Mailum

Item: Mailum
Rating: 6
Author: KYC No Thanks

Mailum is an open-source, anonymous email provider offering full-stack encryption and Tor access, though free-tier limitations and mixed community trust signals give privacy advocates pause.

6.0

out of 10

L1 Anonymous

Non-custodial No email required No IP logging 5 payment options

Visit website Suggest an update

// review

Overview

Mailum positions itself as a no-KYC encrypted email service built for users who refuse to trade identity for communication. Launched by figures with ties to the defunct OpenMailBox project, the platform promises full-stack encryption, not merely message bodies, but subjects, sender and recipient fields, timestamps, and metadata all get wrapped in cryptographic protection. The service operates on a zero-knowledge architecture, meaning Mailum's servers cannot decrypt user correspondence even if compelled. With Tor-native access, open-source code, and pseudonymous signup, Mailum targets the privacy-conscious segment that ProtonMail and Tutanota have long contested. However, its overall score of 6/10 and extremely low trust metrics suggest significant caveats beneath the marketing veneer.

Privacy & KYC

Mailum sits at KYC Tier L1, Anonymous, the most permissive classification in our directory. Registration demands no personal data, no phone verification, and no identity documents. Users can access the service through a standard web browser or via its Tor onion mirror, hiding even the fact that they use an encrypted email provider from network observers. The provider claims no IP logging, no ads, and no trackers, policies that, if faithfully executed, would place it among the leanest privacy commitments in the email space.

Yet the picture fractures under scrutiny. Community reports indicate VPN blocking that undermines anonymous access, directly contradicting the service's privacy positioning. Multiple users note that free accounts cannot send emails to external addresses or reply to non-Mailum senders, rendering the tier functionally hobbled for real-world use. Most alarmingly, ScamAdviser assigns Mailum a trust score of 0, citing phishing reports, suspicious IPQS flags, and a registrar with elevated spammer association. Reddit's 2025 ban of r/Mailum, archived in a dedicated GitHub repository by the team, further clouds the reputation landscape, though the stated rationale remains opaque.

KYC requirement: None (pseudonymous)
IP logging: Claimed no-logs policy
Tor support: Native onion service available
Third-party trust signals: Strongly negative (ScamAdviser, IPQS)

Supported assets & payments

Mailum accepts an unusually broad payment spectrum for an email provider, reflecting its crypto-native ethos. Users can settle subscriptions with Monero (XMR), Bitcoin (BTC), and Lightning Network transactions, preserving financial privacy alongside communication privacy. Fiat and cash options also appear in the accepted methods list, though specific processors and regional availability remain unspecified in available sources. This multi-asset flexibility aligns with the no-KYC philosophy, Monero in particular offers transaction unlinkability that complements pseudonymous account creation.

Security & custody

Mailum's security model centers on zero-knowledge encryption with native PGP support. The platform encrypts the entire email envelope, body, subject, sender, recipient, and metadata, using what third-party reviews describe as advanced end-to-end schemes. Users control decryption keys locally; password recovery without a pre-generated Secret Token file results in permanent message and contact deletion, confirming that Mailum cannot facilitate law enforcement decryption.

The open-source codebase allows technical audit, though independent security assessments are not prominently documented. Hardware security token support (YubiKey, U2F) appears in some coverage, suggesting multi-factor authentication options. However, the privacy score of 0/100 and trust score of 4/100 in our internal metrics, driven by external scam reports, VPN blocking behavior, and platform moderation controversies, indicate that architectural soundness does not translate into operational confidence. Users must self-custody their Secret Token and accept irreversible data loss if credentials are misplaced.

Who it's for, verdict

Mailum serves a narrow, technically adept niche: users who prioritize anonymous email access, accept cryptocurrency payments, and can tolerate significant usability friction. The full-stack encryption and Tor integration genuinely advance beyond many competitors' body-only protection. For journalists, activists, or researchers in high-surveillance regions, these features may outweigh drawbacks, provided they pay for a functional tier and verify the onion mirror independently.

We cannot broadly recommend Mailum to typical privacy seekers. The free version's sending restrictions make it impractical for daily use, while the abysmal external trust scores, VPN blocking, and platform ban history create red flags that no open-source claim fully neutralizes. Users comfortable with ProtonMail's moderate KYC or Disroot's community provenance will likely find more reliable alternatives. Mailum remains an interesting but unproven experiment in maximalist email privacy, worth monitoring, but risky to depend upon for critical communication in 2026.

Data sourced from kycnot.me

Pros

True no-KYC signup with pseudonymous access
Full-stack encryption covering metadata, subject, and body
Native Tor onion service for network-level anonymity
Open-source codebase enabling technical verification
Monero and Lightning payment options preserve financial privacy

Cons

Free tier cannot send to external email addresses or reply to non-Mailum users
VPN blocking reported by users undermines anonymous access
Extremely low third-party trust scores (ScamAdviser 0/100)
Reddit community banned in 2025 with unclear justification
Secret Token recovery only; lost credentials mean total data loss

At a glance

Non-custodial

No email required

No IP logging

Why this score

Anonymous

Pseudonymous access, no personal data.

Frequently asked questions

Is Mailum truly anonymous?

Account creation requires no personal data, qualifying it as pseudonymous. However, user reports of VPN blocking and mixed trust signals mean operational anonymity depends on your threat model and access method.

Can I send emails to Gmail or Outlook users with a free Mailum account?

No. Multiple community reports confirm that free-tier accounts are restricted to internal Mailum-to-Mailum communication. External sending and replying require a paid subscription.

What happens if I forget my Mailum password?

Without your Secret Token file, password recovery only restores your email address. All existing messages, contacts, and encrypted data are permanently deleted—an intentional zero-knowledge trade-off.

Does Mailum keep logs of my IP address or email activity?

Mailum claims a no-logs policy for IPs and activity, and states it serves no ads or trackers. Independent verification of these claims remains limited.

Is Mailum's code open source?

Yes, the platform publishes open-source code. This allows technical users to inspect encryption implementations, though comprehensive third-party security audits are not widely documented.

Update log

May 24, 2026
Cross-checked ScamAdviser trust metrics against IPQS data
Apr 30, 2026
Revised free-tier limitations based on community feedback review
Mar 31, 2026
Added Reddit ban archive reference from GitHub repository
Mar 1, 2026
Adjusted privacy score following VPN blocking user reports
Jan 31, 2026
Updated supported-coin list after Lightning integration confirmation
Jan 7, 2026
Re-verified Tor onion mirror accessibility

Scores

Overall 6/10

Privacy 0/100

Trust 4/100

Accepted payments

Monero Bitcoin Lightning Fiat Cash

Features

Tor available
Open source

Visit website

Community reviews

2/5 · 4

h hysterical_pool_6096 ★☆☆☆☆

Can't even check them out with a VPN running, so much for staying anonymous. On top of that, outbound email is completely disabled. Pretty useless if you actually care about privacy.

Mar 17, 2026

S Swapuz ✅ (Support at Swapuz)

Mailum locks down everything end-to-end — message content, headers, addresses, the whole metadata trail. Zero identity verification, fully open source, and built to run over Tor. Privacy isn't some add-on, it's baked into everything. 🔐📧

Dec 2, 2025

u unified_listing_4404 ★★★☆☆

Like others mentioned, free accounts can't send mail at all, which makes it pretty limited for day-to-day use. Handy though if you just need a throwaway address for signing up somewhere anonymously.

Nov 13, 2025

u upper-class_humour_1558

Solid privacy-focused email, but the free tier is basically locked down to internal Mailum messaging only. You also can't respond to outside senders without paying, which is a major limitation.

May 21, 2025

Related services

GoyMail

goymail.email

8.0

/ 10

Email Email alias

GoyMail is a pseudonymous email and alias service that lets users sign up without identity verification, pay with Monero or Bitcoin, and access inboxes over Tor, though its extreme transparency about logging and zero encryption keeps privacy purists wary.

L1 Anonymous

XMR BTC LN FIAT CASH

›Tor available ›Open source

LNemail

lnemail.net

8.0

/ 10

LNemail is a pseudonymous email service that lets anyone spin up an inbox in seconds by paying with Bitcoin Lightning, no names, no addresses, no identity checks required.

L1 Anonymous

XMR BTC LN FIAT CASH

›Tor available ›Open source

Proton Mail

proton.me

7.9

/ 10

Email Privacy

Swiss-engineered encrypted email that lets you sign up with minimal information and pay anonymously via Bitcoin, with full Tor network support.

L2 Discreet

BTC FIAT

›Open source ›Tor available ›Worldwide