Tor and Email

Using email securely has been a challenge since shortly after its conception and continues to be to this day. By utilising Tor to create and connect to accounts, users can obfuscate their own IP and make themselves unknown to providers and hosts, as well as secure potentially deanonymising email headers. This takes a portion of trust out of the hands of third parties.

While there are plenty of options for webmail and email client software, they are only as private as the developers and providers have decided to build them. The only officially supported option for torifying email is by using Thunderbird in conjunction with Torbirdy. Simply using webmail in Tor Browser can can be safe, though it is important to remember that many popular webmail software bundles require users to enable Javascript. This can be dangerous. Determine your threat model and act accordingly.


Thunderbird is a free and open-source mail client that is available for download on Windows, MacOS and Linux and is commonly found in the repositories of many major UNIX distributions. Thunderbird has built-in support for the 'Torbirdy' addon, a tool used to facilitate secure use of the email client over the Tor network.

For instructions on downloading, installing and configuring Thunderbird and Torbirdy, see this page of the documentation.

See also

Last modified 2 years ago Last modified on May 26, 2018, 12:36:20 PM