02: updated: lavabit.com - Security Headers F -> D; Mozilla Observatory F -> D+
  • 2020-01-02: updated: disroot.org - SMTPS X -> 84 (A)
  • 2019-12-12: updated: mail.de - Cookies 4 -> 0; Third-party requests: 6 -> 0; Third-parties contacted: 5 -> 0
  • 2019-12-08: updated: mailbox.org - Mozilla Observatory B+ > A+
  • 2019-11-21: updated: snopyta.org - MECSA 5.0/5.0; 5.0/5.0; 5.0/5.0
  • 2019-11-16: added: snopyta.org, nixnet.email
  • 2019-11-16: updated: mailfence.com - SMTP A(84) -> A+(84); Security Headers A+ -> A; MTA-STS No -> Yes; Mozilla Observatory D+ -> B+; Security Headers F -> A; Referrers Leaked: Yes -> No; Cookies 3 -> 1
  • 2019-10-10: removed: boum.org
  • 2019-10-06: added: vivaldi.net
  • 2019-09-27: updated: tutanota.com - SMTP A(84) -> B(69); Security Headers A+ -> A
  • 2019-09-25: updated: simbamail.de - MECSA 3.0/5.0; 0.0/5.0; 1.0/5.0 -> 0.0/5.0; 4.0/5.0; 2.5/5.0; SMTP ToDo -> No TLS; IMAPS ToDo -> No TLS; POP3 ToDo -> No TLS; SMTPS ToDo -> DMARC No -> Yes; No TLS; Mozilla Observatory F -> B+; CryptCheck B -> A; Security Headers F -> A; HSTS No -> Yes; Referrers Leaked: Leaked -> Partially; Cookies 1 -> 0; Third-party requests: 8 -> 0; Third-parties contacted: 7 -> 0; Google Captcha
  • 2019-09-25: updated: free.de - MECSA 0.0/5.0; 3.0/5.0 0.0/5.0 -> 4.0/5.0; 3.0/5.0; 2.0/5.0
  • 2019-09-20: updated: disroot.org - MFA No -> Yes
  • 2019-09-20: updated: protonmail.com - MECSA 4.5/5.0; 5.0/5.0; 5.0/5.0 -> 5.0/5.0; 5.0/5.0; 5.0/5.0; DANE No -> Yes; MTA-STS No -> Yes; Crypt Check A -> A+; Referrers Leaked: Leaked -> Partially; Third-party requests: 4 -> 1; Third-parties contacted: 4 -> 1; CAA No -> Yes
  • 2019-08-30: updated: runbox.com - MECSA 4.0/5.0; 3.5/5.0; 3.5/5.0 -> 4.0/5.0; 4.5/5.0; 5.0/5.0
  • 2019-07-16: updated: gmx.de- MECSA - 5.0/5.0; 3.5/5.0; 2.0/5.0 -> 5.0/5.0; 4.5/5.0; 4.0/5.0
  • 2019-07-16: updated: disroot.org - STARTTLS Queued -> No; riseup.net - STARTTLS Queued -> No;
  • 2019-05-20: updated: tutanota.com - Mozilla Observatory B -> A+; CryptCheck B -> A+; Security Headers B -> A+; Referrers Leaked Yes -> No; Cookies 2 -> 0
  • 2019-05-20: updated: mailjunky.de - Mozilla Observatory F -> B; SSL Labs B -> A+; CryptCheck C -> A+; Security Headers C -> A; HSTS No -> Yes; CAA No -> Yes
  • 2019-05-20: updated: mailbox.org - Mozilla Observatory A+ -> B+
  • 2019-05-01: updated: protonmail.com - MECSA 4.0/5.0; 4.5/5.0; 5.0/5.0 4.5/5.0; -> 5.0/5.0; 5.0/5.0
  • 2019-04-10: updated: systemausfall.org - MECSA 4.0/5.0; 3.5/5.0; 3.5/5.0 -> 4.0/5.0; 4.5/5.0; 5.0/5.0; MTA-STS No -> Yes
  • 2019-04-10: updated: protonmail.com - MECSA 4.5/5.0; 5.0/5.0; 5.0/5.0 -> 4.0/5.0; 4.5/5.0; 5.0/5.0
  • 2019-04-10: updated: disroot.org - Mozilla Observatory B -> B-; MTA-STS No -> Testing; MECSA 4.5/5.0; 5.0/5.0; 5.0/5.0 -> 5.0/5.0; 5.0/5.0; 5.0/5.0
  • 2019-04-10: updated: mailjunky.de MTA-STS No -> Yes
  • 2019-03-15: updated: riseup.net - MECSA 4.0/5.0; 4.5/5.0; 5.0/5.0 -> 5.0/5.0; 5.0/5.0; 5.0/5.0
  • 2019-03-07: updated: protonmail.com - MECSA 4.0/5.0; 4.5/5.0; 5.0/5.0 -> 4.5/5.0; 5.0/5.0; 5.0/5.0
  • 2019-03-04: updated: free.de - MECSA 3.0/5.0; 3.0/5.0; 1.0/5.0 -> 0.0/5.0; 3.0/5.0; 0.0/5.0
  • 2019-02-27: updated: web.de - MECSA 5.0/5.0; 3.5/5.0; 2.0/5.0 -> 5.0/5.0; 4.5/5.0; 4.0/5.0
  • 2019-02-27: updated: freenet.de - MECSA 5.0/5.0; 0.0/5.0; 2.0/5.0 -> 5.0/5.0; 3.5/5.0; 2.0/5.0
  • 2019-02-26: updated: DANE No -> Yes: disroot.org, riseup.net
  • 2019-02-25: updated: IMAPS, POP3S, SMTPS, SMTP - adding actual score.
  • 2019-02-25: updated: systemli.org - IMAPS, POP3S, SMTPS, SMTP B -> A; yandex.ru - SMTPS F -> C; tutanota.com SMTP B -> Ai; startmail.com IMAPS F -> C; ok.de SMTPS B -> A+; SMTP B -> A+; gandi.net - IMAPS, POP3, SMTPS, SMTP C -> B; immerda.ch AMTPS F -> Ai, mailcow.de SMTP C -> B
  • 2019-02-05: updated: mailbox.org - Mozilla Observatory B+ -> A+
  • 2019-01-29: updated: STARTTLS Everywhere - mail.de Queued -> Yes; mailbox.org Queued -> Yes; systemli.org Queued -> Yes
  • 2019-01-29: removed: Email Security Grader: as noted earlier - Some test results are just plain wrong, for example: for most serious providers the SMTP, IMAP and POP Server addresses are wrong, ESG just assumes they're on the MX Servers. The Open Relay Test results are wrong, if they hit a greylister, or if the provider rejects after the "DATA" part (mail.de). The MX Connection Test result is wrong if some kind of "fake MX" is involved (mailbox.org) ... I'll keep it in the list for now, but will probably remove the column in the future..
  • 2019-01-15: updated: Email Security Grader - posteo.org 78% -> 82%; mailbox.org 91% -> 87%
  • 2019-01-10: added: 2FA - the answer to every single security threat these days (not). Or is it still the NextGen UTM Security (nightmare) Hardware Firewall Appliance with DPI, IDS, IPS, Deep Learning Protection, Sandboxing, Lightning Protection and whatnot? Quite unbeatable ... sorry I digress. So, here it is - the 2FA column.
  • 2019-01-07: updated: STARTTLS Everywhere - mail.com Queued -> Yes; systemausfall.org Queued -> Yes; tutanota.com Queued -> Yes
  • 2018-12-26: updated: mail.de - MTA-STS Testing -> Yes; SPF Neutral -> Softfail
  • 2018-12-14: added: schokokeks.org
  • 2018-11-29: updated: outlook.com - MECSA 3.0/5.0; 4.5/5.0; 3.5/5.0 -> 4.0/5.0; 4.5/5.0; 5.0/5.0
  • 2018-11-26: added: Email Security Grader is online again
  • 2018-11-17: updated: riseup.org IMAPS Timeout -> A; POP3S Timeout -> A; CryptCheck Timeout -> A
  • 2018-11-16: updated: mailbox.org - Cookies 1 -> 3
  • 2018-11-15: updated: mailbox.org - Referrers leaked No -> Partially; Cookies 2 -> 1; IMAPS A -> A+; POP3S A -> A+
  • 2018-11-15: removed: Email Security Grader is down for days now
  • 2018-11-10: updated: STARTTLS Everywhere - disroot.org No -> Queued; tutanota.com No -> Queued; AOL No -> Yes; web.de No -> Queued;
  • 2018-11-10: updated: icloud.com - added MECSA
  • 2018-11-08: updated: free.de - added MECSA
  • 2018-11-07: updated: the SPF column has been updated. "No" - no SPF record; "Neutral" - must be treated exactly like "none", but some spam filters use it; "Softfail" - treated as somewhere between "Reject" and "Neutral"; "Reject" reject message during the SMTP transaction, or use it for spam rating (recommended)
  • 2018-10-07: updated: systemausfall.org - SPF No -> Softfail; MECSA PHISHING AND IDENTITY THEFT 2.5 -> 3.5
  • 2018-11-06: updated: the DMARC column has been updated. "No" - no DMARC record; "Disabled" - DMARC Record with "p=none" and no reporting email address; "Report only" - DMARC Record with "p=none" and reporting email address; "Quarantine" deliver to the "spam folder"; "Reject" reject message during the SMTP transaction
  • 2018-11-06: updated: riseup.net - Mozilla Observatory B -> A+, Referrers Leaked No -> Yes
  • 2018-10-28: removed: vmail.me (Vmail is shutting down its services)
  • 2018-10-26: updated: mailbox.org - CAA No -> Yes; MTA-STS No -> Testing; Mozilla Observatory B -> B+, Referrers leaked Yes -> No (Thanks mailbox.org for sending the updates)
  • 2018-10-25: added: tuffmail.com
  • 2018-10-11: removed: openmailbox.org (down for more than 1 month)
  • 2018-10-11: updated: systemausfall.org - added MECSA; StartTLS Everywhere No -> Queued; DKIM ToDo -> Yes; Hostname Mismatch on MX is gone
  • 2018-10-08: updated: systemli.org - MTA-STS Testing -> Yes
  • 2018-10-07: updated: safe-mail.net - added MECSA
  • 2018-10-02: updated: riseup.net, web.de, yahoo.com, mail.com - MTA-STS No -> Testing
  • 2018-10-01: updated: mail.de - SMTPS F -> B; SMTP timeout -> B; MTA-STS No -> Testing; STARTTLS Everywhere No -> Queued; Referrers Leaked -> No; Third-party requests 10 -> 6; Third-parties contacted 6 -> 5; Email Security Grader is wrong about the Open Relay Test. So, the overall result is wrong. (Thanks to mail.de for the update and the clarification)
  • 2018-10-01: updated: posteo.de - Email Security Grader 87% -> 78%
  • 2018-09:27: removed: freemail.ox.io (will be shut down as of 1st December 2018)
  • 2018-09-17: updated: disroot.org - IMAPS M -> A; POP3S M -> A (was previously checked with a wrong DNS name, hence the M)
  • 2018-09-14: added: mail.de - comment: Punkt 2 in der Datenschutzerklärung beachten.
  • 2018-09-14: removed: 1984.is (Is not an email provider)
  • 2018-09-14: updated: pobox.com IMAPS C -> B; POP3S C -> B; SMTPS C -> B; Mozilla Observatory F -> B+; Security Headers F -> A; htbridge A -> A+
  • 2018-09-14: updated: web.de: Mozilla Observatory C -> F; gmx.de Mozilla Observatory C -> F; vodafone.de D -> F
  • 2018-09-14: updated: cock.li Email Security Grader 80% -> 87%
  • 2018-09-12: updated: posteo.de - Email Security Grader 91% -> 87% (mx01 Reverse DNS Test failed; mx02 migration?); IMAPS C -> A+; POP3S C -> A+; SMTPS C -> A+; SMTP F -> A (Thumbs up)
  • 2018-09-12: updated: autistici.org - added MECSA
  • 2018-09-11: updated: cock.li - SFP No -> Yes; Cookies 4 -> 2; Third-party requests 2 -> 0; Third-parties contacted 2 -> 0
  • 2018-09-11: updated: dismail.de - StartTLS Everywhere Queued -> Yes
  • 2018-09-11: added: netcologne.de
  • 2018-09-03: updated: zoho.eu - Mozilla Observatory D -> F; IMAPS B -> F; POP3S B -> F; SMTPS B -> F; SMTP B -> what a mess
  • 2018-09-03: added: GeoIP column
  • 2018-09-03: added: zoho.com
  • 2018-08-31: updated: StartTLS Everywhere No -> Queued: systemli.org, protonmail.com, riseup.net, lavabit.com, posteo.de, mailjunky.de, runbox.com
  • 2018-08-20: updated: mail.de - IMAPS F -> B; POP3S F -> B
  • 2018-08-18: updated: mailfence.com - DMARC - disabled -> Yes
  • 2018-08-02: updated: mailbox.org - StartTLS Everywhere No -> Queued
  • 2018-07-24: Added STARTTLS Everywhere column
  • 2018-07-23: Added MTA-STS (protecting STARTTLS) column
  • 2018-06-29: It seems that some providers have started blocking TLS-Scans (tls.imirhil.fr) instead of improving their configuration.
  • 2018-06-29: added: netcup.net/de (netcup, you can't possibly be serious (SSLv3, DES3, MD5, RC4 ...?))
  • 2018-06-15: updated: riseup.net - added MECSA; Mozilla Observatory C+ -> B; Security Headers D -> A; Referrers Leaked -> No
  • 2018-06-15: updated: danwin1210.me - MECSA 4.0 / 5.0; 4.5 / 5.0; 5.0 / 5.0 -> 0.0 / 5.0; 4.0 / 5.0; 3.5 / 5.0; IMAPS, POP3S, SMTPS A -> B; Crypt Check A -> B; Security Headers D -> A; Mozilla Observatory D+ -> D-; Referrers leaked: Yes -> Partially;
  • 2018-06-15: added: mc-free.com, simbamail.de, rediffmail.com, anpa.de ... (ongoing)
  • 2018-06-15: updated: kolabnow.com - added MECSA; SMTP B -> A; CryptCheck Timeout -> A+
  • 2018-06-14: added: ok.de
  • 2018-06-06: updated: DMARC - gmail.com No -> Disabled; fastmail.com No -> Disabled; yandex.ru No -> Disabled
  • 2018-06-04: added: mecsa for directbox.com
  • 2018-06-04: updated: directbox.com - DMARC No -> Disabled; DKIM ToDo -> Yes; Mozilla Observatory B -> B+
  • 2018-06-02: added: mailjunky.de; mailjunky.de
  • 2018-05-27: added: mecsa for yandex.ru
  • 2018-05-24: updated: mailfence.com - IMAPS "B" -> "A"; POP3S "B" -> "A"; SMTPS "B" -> "A"; SMTP "B" -> "A"; CryptCheck "B" -> "A+"
  • 2018-04-20: updated: systemli.org - IMAPS "A" -> "B"; POP3S "A" -> "B"; SMTPS "A" -> "B"; SMTP "A" -> "B"; Mozilla Observatory "B" -> "A+"; securityheaders "B" -> "A"; Referrers "Leaked" -> "No"; Cookies "2" -> "0"
  • 2018-03-28: updated: posteo.de - mecsa "5.0/5.0; 4.5/5.0; 4.0/5.0" -> "5.0/5.0; 5.0/5.0; 5.0/5.0"; IMAPS "A+" -> "C"; POP3S "A+" -> C; DMARC "No" -> Disabled
  • 2018-03-24: updated: arcor.de - mecsa "0.0/5.0; 3.0/5.0; 0.0/5.0" -> "4.0/5.0; 3.0/5.0; 2.0/5.0"; securityheaders "F" -> "D"
  • 2018-03-24: updated: emailn.de - mecsa "4.0/5.0 ; 3.0/ 5.0 / 2.0/5.0" -> "4.0/5.0; 0.0/5.0; 2.0/5.0"
  • 2018-03-24: updated: systemli.org - mecsa "4.5/5.0; 4.5/5.0; 5.0/5.0" -> "5.0/5.0; 5.0/5.0; 5.0/5.0"
  • 2018-03-16: updated: tutanota.com - htbridge "A" -> "A+"; CryptCheck "C" -> "B"
  • 2018-02-20: added: teknik.io
  • 2018-02-17: added: mecsa for fastmail.com; hushmail.com (hushmail.me)
  • 2018-02-17: added: mecsa for lavabit.com
  • 2018-02-13: updated: disroot.org - mecsa "4.5/5.0; 4.5/5.0 4.0/5.0" -> "4.5/5.0; 5.0/5.0; 5.0/5.0"; DMARC "No" -> "disabled"; Referrers "Yes" -> "No"; securityheaders "B" -> "A"
  • 2018-02-08: updated: mailcow.de - Mozilla Observatory "F" -> "B"; securityheaders "C" -> "B"; Referrers leaked: "Yes" -> "No"; Cookies "2" -> "1"; Third-party requests "2" -> "0"; Third-parties "2" -> "0"
  • 2018-02-06: added: biomail.de, greensta.de
  • 2018-02-05: added: free.de
  • 2018-02-01: added: goneo.de
  • 2018-01-31: added: online.de (1und1.de)
  • 2018-01-20: added: hosted.mailcow.de
  • 2018-01-18: updated: mailfence.com - mecsa "3.0/5.0; 4.5/5.0 3.5/5.0" -> "4.0/5.0; 4.5/5.0; 5.0/5.0" - IMAPS; POP3S; SMTPS "C" -> "B"
  • 2018-01-16: added: eclipso.de
  • 2018-01-15: added: strato.de, countermail.com
  • 2018-01-14: added: 1984.is, islandnet.com, unseen.is, ownbay.net
  • 2018-01-13: added: safe-mail.net, pobox.com
  • 2018-01-12: added: Email Security Grader
  • 2018-01-12: added: gandi.net
  • 2018-01-12: updated: mailfence.com - DMARC - "No" -> "Disabled"
  • 2018-01-06: added: inbox.com, cox.net, virginmedia.com
  • 2018-01-05: added: danwin1210.me
  • 2018-01-04: added: mecsa for aol.com
  • 2018-01-01: added: mecsa for t-online.de
  • 2017-12-29: added: mecsa for keemail.me (tutanota.de), systemli.org, posteo.de, startmail.com
  • 2017-12-28: added: mecsa for web.de, netcourrier.com
  • 2017-12-28: added: aktivix.org, artikel-140.nl, lavabit.com, boum.org, cryptix.de, immerda.ch, systemausfall.org, netcourrier.com, aikq.de
  • 2017-12-27: added: mecsa for runbox.com
  • 2017-12-27: added: cock.li, riseup.net, systemli.org, so36.net, yandex.ru, zoho.eu, mail.com, fastmail.com, hushmail.com, mail.ru, mail.lilo.org, freemail.ox.io, vmail.me, autistici.org, artikel-140.nl
  • 2017-12-26: added: mecsa for mail.de, arcor.de and gmx.de (Michael)
  • 2017-12-24: Initial list
 

Members, viewing this thread

Сейчас на форуме нет ни одного пользователя.