ProtonMail vs Tutanota vs Mailbox.org in 2026: Encrypted Email Compared
ProtonMail vs Tutanota vs Mailbox.org
If you care about email privacy, three providers dominate: ProtonMail (Switzerland), Tutanota (Germany), and Mailbox.org (Germany). They have different philosophies, different feature sets, and fit different users.
TL;DR
- ProtonMail — best overall for most users. Mature, full-featured, integrated with Proton ecosystem.
- Tutanota — best for technical users wanting open-source through-and-through. Most encrypted by default.
- Mailbox.org — best for users who want standard email (IMAP/SMTP) with strong privacy as table stakes.
What “encrypted email” actually means
When people say “encrypted email,” they usually conflate several different things:
1. Transport encryption (TLS): Every modern provider does this. Email in transit between servers is encrypted. Standard since 2014ish.
2. At-rest encryption on the provider’s servers: Your stored email is encrypted on disk. ProtonMail and Tutanota do this aggressively; mainstream Gmail also does this (less aggressively).
3. End-to-end encryption between users of the same provider: When ProtonMail-to-ProtonMail, the message is encrypted such that not even Proton can read it. Tutanota the same with Tutanota.
4. End-to-end encryption with external (non-provider) users: Requires PGP keys exchanged. Possible with all three providers but with friction.
Most “encrypted email” claims refer to #1, #2, and #3. #4 requires extra effort.
ProtonMail
Owner: Proton AG (Switzerland)
Pricing: Free (1GB) | Mail Plus $5/mo (15GB, custom domain) | Proton Unlimited $13/mo (with VPN, Drive, Pass)
Best for: Most users wanting strong privacy with usability
What’s good
- Mature, full-featured. Web UI is polished, iOS and Android apps solid.
- Custom domain support on paid tiers.
- Proton ecosystem — VPN, Drive, Calendar, Pass integrated.
- Bridge for desktop clients (Apple Mail, Outlook, Thunderbird).
- Encrypted contacts and calendar in addition to email.
- Open source clients — code can be audited.
- Swiss jurisdiction — favorable privacy law.
- Audited.
What’s not
- Bridge required for IMAP/SMTP (slight friction for traditional email clients).
- Free tier has 1GB limit (smaller than Gmail’s 15GB).
- Cannot use standard PGP keys easily outside of Proton.
Tutanota
Owner: Tutao GmbH (Germany)
Pricing: Free (1GB) | Revolutionary €3/mo | Legend €8/mo
Best for: Open-source maximalists, technical users
What’s good
- Fully open source — client AND server code public on GitHub.
- End-to-end encrypted everything — subject lines too (ProtonMail only encrypts body)
- Cheaper than ProtonMail at similar tiers.
- German jurisdiction — strong privacy law.
- No IP logging by design.
What’s not
- Smaller team than Proton. Slower feature development.
- No IMAP/SMTP support. You must use their web/desktop/mobile app. Doesn’t work with Apple Mail, Outlook, Thunderbird.
- PGP integration limited — Tutanota uses their own encryption, not PGP. Encrypted external email requires shared password.
- No calendar / drive / VPN bundles (separate single-product company).
Mailbox.org
Owner: Heinlein Hosting (Germany)
Pricing: Light €3/mo | Standard €9/mo | Premium €25/mo
Best for: Users who want standard email with privacy
What’s good
- Standard IMAP/SMTP — works with any email client (Apple Mail, Outlook, etc.).
- Custom domain on all tiers.
- Includes calendar, contacts, drive, office (groupware suite).
- PGP encryption built in (server-side option).
- German jurisdiction.
- No “subscription bundle” pressure — focused on email + groupware.
What’s not
- Less “modern” UX than ProtonMail or Tutanota.
- No mobile app — relies on standard IMAP clients (you use Apple Mail or similar).
- Free tier doesn’t exist (€3/mo minimum).
- Marketed at businesses more than individual users.
Direct comparison
| Criterion | ProtonMail | Tutanota | Mailbox.org |
|---|---|---|---|
| Cost (basic paid) | $5/mo | €3/mo | €3/mo |
| Free tier | Yes (1GB) | Yes (1GB) | No |
| Storage paid | 15GB | 20GB | 2GB |
| Custom domain | Paid only | Paid only | All paid |
| IMAP/SMTP | Via Bridge | No | Native |
| Mobile app | Yes (excellent) | Yes (good) | No (uses standard clients) |
| Open source clients | Yes | Yes (and servers) | Some |
| Bundled products | VPN, Drive, Pass | None | Groupware suite |
| Jurisdiction | Switzerland | Germany | Germany |
How to choose
Pick ProtonMail if:
- You want a polished email experience
- You’ll use Proton VPN, Drive, or Pass alongside
- You want strong mobile apps
- You’re OK with using Bridge for desktop client
Pick Tutanota if:
- Maximum encryption coverage matters
- Open source through and through matters
- You’re a technical user who doesn’t need IMAP/SMTP
- Subject-line encryption matters for you
Pick Mailbox.org if:
- You want standard email that works with any client
- You want groupware (calendar, contacts, drive, office)
- You’re business-focused
- PGP-by-default with traditional flow
Threat model alignment
Threat: Advertisers tracking via email content.
All three protect. Don’t use Gmail/Outlook for this.
Threat: Government surveillance of your email content.
Switzerland (Proton) and Germany (Tutanota, Mailbox.org) both have strong privacy laws. All three would fight subpoenas.
Threat: Data breach exposing your email contents.
All three encrypt at rest. Even if their servers were breached, content is encrypted. Tutanota has the most aggressive coverage (subject lines included).
Threat: A specific email’s content being read by the receiver’s mail provider.
You need actual end-to-end encryption. Only works ProtonMail-to-ProtonMail, Tutanota-to-Tutanota. For mixed, use PGP.
Migration from Gmail
Whichever provider you pick, switching from Gmail is the hard part:
- Set up your new account
- Forward Gmail to new account (so you don’t miss anything)
- Update accounts to use new email (do this gradually — 5/week)
- Eventually disable Gmail forwarding
- Don’t fully delete Gmail for 1+ year (account recovery for old services)
Allow 6-12 months for a complete migration.
Cost over time
For 5 years of usage:
- ProtonMail Plus: $300
- Tutanota Revolutionary: €180
- Mailbox.org Standard: €540
Tutanota is the cheapest. ProtonMail offers most bundled value. Mailbox.org is the most expensive but includes groupware.
What we use
The Privacy Stacks team:
– 3 use ProtonMail (ecosystem play)
– 1 uses Tutanota (maximum encryption philosophy)
– 1 uses Mailbox.org (uses Apple Mail with IMAP)
All three are legitimate choices.
Disclosure
We use Proton’s affiliate program. Tutanota and Mailbox.org have limited or no affiliate programs. We recommend Tutanota and Mailbox.org despite earning less from them because they’re the right answers for some users. See our affiliate disclosure.
Last updated 2026 Q2. Based on 18 months of personal use of all three.