General

To use Neomailbox securely all you need is a web browser such as Firefox, Safari or Internet Explorer. You can use our secure webmail system to check and send mail, so you don't need any extra software installed on your computer.

You can also access your Neomailbox Secure Email account using any SSL capable email program, such as Apple Mail for OS X, Microsoft Outlook, Outlook Express, Thunderbird, Eudora, Evolution, and a number of others.

Neomailbox is tested and known to work with most recent versions of the following email programs:

  • Mozilla Thunderbird (Windows, OS X, GNU/Linux)
  • Apple Mail for Mac OS X
  • Mail app on iOS (iPhone, iPod Touch, iPad)
  • Email app on Android
  • RitLabs The Bat
  • Microsoft Outlook Express
  • Microsoft Outlook (Windows / Mac)
  • Qualcomm Eudora
  • mutt and pine on Unix-like platforms

Even if your mail program is not listed above, in most cases it should work fine with Neomailbox.

If you have any trouble setting up your email program, we will be happy to assist you in getting the configuration right to make sure our service works for you.

To import mail from GMail (or another email account) you can set up both your GMail account and your Neomailbox account as IMAP accounts in an email program such as Apple Mail or Windows Live Mail, then you can just select, drag and drop messages and mailboxes from one account to the other.

It's a good idea to copy the messages in batches rather than all at once, though you may need to experiment a bit to figure out how many messages at a time works well for your combination of network location and email program. Also, it's better to copy the messages rather than move them, and delete the original messages only when you've checked that all the messages have been copied over.

Yes. A range of spam-detection tests is run on incoming mail and each message is assigned a spam score. Messages with spam scores higher than a threshold (currently set to 7) are rejected by our SMTP servers. The sending server is then responsible for generating a bounce message and delivering it to the sender. This ensures that:

  • Any legitimate message that is rejected by our mail servers will be bounced back to the sender and they will know that the message was not delivered due to anti-spam measures. They can then try re-sending the message, using an alternate address, etc.

  • Spam messages that are rejected by our servers will never generate "backscatter spam" which is when a bounce message is generated by the receiving mail server based on the "From:" address in the email message, which can easily be faked, rather than by the sending server (which, if it's a spam server will not actually bother to generate bounces to the fake sender address it's using). This ensures our servers don't contribute to the spam problem, the way so many other email servers sadly seem to.

  • Our servers don't waste resources processing and delivering messages that are almost definitely spam, and as a customer you simply don't even see the vast majority of spam that is targeted to your email addresses.

  • No message ever disappears mysteriously into a Junk folder, the way they do on GMail and other major email services, where the sender thinks the message was delivered, but the recipient doesn't see it because the email provider decided to silently put it in the Junk folder. We believe this is a horrible practice and is even a form of censorship and any email service that does this is fundamentally broken. Neomailbox accounts are completely free of this! Either a message is delivered to your Inbox, or it is rejected and the sender is informed. There is no 3rd option.

When messages are accepted for delivery, the spam score assigned to them is inserted into the header "X-SA-Score". You can use this header in email programs to filter messages into a Junk folder yourself, if you find that an even lower threshold works for you and you don't mind clearing out the Junk folder once in a while. However this is entirely optional and completely up to you. Our servers will still eliminate over 95% of the spam targeted at your mailbox even if you don't configure any further filtering yourself.

You can also use the disposable subdomain email addresses included with every Neomailbox Secure Email account to further control your email address privacy and minimise spam. You can use any address @yoursubdomain.neomailbox.ch (or @yoursubdomain.neomailbox.net) to send and receive mail. So you can use a unique disposable email address for each different purpose, and you can disable and re-enable any subdomain address from your Control Panel at any time. If you use Neomailbox with your Custom Domain Mail Hosting for your own domain name, you can also use unlimited disposable addresses @yourdomain in the same way.

We're also working on providing more individualised control over anti-spam options.


Login & Control Panel

Here are a couple of things to check:

  • Make sure you're using your correct username and password. Remember the password is case-sensisitive.

  • Make sure you're trying to log in to the server on which you have an account. If you signed up for a USA-hosted account, you won't be able to log in on the Swiss servers. The USA servers are at neomailbox.com and the Swiss ones at neomailbox.net.

  • If you're trying to log in to the correct server, and you can receive mail but not send mail or access the Control Panel, your account was probably temporarily disabled for sending mail beyond the limits set for your account (see Account Limits). In the disabled mode, your mail will still be received, and you can still pick up your mail, but you can not send mail or log in to the Control Panel.

    Just send us a mail if you can receive mail but cannot send mail or access the Control Panel, and we'll re-activate your account and increase your limits if necessary.

    Generally, as long as you're sending legitimate mail and not spam or unsolicited commercial mail, we'll be happy to raise your sending recipient limits to whatever works for you. Contact us to get your limits raised.

    If you expect to be sending mail in larger quantities than the default limits for new accounts allow, it's a good idea to let us know beforehand and have your limits raised. That will prevent your account from being disabled if you go over the default limit.

  • There are other reasons you may not be able to access the Control Panel - your account may have expired, or may have been disabled for sending spam. Please contact support for more information. Be sure to specify your username.

Make sure you are typing your username in all lower-case letters. Using capital letters in your username will cause your login to fail. You should also log in using only your username, not your full email address.

Also make sure you're logging on at the correct site for your account type. If you have a formerly US hosted account you must use neomailbox.com and if you have a Swiss hosted account you must use neomailbox.net.

If you just signed up for an account, or if you just changed your password, it can take up to 20 minutes for your account to be fully activated or your password change to take effect. So if you just signed up or changed your password, wait 15-20 minutes and try again.


Privacy & Security

Yes, all email messages are stored on encrypted disks on the servers. Thus, even if physical security to the servers was to be compromised, the attackers would not be able to get at any of the data on the disks as it is all encrypted, with the keys stored offline.

We also provide the ability to auto-encrypt incoming messages with your PGP public key, which ensures that only you can decrypt the messages saved in your mailbox on the servers. However, for most purposes this is overkill, as the messages are already stored on encrypted volumes on the servers.

Neomailbox allows you to send and receive messages from your favourite email program over a secure link to our server.

It's important to note that your email is protected from eavesdropping only while in transit between your email program and our servers. If the message originated from or is sent to an address outside Neomailbox, then it may pass through the Internet in clear text.

Messages sent to another Neomailbox user never pass through the Internet in the clear.

If you would like to make sure that your messages to people using other email services are completely secure in transit, you might want to have a look at the PGP or GnuPG programs, which encrypt the text of your message before you send it.

SSL transport protects message headers (From, To, Subject fields) and bodies from interception on the way to and from the mail server.

This part of the route is most critical for email privacy since this is when local authorities like your company, your ISP, or local government agencies can monitor or even modify your mail without your knowledge.

Even if you use PGP or a similar program to encrypt your messages, these programs usually leave email headers (also known as "metadata") in the clear, and often mail headers and metadata can provide a lot of information about who you're communicating with and the subject of your messages.

SMTP stands for Simple Mail Transfer Protocol. Email programs like Outlook and Eudora (also known as MUAs - Mail User Agents) use this protocol to communicate with MTAs (Mail Transfer Agents) to send email messages.

Neomailbox uses SSL (Secure Sockets Layer) encryption to protect messages on their way from your email program to the mail server, assuring that your messages can't be read on the way from your mail reader program to the neomailbox servers.

Further, our SMTP servers are configured to strip out your real IP address before sending your messages out. Thus, recipients of your messages don't see your real IP address. Your real IP address can reveal a lot of information about you and also provide attackers with a way to target your computer, so hiding your IP address in outgoing mail is a very important privacy consideration when sending mail.

POP3 (Post Office Protocol v3) and IMAP (Internet Mail Access Protocol) are standard protocols used by mail reader software to retrieve email messages from a mail server. Our servers use SSL encryption to secure email messages while in transit, so your incoming messages can't be intercepted or tampered with on the way from the Neomailbox server to your mail reader program.

We accept and prefer payment through digital gold-backed currencies, which provide you a much higher level of privacy protection than credit card payments. For even higher anonymity when signing up, we can also accept payments by Western Union, Wire Transfer, Money Order, and even cash sent by snail mail (at your own risk).

Our servers strip your IP address from outgoing email message headers so that recipients of your messages can't see your real IP address, providing another layer of privacy.

Every Neomailbox account includes an unlimited number of email addresses at its own unique subdomain. This provides another mechanism to safeguard your privacy as you can use different email addresses for different purposes and don't need to reveal your main email address to people you correspond with.

Your IP address can be used to used by malicious crackers and criminals to attack your PC, by surveillance agencies to spy on your online activities, and by advertising firms to track where you go online. Your IP address can be used to pinpoint your geographical location with reasonable accuracy, often right down to your exact street address.

Your IP address uniquely identifies your computer or network on the Internet and so it is a very powerful and private piece of information and shouldn't be broadcast every time you send an email or visit a website, if you value your privacy.

Yes, your real IP address is stripped out and will be not shown in the message headers when you send mail through Neomailbox's SMTP servers.

We keep no logs or customer data other than what is absolutely necessary for performance tuning and security monitoring of our servers. Your IP address is not saved in our logs. All logs are deleted every 7 days.

Neomailbox and PGP or S/MIME encryption in combination provide a good solution for complete email privacy.

Even if you encrypt email messages with PGP or S/MIME the message headers (also known as "metadata") still remain in the clear. Email header fields disclose your identity and may contain confidential information. As Neomailbox encrypts all connections between your computer and our servers, using Neomailbox to send and receive mail improves your privacy even if you already use PGP or S/MIME, as it protects the metadata and email headers as well.

You can access the POP3 and SMTP servers without SSL encryption. On special request we can also enable non-SSL IMAP access. To make it difficult to inadvertently use the POP3 server in non-SSL mode, the non-SSL server is on a non-standard port, port 112.


Incoming Email

There could be a couple of reasons for this:

  • Make sure you are using the correct ports and settings. For POP3, you should be using port 995 or port 110 with SSL enabled, and for IMAP port 993 with SSL enabled. For POP3 without SSL encryption, you can use port 112.

  • You could be trying to log in to the wrong servers. If your account was originally on the US servers, you won't be able to log in to the Swiss servers, and vice versa. The (formerly) US servers are at neomailbox.com while the Swiss servers are at neomailbox.net. Make sure you're using the correct server name in your mail program's configuration.

  • Your account may have expired or been disabled. If you can't send mail or log in to the Control Panel either, it's likely that your account has been disabled. If this is the case, contact support for more details.

If you're able to send mail and access the Control Panel, but unable to retrieve your mail, contact support and we'll look into it asap.

Your account is most likely over its mailbox disk quota. You can check your disk usage in the Control Panel for your account, which can be accessed from the Control Panel Login box here.

You should have received a warning email when you were getting close to your mailbox disk limit. Note however that fake messages about mailbox disk space limits are a common phishing tactic, and you should never click on any links in any such message. The legitimate disk quota warning message will not ask you to click on any links.

If you're able to log in to your account, but aren't receiving new mail, check your disk usage first. If your usage is over quota, new messages cannot be delivered to your account. To ensure that messages can be delivered to your account, you will need to either remove some messages from your mailbox to free up space, purchase additional disk space, or upgrade to a plan that includes more disk space.


To prevent the abuse of our service by spammers, we limit how many mails our customers can send out per hour and per day. The default limits we impose are more than enough for most regular email users, but nowhere near enough to be of any use to spammers. Because of this, it's very unlikely that one of our customers would be sending you spam.

What's much more likely is that the headers of the mail you received have been forged to make it look like the message came from a Neomailbox user. It's very easy to forge email headers and spammers do it all the time. But if you look closely at the complete headers of the mail, you will notice that the mail did not originate from or pass through our servers. You can check which servers are actually Neomailbox mail sending servers by querying our SPF records.

If you receive spam that has actually originated from a Neomailbox account (i.e. it has been sent from an email server that is listed in the Neomailbox SPF records) please report it to This e-mail address is being protected from spambots. You need JavaScript enabled to view it (with complete headers intact) so that we can take action against the account responsible.

Please do not forward any other spam messages to the above address. If you aren't certain if a message really originated from a Neomailbox account, or don't know how to determine this, do not forward the message to us. Other than the one exception outlined above, forwarding spam messages to a Neomailbox support or administrative email address is a violation of our Acceptable Use Policy and contrary to basic Internet etiquette.

It's trivially easy to forge a "From:" or "Reply-To:" header, as most email programs allow users to specify these headers themselves. The ability to specify any "From:" header can be quite useful, enabling you to, for example, use our secure SMTP server to send mail with the From: address set to your home or work email address.

Other headers that are harder to forge include the "Received:" headers. While these can be quite misleading as well, they are still normally quite useful in identifying the real source of an email message.


Using our webmail system, you can delete large emails from your mailbox to ensure your POP3 / IMAP mail client doesn't try to fetch such mails.

Many email programs also allow you to set the maximum attachment size to download when retrieving messages. With a reasonable limit set for this parameter, you should be able to avoid downloading large attachments.



Sending Email

You don't need to create them. You can just use any address @yoursubdomain.neomailbox.net as a disposable email address. You will receive mail for any address of this form into your mailbox.

If you want to stop receiving mail for a certain address, you can just block this address through the Control Panel for your account. Once you block a subdomain address mail for that address will be rejected by our servers. You can also unblock a blocked address at any time by removing it from the blocked aliases list in the Control Panel.

In the Neomailbox webmail system, you can set up multiple Identities under Preferences > Mail > Personal Information. When you add a new identity with a new email address, a confirmation message will be sent to that email address to confirm that you own that address and can receive mail there. Once you confirm the new email address it will be added to your list of identities and you will be able to select it as a From address when sending mail through the webmail system.

You can add any number of identities, and delete them as you like. Valid email addresses for identities include your subdomain alias addresses, your domain addresses (if your account is configured to use a custom domain) or even addresses you have at other email services.

Most email programs can also be set up so that you can select from among multiple identities for the "From:" header. Setting this up with Thunderbird is described in another question in this FAQ section. We're working on publishing more information about how to do this with other email programs.

You can add your disposable email addresses (or any email address) as a sender address for your account in Thunderbird, as described below:

From the Thunderbird main menu select Tools -> Account Settings.

Click on the account name for the account you want to add identities to. Then click the "Manage Identities..." button.

From there you can Add a new email address for that account. This address will then be available as a "From:" address when you compose a message in Thunderbird.

You have not enabled SMTP authentication in your email program. Authentication is required to prevent the abuse of our SMTP servers by spammers. Enable SMTP authentication and provide your username and SMTP password to the email program, then you will be able to send mail through the SMTP server.

For more information on how to enable SMTP authentication on your mail program, have a look at our install guides.

This is a message delay notification, and it is sent by our servers to let you know when any of your messages are delayed for any reason. The mail body will contain the precise reason for the delay in delivering the message in question.

Our servers are set to send you message delay notifications quickly, so that you know about any delivery delays as soon as possible. Our servers will send you a message delay notification if any message you sent has been delayed for 60 minutes. Delivery attempts will continue automatically, and you're kept informed of any further delays with further delay notifications. If you don't receive a delay notification for any message within 1 hour, then you can be sure that the message was delivered.

Some mail servers use a method called "grey-listing" to cut spam, which involves temporarily rejecting an incoming message the first time a message is received from a previously unseen sending server, and accepting it on the next delivery attempt. This can cause messages to sometimes be delayed for 60 minutes or more, which will result in your receiving a message delay notification. But this is usually nothing to worry about, unless you get repeated delay notifications for the same message over a period of time.

There could be a number of reasons for this:

  • Make sure you are using the correct ports and settings. You should be using port 465 for SMTP, with SSL enabled. The SSL type, if you can select it, should be "Alternate Port" rather than "STARTTLS".

  • You may be trying to log in to the wrong servers. If your account is on the (formerly) US servers, you won't be able to log in to the Swiss servers, and vice versa. The (formerly) US servers are at neomailbox.com while the Swiss servers are at neomailbox.net. Make sure you're using the correct server name in your mail program's configuration.

  • Your account may have expired. You would have received several renewal reminders before we would disable your account for non-payment. Contact us for more information if you think your account may have expired.

  • Your mail sending privileges may have been disabled for exceeding the default limits on outgoing mail. See the next question.

If you can receive mail and log in to the Control Panel, but cannot send mail where you previously could with the same mail client configuration, your account may have been temporarily disabled for sending mail beyond the limits set for your account (see Account Limits). In the disabled mode, your mail will still be received, and you can still pick up your mail, but you can not send mail. Your account will be unable to authenticate to the SMTP server to send mail till your SMTP access is restored.

Contact support if you believe this to be the case, and we can re-activate your SMTP access if necessary.


Webmail

In the webmail system, you can set up multiple From: email addresses for outgoing messages, by creating or editing Identities under Preferences > Mail > Personal Information.

When you add a new identity with a new email address, a confirmation message will be sent to that email address to confirm that you own that address and can receive mail there. Once you confirm the new email address it will be added to your list of identities and you will be able to select it as a From address when sending mail through the webmail system.

You can add any number of identities, and delete them as you like. Valid email addresses for identities include your subdomain alias addresses, your domain addresses (if your account is configured to use a custom domain) or even addresses you have at other email services.

Most email programs can also be set up so that you can select from among multiple identities for the "From:" header. Setting this up with Thunderbird is described in another question in the "Sending Mail" section of the FAQ. We're working on publishing more information about how to do this with other email programs.

In the Neomailbox webmail system, deleted messages are marked deleted (indicated by being greyed and crossed out in the message list) but they are not permanently deleted till you purge deleted messages from the mailbox. You can remove deleted messages permanently by clicking on Other > Purge Deleted at the top right of the message list.

From the webmail top menu bar, under "Preferences" (under the gear icon) select "Mail".

In the "Preferences for Mail" screen, click on "PGP" at the bottom of the rightmost column.

Click "Enable PGP Functionality" on the "PGP" screen and click "Save".

Then you can create or import PGP keys, and you will be able to sign / encrypt messages in the Compose screen, as well as read and verify PGP encrypted and signed messages that you receive.


Anonymous Surfing

Anonymous Surfing provides a means for you to surf the web without revealing personally identifiable information about yourself.

Normally, when you surf the web you can be tracked by websites you visit, using your unique "IP address". Your IP address provides a lot of information about you, including your ISP, country and city. When co-related with ISP records, your IP address can pinpoint your precise identity.

Your IP address also provides a target for spammers, malware and identity thieves, who can use it to attack and break in to your computer.

With our Anonymous Surfing services, you can surf the web without revealing your IP address to sites you visit. They will see the IP address of our servers, not of your computer. This provides a high level of security against tracking, profiling and break-in attempts against your computer.

Additionally, our Anonymous Surfing service also secures your web surfing with 256-bit SSL encryption, which secures your surfing traffic against eavesdropping by your employer, neighbors, ISPs, and local authorities.

Another benefit of our Anonymous Surfing service is that it can help circumvent locally imposed censorship. Surfing using our service you will be able to access any sites that may be blocked or censored at your location.

All data exchanged between your computer and the NeoTunnel servers is encrypted before being put on the wire to your ISP (Internet Service Provider), so your ISP can't access or read any of the data stream between your computer and our servers, or track which sites you are visiting.

If you go to http://www.google.com/ncr, Google will set a cookie so that there is No Country Redirect, and then when you type google.com, you will go to google.com.

Yes, you can access SSL secured sites through our NeoTunnel anonymous surfing service. Your browser will be able to create a secure connection to the site you're visiting, just as it would if you were surfing directly and not using the NeoTunnel proxy.

NeoTunnel based Anonymous Surfing isn't currently available on iOS and Android devices, but you can still use our rewriting proxy, which is included with all Anonymous Surfing subscriptions and doesn't require any software downloads or configuration. However, because of the way the rewriting proxy works, it may not work perfectly with some sites that contain complex active content.

There are plenty of free anonymous proxies on the Net. However, it would be a mistake to rely on any of these for any level of security or privacy.

The main reason is that it's usually impossible to know if a given free proxy is trustworthy or not. Many free proxies are set up by spammers, phishers, and even surveillance agencies, to try to steal user login data or profile your actions as you surf through the proxy. In addition, many free proxies, while not run by malicious operators, may not be very secure, which can again lead to your sensitive data falling into the wrong hands.

A well-reputed commercial service, on the other hand, has a commitment and contractual obligation to customer privacy, and a reputation to protect.

Free proxies are also favored for abuse by net criminals, which leads to them being quickly banned from many sites. A commercial service, in contrast, works hard to keep miscreants away, and protect its network from abuse. Other areas where free proxies can be far less than optimal are speed and reliability of service.


Account Limits

Yes, all accounts are subject to limits on sending mail, to prevent abuse of our servers by spammers. The default limits are as follows:

  • Maximum recipients per message: 100
  • Maximum recipients per day: 1000

A recipient is any email address listed in the To, Cc or Bcc headers of the email, or specified via SMTP commands.

There are no limits for receiving mail, other than your mailbox size.

You can send and receive mail of any size, as long as you don't go over your recipient or mailbox size limits.

Attachments sent through the Webmail system are limited to a maximum of 20MB, but you can send attachments of any size using an email program.


Pricing & Ordering

We sure do. We offer discounted Multi-Packs of five or ten accounts, which is a great option to get your family, friends or organization communicating securely. Additional accounts can be added on to a Multi-Pack at any time.

Indeed we do. If you're a recognized non-profit or charitable organization of a non-religious nature, you can contact us to check if you might be able to avail of a 10% discount we can offer to selected non-profit and charitable organizations.

If you avail of this discount we do ask that you permit us to display your logo and organization name in a listing of our customers on our site and other media.

We offer an unconditional 30-day 100% money-back guarantee on all our services, so you can try any of our accounts risk-free for 30 days. If you decide you want to cancel your account within the first 30 days, just let us know and we will promptly issue you a full refund.

It's possible that there was some error in communication between the payment processor (2CheckOut, PayPal etc.) and our site, and your order did not get automatically entered into our database.

Don't worry though, because if your payment was successful at the payment site, we would have received email notification of your payment, and will get in touch with you as soon as possible to help you get your account set up. You can also contact us to have your account set up.


Tech Support

We do offer a limited amount of tech support over email.

However, our services are quite straightforward to set up and use. There are detailed Install Guides for a variety of common email programs and web browsers, which provide complete directions to get going with our services. Answers to most questions that come up frequently are in the FAQ. Most customers are able to effectively use all our services with the information provided on the site.

The prices of our service packages are for the provision of the actual service only. Any tech support we provide is provided gratis as a courtesy on as-available basis, and we do not make any specific guarantees on response time for tech support requests. While we would love to be able to provide each customer with unlimited personal attention and support, this is not practically feasible. It would also detract from our primary mission to provide high-quality privacy services and to develop and implement new features and services to better protect our customers' privacy online.

To assist us in responding to your query as quickly as possible, please write to us only in English, and please ask only one question per message. If you have three questions, please send three separate messages, each with one question. Different questions may need to be answered by different people, and if you put them all together in one message, we cannot efficiently assign your questions to the people best suited to answer them.

We do not currently provide tech support over the phone. We can only correspond with customers via email at this time.

Try Risk-Free


Our 30-day money back guarantee enables you to try any of our services risk-free.