Tor Email Hosting — Private .onion Email Server

Standard email exposes enormous amounts of metadata: sender IP addresses, recipient addresses, timestamps, subject lines, and message routing paths. Even with PGP encryption, this metadata reveals who is communicating with whom, when, and how often. Running an email server as a Tor hidden service eliminates server IP exposure and makes traffic analysis significantly harder.

A .onion email server serves users who access their email through Tor Browser or Tor-configured email clients. Messages between users on the same .onion server never leave the Tor network. Messages to external recipients can be routed through Tor exit nodes or through SMTP-over-Tor to other .onion mail servers, depending on your configuration preferences.

This architecture is particularly valuable for organizations handling sensitive communications: investigative newsrooms, legal teams working on high-profile cases, human rights organizations in hostile environments, and privacy-focused businesses that want to offer their users truly private email without relying on third-party providers.

Our Tor email hosting deploys a complete mail server stack: Postfix for SMTP, Dovecot for IMAP, Rspamd for spam filtering, and OpenDKIM for message signing. The entire stack listens only on the .onion address — no clearnet ports are open. Users connect with Tor-configured email clients like Thunderbird with TorBirdy, or through a Roundcube webmail interface accessible via Tor Browser.

Postfix is configured with strict TLS enforcement for server-to-server communication, rate limiting to prevent abuse, and address verification to reject messages for non-existent recipients. Dovecot provides IMAP with full-text search, sieve filtering for server-side mail rules, and quota management. All connections require STARTTLS with strong cipher suites.

Rspamd handles spam filtering without sending any data to external services. It runs entirely locally using statistical analysis, heuristic rules, and optional DNS-based blocklists accessed through Tor. This provides effective spam protection without the privacy concerns of cloud-based spam filtering services that scan your email content on their servers.

Our email hosting includes privacy features beyond what commercial email providers offer. Message headers are stripped of internal routing information before delivery, removing traces of your server's internal hostname and IP. Received headers that would normally document the message's path through mail servers are sanitized to prevent information leakage.

We configure automatic PGP key distribution through WKD (Web Key Directory) hosted on your .onion address. When a user sends encrypted email to one of your addresses, their email client can automatically discover the correct PGP key through your .onion WKD endpoint. This makes end-to-end encryption easier for your correspondents.

Mail logs are configured for operational health monitoring only — recording delivery success or failure without storing sender addresses, recipient addresses, or message IDs beyond a 24-hour window. After 24 hours, logs are automatically purged. You can further restrict logging to zero-log mode where only error conditions are recorded.

Email server administration is available through a Tor-accessible admin panel. Create and manage mailboxes, configure aliases and forwarding rules, view delivery queues, and monitor server health — all through Tor Browser. The admin panel uses strong authentication with optional TOTP two-factor authentication.

We handle the complex maintenance that email servers require: DNS record management (SPF, DKIM, DMARC) for servers that also send to clearnet addresses, TLS certificate rotation, spam filter rule updates, and software security patches. Email server management is notoriously time-consuming, and our managed plans save you from this ongoing burden.

Backup of email data follows our standard encrypted backup protocol. Daily backups capture all mailboxes, configurations, and spam filter training data. Individual mailbox restoration is supported, so you can recover a single user's mail without affecting others. For compliance requirements, we offer extended backup retention up to one year with configurable deletion schedules.