Encrypted email storage and client

Published: Sat 20 November 2021

We're pleased to announce the latest feature built as part of our NGI grant - an email bridge. The email bridge is a separate server that can run anywhere. It will encrypt incoming emails and store them in your Peergos space, as well as sending outgoing emails, which you create from the web interface. All it needs is the SMTP and IMAP credentials to your email, and write-access to a particular folder in your Peergos space. This is what the web client looks like:

email
Peergos email client.

When your email bridge receives an incoming email, it will asymmetrically encrypt the email and any attachments (so even the bridge can't read it) and store it in a folder in your Peergos space. When you next login, you decrypt the email and any attachments, and store them in a private folder the bridge doesn't have access to. In the other direction, you can create a new email which is stored in a file in your Peergos space. The bridge picks this up, sends it as a real email, and deletes the file from the Peergos outbox folder (you keep a private copy that the bridge can't read). It's designed in a way that there is no state stored in the bridge; therefore even if it is temporarily compromised, no emails are exposed other than those sent or received during the time of the hacking.

You can run the bridge anywhere, it doesn't need a domain name or any TLS certs, just your smtp and imap credentials, and write-access to a folder in your Peergos space. To achieve the latter easily, create a new Peergos user just for the email bridge. Then you can friend and share with this user naturally using the existing Peergos interface.

email
Compose an email in Peergos.

Want to try it out already? You'll first need to run your own email bridge and create a Peergos account for the bridge. Then to enable the email client in Peergos, login or create an account at https://peergos.net/?email=true - note the "?email=true" in the URL. Then login and open the email client in Peergos, and put in the username of the email-bridge. Then login as the email bridge user and accept and reciprocate the follow request from your user. Add your username to the email-bridge accounts file to allow sending/receiving emails.

This work was built as part of our grant from the Next Generation Internet program (NGI POINTER).




NGI Pointer NGI Pointer

This project has received funding from the European Union’s Horizon 2020 research and innovation programme within the framework of the NGI-POINTER Project funded under grant agreement No 871528




RECENT POSTS

Back to Top