ProtonMail Bridge: encrypted email for Outlook, Thunderbird, and other email clients

Martin Brinkmann
Dec 7, 2017
Updated • Dec 7, 2017
Email
|
21

ProtonMail Bridge is a new desktop program for Windows, Mac and Linux devices that integrates ProtonMail email accounts in desktop email clients such as Thunderbird, Outlook or Apple Mail.

We reviewed ProtonMail twice in past years. First in 2014 when the service was announced, and then just a month ago when we published our getting started guide.

ProtonMail was available as a web-based version and in form of applications only back then. While you could download your keys to integrate them in other applications, it was not such a comfortable option.

ProtonMail Bridge changes that. The free software program bridges the gap and makes ProtonMail available in desktop email programs. The main benefit of the approach is that the program ensures the same level of security -- end-to-end encryption and zero-access encryption -- that ProtonMail offers.

Note: Bridge is only available for paying customers and not to free users of ProtonMail.

The ProtonMail Bridge application "sits" between the email client and the ProtonMail servers. It acts as a proxy if you will that powers the encrypting and decrypting of content. The email client communicates via IMAP and SMTP with the Bridge which in turn encrypts or decrypts ProtonMail messages.

This means that you interact with ProtonMail emails like you would with any other emails from other providers. Good news is that this means that you can run searches across all emails or part of them, and don't have to change the configuration of the email client in any way.

One issue from a security and privacy point of view is that emails are not stored in encrypted form in the email client. This means that they may be accessed by anyone with local access to the device, and by programs that may dump data from it as well.

ProtonMail plans to release the source code for the Bridge application after the technical documentation of the code is done.

Setting up ProtonMail Bridge

The first thing that you need to do is install the Bridge application on the device. This is a straightforward process; the only options you get are to change the directory the program is installed in, and to select whether you want the installer to create application shortcuts on the system.

The actual setup of accounts happens when you run ProtonMail Bridge on the system. Start with a click on the "add account" link in the program interface.

You are then asked to sign in using your ProtonMail username and password to add the account to the Bridge application. Bridge is set up in combined addresses mode by default; all email addresses are managed in a single mailbox in that mode. You can change it it with a click on mailbox configuration so that all addresses are handled individually (each with its own mailbox).

ProtonMail Bridge displays the IMAP and SMTP settings afterwards. These use 127.0.01 as the hostname, local ports, and the ProtonMail username as identifiers. The password is generated by the Bridge application and not identical to the ProtonMail password.

This is done for added security according to ProtonMail.

Configuration in the client depends on that client. It is necessary usually to pick custom setup as you need to specify the custom hostname and port during setup.

ProtonMail's support site has guides for Outlook, Thunderbird and Apple Mail which you may use to set things up.

Closing Words

ProtonMail Bridge brings the secure email service to the desktop. While that means having to run the Bridge application in the background and needing a paid subscription to use it at all, it is something that many users have been waiting for.

Summary
ProtonMail Bride: encrypted email for Outlook, Thunderbird, and Apple Mail
Article Name
ProtonMail Bride: encrypted email for Outlook, Thunderbird, and Apple Mail
Description
ProtonMail Bridge is a new desktop program for Windows, Mac and Linux devices that integrates ProtonMail email accounts in desktop email clients such as Thunderbird, Outlook or Apple Mail.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Anonymous said on December 24, 2017 at 5:53 pm
    Reply

    ProtonMail. Today 24 december not working, still waiting to a message sent 3 hours earlier, really not serious as client.

  2. Clairvaux said on December 8, 2017 at 2:53 pm
    Reply

    “Bridge is only available for paying customers and not to free users of ProtonMail.”

    This is conspicuously absent from Proton Mail official announcements. It’s all right to have separate levels of service, as long as you’re not being sneaky about it. Also, Proton Mail paid-for plans are expensive. They have Swiss pricing levels, which is all right if you have Swiss-level revenues. However, most people in the world do not.

    Other things I don’t like about Proton Mail :

    – As soon as you quizz them about their privacy level, they are quick to point out that they aim to provide privacy, not anonymity.

    – They have embarked on the holier-than-thou world crusade, by stating that they aim to implement “diversity” among their staff. How this is different from Google, Facebook and Mozilla, I don’t know.

    – They wildly overplay their alleged “Swissness” advantage in their marketing blurbs. Swissness once protected your privacy. This is long gone. There might be a slight amount of legacy protection, but it’s nowhere near the levels the naïve “Swiss chocolate” and “bank safes” imagery would have you believe.

    – Their purple background. Generally speaking, people using the purple colour anywhere should be shot.

  3. bugsy said on December 8, 2017 at 9:27 am
    Reply

    Meh, I still prefer the web interface and all my email conent staying encrypted on either Tutanota or ProtonMail servers.

    Just another software layer open to possible exploit.

  4. ULBoom said on December 8, 2017 at 3:13 am
    Reply

    Proton’s web mail was the first secure email I used and it’s been fine, no ads, no hint they’re tracking anything in the free version. Fast and reliable. Have to look at the IMAP prices, it’s been in development for ages and seemed to fizz out at one point, glad it’s available now. Proton the company seems straight up, they do what they say they will, rare!

  5. Bimms said on December 7, 2017 at 6:09 pm
    Reply

    Does the mail recipient need a key to decrypt the message ?

    1. ULBoom said on December 8, 2017 at 3:16 am
      Reply

      No, but you can send secure messages with a key if you want to.

    2. Martin Brinkmann said on December 7, 2017 at 6:44 pm
      Reply

      Nothing changes on this end.

  6. Apparition said on December 7, 2017 at 4:26 pm
    Reply

    Admiral, there be cheapskates here!

    1. Sophie said on December 7, 2017 at 5:34 pm
      Reply

      @admiral – I didn’t want to say it……..but there be!!!

      I started recently, a paid Proton account, because I wanted to support them. They are really on our side! It’s important to recognise that, and do our little bit. Can you imagine what it takes to run a service like that. Remember that there are no adverts, and they are not selling us out.

      Help them out guys if you can, and accept that a premium feature like IMAP will (and should) only be available to paid customers, not because we are special, but because we didn’t want such a great service for nowt!

  7. Remontoire said on December 7, 2017 at 2:59 pm
    Reply

    Not available for Linux users either, bit of a crock if it’s not offered to those like me who prefer to donate.

    1. Pr0t0n said on December 7, 2017 at 3:57 pm
      Reply

      “It’s coming Spring of 2018. This is not related to the security of the system, rather to its popularity. We are just trying to split resources efficiently. Thanks for understanding!”

      From their facebook page (Comments)
      https://www.facebook.com/protonmail/videos/771573703029973/

  8. UltraInstinct said on December 7, 2017 at 2:37 pm
    Reply

    Been waiting for centuries for imap support lol, and it is paid :(
    Very disappointed that imap is not free, I wanted so badly to use protonmail as a free primary service.

    1. E said on December 9, 2018 at 7:50 pm
      Reply

      Gmail uses your data as payment, protonmail uses your money while respecting your privacy. Make a choice.

    2. Nothing is free said on December 7, 2017 at 6:28 pm
      Reply

      I wish I could get services for free – oil changes, tires rotated, yard work, house painted, free rides around town. However, people want to be paid for their efforts and earn a living.

      1. Sophie said on December 8, 2017 at 9:33 am
        Reply

        @ A different Martin

        I’ve seen that document, thank you.

        I’m not sure how reliable that source is, as it suggests almost everything has a vulnerability.

        But you have to ask yourself, if transmission to and from Protonmail services is EtoE, with encryption taking place inside the browser, using Javascript, then I think you are only (at best) talking about a theoretical risk.

        Life is a risk. I will likely cross the road this afternoon!

        The point is….have we (collectively) taken all steps we possibly can, to mitigate threat?

      2. A different Martin said on December 8, 2017 at 12:04 am
        Reply

        @ Sophie:

        IMO, they are way way ahead of Tutanota . . . .

        I’ve never used either ProtonMail or Tutanota (although I did once have pizza at Tutta Bella), nor do I really know much about email security, but I happened to catch this article in my tech headlines this morning:

        MailSploit — Email Spoofing Flaw Affects Over 30 Popular Email Clients
        https://thehackernews.com/2017/12/email-spoofing-client.html
        “A security researcher has discovered a collection of vulnerabilities in more than 30 popular email client applications that could allow anyone to send spoofed emails bypassing anti-spoofing mechanisms.”

        Running down the list of tested vendors here:

        https://docs.google.com/spreadsheets/d/1jkb_ZybbAoUA43K902lL-sB7c1HMQ78-fhQ8nowJCQk/edit

        I noted that ProtonMail (for Android, iOS, and the Web) was listed as vulnerable and that Tutanota (for the Web) was not. But again, I don’t know much about email security. Maybe it’s a non-issue in practice, or maybe it’s something that ProtonMail will fix in the near future.

      3. Sophie said on December 7, 2017 at 6:58 pm
        Reply

        We all want to be paid, and in this case, Protonmail are SOLID! No Microsoft nonsense that I can see. They must be supported, or they could eventually go under. IMO, they are way way ahead of Tutanota…..and there is nothing quite like them, in the way of EtoE email.

  9. Money Money said on December 7, 2017 at 2:29 pm
    Reply

    It doesn’t say anywhere on ProtonMail Bridge page or Pricing page. But after installing the app and trying to log in into your account, it says “Please upgrade to a paid plan to use this client”.
    It’s a big “Fuck you”.

    1. Anonymous said on December 7, 2017 at 10:26 pm
      Reply

      @Nothing is free & @ Sophie: before posting always the same rengains you should learn to read.

      Same remark from “JE”: https://protonmail.com/blog/thunderbird-outlook-encrypted-email/
      “But YOU SHOULD ADD VISIBLE NOTE that this requires a Paid plan!”

      Of xourse no response from “Irina M”(Proton Mail), while she/he gave explanations for other posts.

      So I totally agree with the “big fuck you”.

    2. Nothing is free said on December 7, 2017 at 6:25 pm
      Reply

      LOL – what are you thinking? That products and services that cost money to develop should be free?

      Where do you get services and products for free? Apps that don’t charge are using you as the product.

      A free version of an app, is courtesy service, and a strategy to attract paying customers that would not purchase an app before using it. In the real world, it makes 100% sense to charge for additional features or functionality. Amazon, Microsoft, Cisco, Google, HP, Dell, and every other technology company charge for different feature, modules, etc. It is common sense. These companies need to earn money to stay in business, and for individuals to have a salary.

      1. Sophie said on December 7, 2017 at 7:01 pm
        Reply

        Absolutely!!!

        I took advantage of their Black Friday sale recently, but in fact I had been wanting to support them for most of this summer. The thing that held me back was actually the association of an EtoE account with my bank details. But then I thought……why do I think that? Because I have nothing to hide anyway! So yes, my account is now linked to my ID, but I don’t mind. I trust them. We have to….in the end….give a little trust.

        Thanks Protonmail!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.