Privacy

At CovertSMTP we combine cutting‑edge cryptography with Swiss data‑protection standards to deliver a fully encrypted, free‑of‑charge communication suite. Every message and calendar entry is encrypted on the client before it ever leaves your device, ensuring that only you and your intended recipients can read the content. Our zero‑access architecture stores only ciphertext on our servers, while encryption keys remain exclusively in the hands of our users.

Security

Security is woven into every feature of CovertSMTP. Two‑factor authentication, forward secrecy, and locally executed spam and phishing filters protect both access points and data in transit. Calendar management follows the same end‑to‑end encryption model as email, safeguarding meeting details, attendee lists, and reminders from exposure. Metadata is deliberately minimized and, where possible, encrypted, further reducing the digital footprint of each interaction.

Freedom

CovertSMTP also prioritizes user autonomy. Anonymous sign‑up eliminates the need for personally identifying information, while multi‑device synchronization ensures a seamless experience across desktop, mobile, and web clients—without ever revealing plaintext to intermediary services. Our platform operates without advertising or data mining; funding comes solely from voluntary contributions and community sponsorships.

Features

CovertSMTP delivers a privacy‑first communication suite built on Swiss data‑protection law. Below are four flagship capabilities that set the service apart:

E2EE

All emails are encrypted on the client using OpenPGP before transmission, guaranteeing that only sender and recipient can read the content.

Zero‑Access Calendar

Calendar events are stored with the same end‑to‑end encryption model, protecting meeting details, attendees, and reminders from any server‑side inspection.

Swiss Jurisdiction

Data resides in Swiss‑based data centers, benefiting from strict privacy statutes. Each session generates fresh encryption keys, ensuring past communications stay secure even if long‑term keys are later compromised.

Anonymous Sign‑Up

Users can create accounts without personal identifiers, and only essential, encrypted metadata (timestamps, hashed IDs) is retained, dramatically reducing traceability.