Posteo Review 2026: Privacy for €1/month
Posteo offers privacy-focused email for €1/month. I tested it to see how it handles anonymity, encryption, IMAP, and real-world usability.
Posteo costs €1 per month.
That number makes it easy to underestimate.
In a market where privacy-focused email services often cost five to ten times that, €1 suggests something basic or limited. After opening an account and using it properly, that assumption doesn’t hold.
The low price reflects a tightly focused service.
Posteo stays in its lane: email, plus the basics around it. Custom domains aren’t supported. Signup doesn’t require personal details, and payment information isn’t tied to mailbox identity. That focus shows up in the details.
I opened an account, prepaid €12 credit for the year, and tested it properly. I don’t usually pay purely for review purposes, but Posteo allows cancellation at any time and refunds any prepaid credit in full if you cancel within the first month. That made it reasonable to evaluate the full paid experience. What stood out wasn’t a single headline feature, but how well everything fit together.
What’s Covered
- Signup and first impressions
- Default settings and account controls
- Security and transport protections
- Full mailbox encryption (zero-access mode)
- S/MIME and OpenPGP options
- Data minimisation and infrastructure choices
- The custom domain decision
- Sustainability and company structure
- How it compares with Proton and StartMail
- Using Posteo in practice
- Bottom line and next steps
Signup and First Impressions
Registration doesn’t ask for personal details, so you can open an account without handing over your name, phone number, or address. How anonymous it is in practice still depends on how you pay and how you use the account — but the default posture is clearly “collect less”.
Posteo is explicit about this: you don’t enter personal information at signup, and they say they don’t retain traffic data like IP addresses tied to accounts. The point isn’t that you become “invisible” online — email can’t do that — it’s that the service is designed to know as little about you as possible by default.
Payment can be made through several methods, including options that minimise the link between payment identity and mailbox identity. Even the checkout flow clearly outlines your right of revocation and refund terms.
The experience is straightforward: create the account, add credit, and you’re done.
Inside the account, the interface is responsive and organised without feeling heavy. Mail, attachments, address book, calendar, notes, and settings sit in clearly separated sections. It’s functional without trying to impress.
When you send a new email, it defaults to plain text rather than HTML.
You can switch to HTML composition easily in settings, but the default is plain text. That tells you something about the priorities. It treats email as writing first, not formatting first. It feels a bit retro — in a good way — with modern security and control underneath. Plain text reduces tracking surfaces, avoids unnecessary formatting code, and keeps messages interoperable across systems. It also keeps message sizes smaller, which over time reduces storage and bandwidth use.
Sensible Defaults, Adjustable When Needed
Posteo sets conservative defaults without locking you into them.
Spam and virus mail is rejected by default. You can either enable a Spam folder (so suspected spam is delivered there), or enable the Spam log (so rejected messages are listed for review). The log and folder are mutually exclusive.
If you only use webmail, you can disable IMAP and POP entirely. Paired with 2-step verification, it’s a simple way to lock the account down and reduce exposure through external apps and devices.
Deletion alerts trigger if more than 50 emails are removed within 24 hours, and that threshold can be adjusted.
The system is cautious by default, yet leaves the level of strictness in the user’s hands.
Account Security
Posteo supports two-factor authentication via standard authenticator apps (TOTP). You can also create app-specific passwords for devices. Seven-day rolling backups allow restoration of deleted emails, contacts, and calendars within a defined window.
The TLS sending and receiving guarantees are particularly noteworthy. You can enforce encrypted transport. If a secure TLS connection cannot be established, Posteo aborts the transaction and notifies you. Downgrade attacks and outdated protocols are rejected.
For context on how email authentication works at the protocol level, see my explainer on SPF, DKIM and DMARC.
In webmail, I did notice it logged me out fairly quickly at times, which can be annoying when you’re jumping in and out. But it fits the overall approach: shorter sessions reduce the window of exposure if you’re on a shared machine, forget to lock a screen, or a session token gets abused.
They also position themselves as tracking-free (no analytics trackers) and hosted in a secure German data centre, with an overall preference for storing as little as possible.
Account-Wide Encryption: An Optional Zero-Access Mode
Posteo includes an optional feature called Crypto Mail Storage. The name is slightly misleading — it has nothing to do with cryptocurrency. In practical terms, it’s an optional zero-access setup for your stored mailbox.
When you enable it, Posteo encrypts your stored emails and notes in a way that means the company can no longer read them. Access depends entirely on your password. There is no backdoor, no secondary recovery key held by the provider.
If Posteo were ever compelled to hand over mailbox contents, it could only provide encrypted data. Without your password, those contents wouldn’t be readable — including by Posteo itself.
It also changes what a breach looks like. If someone compromised a server, accessed backups, or even obtained storage hardware, they wouldn’t be walking away with a readable inbox — they’d be walking away with encrypted files. That doesn’t eliminate every risk (if your password or device is compromised, your mail can still be exposed), but it greatly limits what a provider-side breach can reveal.
The catch is recovery. Once full-mailbox encryption is enabled, password resets stop being an option. If you lose the password, you lose the mailbox.
Once you enable full mailbox encryption, the standard “forgotten password” function no longer applies. If you lose your password, your encrypted data cannot be restored. Not by you. Not by Posteo.
That’s the point of zero-access. If recovery were possible, so would provider-side access.
For users who care deeply about reducing provider visibility or limiting the impact of infrastructure-level compromise, this feature is unusually strong — especially at this price point. For others, it may feel unnecessary.
It improves privacy, but it also removes the safety net of password recovery. Personally, I like that. Once it’s enabled, I know my stored mail isn’t something the provider can “helpfully” unlock — it stays readable only to me, with my password.
Encryption Options: S/MIME and OpenPGP
Posteo also offers low-cost S/MIME certificates (€3.65 per year), signed by an official certification authority. Certificates can be generated through account settings, with private keys created locally and not stored on Posteo’s servers.
For most users, the immediate benefit of S/MIME is digital signing. Signed emails provide authenticity and integrity verification, which is useful even if recipients do not use encryption. Encryption becomes possible when both sender and recipient use S/MIME. In practice, this works best in local email clients such as Thunderbird or Apple Mail, where S/MIME is widely supported.
OpenPGP can also be used through Mailvelope in the browser or in local clients.
Inbound encryption is available for advanced users. When configured, newly arriving emails can be encrypted automatically using your public key. This requires proper setup in a local client and carries the risk of permanent data loss if keys are misplaced. It’s powerful, but only worth enabling if you’re confident you won’t lose your keys.
Proton Mail takes a different approach, prioritising automatic encryption within its own ecosystem using OpenPGP (see my full Proton Mail review). Posteo instead leans into established standards like S/MIME while maintaining compatibility with conventional email clients.
Privacy and data minimisation (the parts most providers don’t talk about)
A lot of email privacy talk starts and ends with encryption. Posteo also focuses on what data gets created in the first place — and what simply never gets stored.
They say they don’t collect user data in the usual “profile-building” sense, and they’ve built payment so it’s not linked to mailbox identity. Payment is handled through a system designed to avoid linking payment details to mailbox identity, which matters if you’re trying to keep financial identity and email identity separate.
There are also smaller technical choices that reduce passive leakage. For example: when you send mail from the web interface, Posteo says it strips IP address information so your local/public IP isn’t added to outgoing messages.
On the infrastructure side, they state that server disks are encrypted (AES) to reduce the impact of physical theft or unauthorised access to storage. That’s not “end-to-end encryption”, but it’s still a sensible baseline.
Finally, calendar and address book encryption are available if you want them. The normal setup is usable and simple, but if you choose to encrypt those parts with your password, it reduces how readable that personal data is on the provider side.
The Custom Domain Decision
Posteo does not support custom domains. That’s tied to its data-minimisation model. Domain registration requires identity data, and supporting custom domains would mean storing and associating personal information with accounts — which would introduce additional disclosure obligations under German regulation.
For that reason, Posteo simply doesn’t offer custom domains. I respect the consistency. It’s a clear line in the sand, and it matches the rest of the service: collect less, store less, link less.
If Posteo supported custom domains, I’d seriously consider moving my primary inbox here the next time I review my email setup. The reason it doesn’t replace my main account is simple: custom domains are central to how I manage my online identity.
Without that limitation, I’d struggle to find a reason not to switch.
Support and Transparency
Support is handled by people, not bots. The team operates during defined weekday hours and provides multilingual assistance.
Even their support approach follows the same logic as the service itself. They say they don’t use a ticketing system, don’t build customer profiles from support conversations, and delete correspondence after a short period once a case is closed. It’s a small detail, but it fits the wider “collect less, keep less” posture.
I tested this myself with a simple question and got a friendly reply just under 48 hours later.
Posteo publishes a transparency report and detailed documentation about its privacy and security practices. It operates under German and EU law within the GDPR framework.
The way the company operates matches the way the product is built.
Sustainability (and why it fits)
Posteo talks about sustainability more than most email providers — and in a way that feels consistent with how the service is built.
They say the whole operation runs on 100% green electricity from Green Planet Energy, covering both servers and office space. They also lean into the less glamorous parts of running a company: using energy-efficient hardware, sizing servers to what they actually need, and trying to reduce waste through practical choices (recycled materials, resource-efficient processes).
What I found more interesting than the “green energy” headline is the way they describe the business itself. Posteo says it has no investors, no loans, and one source of income: the fees paid by users. That matters because it reinforces the same theme that runs through the privacy side of the product — fewer outside incentives, fewer reasons to expand into “platform” behaviour, and less pressure to monetise attention or data.
They also position themselves as a socially responsible employer: permanent contracts, flexible working, and a general preference for lower-impact travel (they say they don’t use flights for business). Even the banking details are framed through that lens, with accounts held at GLS Bank and savings held with Umweltbank, both aligned to ethical / environmental financing.
None of this makes Posteo “more private” by itself. But it does help explain the overall character of the service: user-funded, independent, and built around clear principles rather than expansion into unrelated services.
Posteo vs Proton Mail vs StartMail
If you’ve read my detailed reviews of Proton Mail and StartMail, you’ll know these providers aren’t solving the exact same problem. They all talk about privacy, but they draw the boundaries in different places. The useful comparison isn’t “which is best?” — it’s “what is each one structurally optimised for?”
| Provider | What it’s optimised for | What you’re trading away | Who it tends to suit |
|---|---|---|---|
| Posteo | Data minimisation and strong security controls within a conventional email model | No custom domains; deliberately narrow scope | Users who value data minimisation and open protocols, and don’t require a custom domain |
| Proton Mail | Reduced provider visibility by default within its own ecosystem | More contained workflow; Proton Bridge layer for traditional desktop clients | People who want automatic encryption by default and stronger ecosystem-level privacy boundaries |
| StartMail | Identity control and interoperability (aliases + IMAP/SMTP) with a paid-only incentive model | Less architectural enforcement of encryption by default | People who want alias-heavy identity management with standard client compatibility |
They’re built differently. Proton pushes automatic encryption inside its own ecosystem. StartMail prioritises aliases and IMAP compatibility. Posteo prioritises data minimisation, strong defaults, and optional encryption when you want it.
None of them win every category — it depends what you’re trying to protect, and what you’re willing to live without.
Using Posteo in Practice
Day to day, it behaves exactly how an inbox should. Mail delivery has been dependable. IMAP sync across devices works without fuss. Filters are easy to configure and do what they say they will. By default, Posteo rejects spam and virus mail outright. I enabled the Spam folder instead and ran a few tests to see how it behaved. Suspected spam was routed into the folder as expected, which is the setup I’d rather have day to day than silent rejection.
The interface fades into the background quickly. After the initial setup, there’s very little to think about. That’s a compliment. Nothing feels experimental or rushed.
I’m also the sort of person who can’t leave settings alone, so I’ve spent time going through the options properly — tweaking spam handling, security controls, folders, and the various privacy toggles to see what’s actually there. Under the hood, it’s a surprisingly complete setup for something this simple on the surface, and I’ve come away impressed by how much control it gives you without turning the whole service into a mess of complexity.
The Bottom Line
For what you’re paying, it’s hard not to be impressed. Posteo is great value, takes privacy seriously, gives you real security controls, and runs on green energy.
Posteo surprised me. I went in expecting a €1/month service to be limited, but it isn’t. This is a solid email provider that’s chosen to stay focused: email, calendar, contacts, notes, sensible account controls — and none of the platform sprawl you see elsewhere.
The privacy posture shows up early. Signup doesn’t ask for personal details, and Posteo goes out of its way to keep payment and mailbox identity separate. That’s not something most providers even attempt, and it’s one of the clearest signals that this isn’t just “privacy branding”.
On security, it’s the same story: it’s not flashy, but it’s serious. You’ve got 2FA (TOTP), app passwords, the ability to disable IMAP/POP if you’re webmail-only, recovery options like restores within a 7-day window, and stricter transport controls if you want them. Then there’s the big one: full mailbox encryption (“Crypto Mail Storage”). If you enable it, you’re choosing a model where Posteo can’t help you back in. That’s exactly the point — and for some people, that’s the most appealing feature of the whole service.
The only reason I’m not making Posteo my main inbox is custom domains. I run my identity through domains, and Posteo doesn’t support them (for reasons that are consistent with their data-minimisation model). If domain support isn’t central to how you manage email, this is one of the easiest recommendations in the category.
I like it enough that I’m keeping it as a second inbox. It’s great value, it’s privacy-respecting by default, and I’m happy it’s run on green energy — but the bigger point is: it feels like email done properly, without the baggage.
Next Steps
If Posteo sounds like it might suit you, the simplest test is to open an account and run it alongside your current inbox for a couple of weeks.
Start with non-critical mail. Turn on two-factor authentication. Play with the spam settings. Add it to your usual devices over IMAP and see how it behaves in your day-to-day routine.
If encryption is part of why you’re here, treat that as a separate test. Posteo supports proper end-to-end standards (S/MIME and OpenPGP), but it isn’t “automatic by default” in the way some providers are. You decide when to use it, and that usually means setting things up in a local client rather than relying only on webmail.
If you want Posteo to behave more like a zero-access mailbox for stored mail, you can enable full-mailbox encryption (“Crypto Mail Storage”). Just go into that with your eyes open: it strengthens privacy, but it also removes the password-reset safety net.
Finally, pay attention to how it feels once the novelty fades. Does the interface stay out of the way? Does plain-text-by-default suit how you write? And does the lack of custom domains matter more, or less, than you expected?
Posteo makes this kind of testing easy: you can try the full paid experience without a long commitment, and cancel within the first month if it’s not for you.
Get the weekly email
A short weekly roundup on email, privacy, and digital trust. No promos. Unsubscribe anytime.