How do we score?

SSL Labs: A+

We score the max A+ rating

European Union email assessment: 5.0 out of 5

We score full points in the MESCA email test Email test 100%

We score the maximum in the email test

Start TLS everywhere from EFF: Great!

We score Great! on the test of the Electronic Frontier Foundation. 100% confidence rating

We score a 100% confidence rating


How do we protect your privacy?

We use encrypted connections *always*

We never send email over unencrypted connections (between you and us, and not between us and mailservers of people you email, especially this last part is important)

We remove unnecessary private info from your emails

We remove your personal ip address from the headers of your email, nobody needs to know your location when you send an email

We don't read/process your email

We get paid by you, not by advertisers, so we do not read your email for any purpose (except automated spam prevention).

Hosted in Europe with encrypted discs

We host everything in Europe with secured infrastructure and disc-encryption in case our hardware is ever confiscated

Deleting actually means deleting

When you delete an email, folder or entire mailbox (also from the trashcan) it is really gone, we do not keep your deleted email

Backups encrypted with customer key

Your mail is backed-up every night, encrypted with an individual key. If you leave us we will remove the key which makes the backup useless.

We use a European certificate provider

We have chosen GlobalSign as our certificate provider. GlobalSign is based in Europe with a very good track record.

Our domains are secured by DNSSEC

We have chosen a provider for our and our customer domains which provides Domain Name System Security Extensions (DNSSEC) support. This means all domains maintained by Soverin are secured and DNS Spoofing becomes a great deal more difficult.

we publish CAA and TSLA records

We use DNS-based Authentication of Named Entities (TLSA) and DNS Certification Authority Authorization to tell mailservers and browsers about our certificates. This allows browsers and mailservers to verify they are talking to Soverin by verifying the fingerprints of our certificates and the provider of our certificates.

We send HSTS headers for all our websites

HTTP Strict Transport Security (HSTS) means we send headers to your browser telling it to always communicate securely with Soverin. If your connection is hijacked and some other site pretends to be Soverin this will fail because your browser will force https. We use this for all our websites including webmail

We support DKIM for our own and customer domains

DomainKeys Identified Mail (DKIM) signs your emails telling the receiver that your email was actually sent by a system you trust and that it was not modified in anyway during transport.

We use SPF & DMARC

Domain-based Message Authentication, Reporting and Conformance (DMARC) and Sender Policy Framework (SPF) are used to tell other mail servers who is allowed to send email for our and our customer domains. It also instructs other email servers what to do with email they receive from other (unauthorized) systems.


Take control
of your inbox
for € 3,25 / month

  • Unlimited Messages
  • 25 GB Storage
  • Personal domain
  • Personal webpage