mail.de stands for a high level of security and data protection. Email security is the essential foundation of our professional, secure service and combines a secure email mailbox with convenience, reliability, and exceptional product quality.
mail.de bears the IT security label of the German Federal Office for Information Security (BSI). This confirms that our systems meet the highest requirements.
Hall of Fame of the BSI
mail.de has been inducted into the BSI's "Hall of Fame" because we were one of the first email
providers to fully implement important technical guidelines such as DANE, DNSSEC, SPF, DKIM and DMARC.
We were personally awarded the gold standard by the President of the BSI.
Your data is stored exclusively in a German high-security data centre with strict data protection regulations in accordance with the EU's GDPR regulation and the German Federal Data Protection Act (BDSG).
Incoming and outgoing messages are automatically checked for spam, phishing and malware so that dangerous content never reaches or leaves your email inbox.
We have used server-side transport encryption for years to protect and secure your email communications. Transfer of your data is encrypted. As a supplement to our security measures, we also use PFS (Perfect Forward Secrecy) with transport encryption. The use of PFS ensures that even if our secret main key is lost, the email communication that is sent via TLS cannot be decrypted by third parties.
The innovative DANE and DNSSEC encryption technology is used as the foundation for signed, forgery-proof DNS answers (digital fingerprint) and the use of such technology can also ensure encrypted transmission of emails even across national borders:
mail.de signs all sent emails with a DKIM signature. DomainKeys Identified Mail (DKIM for short) is an identification protocol for ensuring the authenticity of email senders. It was designed to help prevent unwanted messages such as spam or phishing. Recipients can therefore ensure that emails are really sent from from a mail.de server.
Use an individual user-name instead of your email address to log in. This makes it much more difficult for unauthorised persons to access your email account, as your email address is publicly visible, but your chosen user-name is not.
Our two-factor login within mail.de reinforces our efforts to provide you with optimal levels of security in combination with ease of use. We provide multiple methods of protecting the email account with a two-factor approach:
The authenticator
An authenticator provides a second parameter that is required for access to your emails - the 6-digit authenticator code. This code is generated by an app that is provided for Android and iOS. The apps can be found in either the Apple AppStore (iPhone/iPad) or the Google PlayStore (Android).
U2F (Universal Second Factor)
The standardised U2F procedure requires a small device that is connected via USB or Bluetooth, and therefore ensures that only you can use the email account with this device. The U2F token can be used for other services that support this process as well as for mail.de. U2F-capable devices can be bought from 5 EUR upwards.
Passkeys - Login with biometric data (Touch ID; Face ID)
Log in using biometric authentication on one of your devices (e.g. fingerprint or Face ID) and further secure your email account.
With mail.de's incoming encryption, you can automatically encrypt all new incoming emails
with S/MIME or OpenPGP, even if the sender has not used encryption themselves.
Your messages are additionally protected as soon as they are stored in your email inbox.
Note: This feature enhances the security of your emails, but does not replace true
end-to-end encryption!
All rights reserved. ©2009-2025 by mail.de GmbH