No thank you, Proton or Tuta would be a better alternative.
Our architecture makes jurisdiction less relevant than it would be for a traditional email provider. All email content, subjects, attachments, contacts, etc are encrypted client-side, locally, before they reach our servers, and you hold the keys, not us.
If we ever were to receive a legal request, we could only hand over encrypted blobs and routing metadata (sender/recipient addresses, timestamps), the same metadata any email provider in any country would have.
We maintain a warrant canary at https://astermail.org/notices/canary.txt, and we have a full transparency report at https://astermail.org/transparency. We have never received a secret government subpoena, national security letter, or a gag order to date.
lucasfin000•1h ago
We built Aster Mail because we wanted end-to-end encrypted email that's actually private. All encryption and decryption happens client-side. We encrypt email content, subjects, contacts, folder structure, search indices, timestamps, and attachment data before anything touches our servers. Minimal routing metadata (sender/recipient addresses) is required for SMTP delivery, but we encrypt everything we can beyond that. On top of standard PGP, we include post-quantum cryptography by default, protecting against store-now-decrypt-later attacks.
Aster's feature set includes things like: free aliases & ghost aliases (auto-generated anonymous addresses), free custom domains, encrypted contacts with device syncing, burn-after-read messages, scheduled send, email snooze, encrypted search, and subscription management.
We ran a closed beta since early Feb and have gone through 150+ revision cycles based on tester feedback, so the product is stable and feature-complete. The entire codebase is public on GitHub and licensed under AGPL v3, and our team is here in the comments to answer questions about how it works.
Longer term, Aster is building a full encrypted communications suite with drive, chat, and authenticator. Aster Mail is currently available on Web, Windows/Mac, Linux, and will be available soon on iOS/Android.
Side note, since it'll come up: "why not just use Proton?" Proton's architecture exposes metadata to the server, which means it can be handed over in response to legal requests, and has been, repeatedly. Aster encrypts email content, subjects, contacts, and most metadata client-side. Between Aster users, we use a Signal-inspired protocol (X3DH + Double Ratchet + ML-KEM-768) that provides forward secrecy, so even if keys are compromised in the future, past messages stay protected. External emails use RSA-4096 PGP. Our architecture is designed so that even under legal compulsion, there's very little useful data to hand over.
We're not anti-Proton. We just think there should be an alternative that actually protects users' privacy and is practical, in an increasingly monitored world.