Email that puts you in control. No compromises, no tracking, no BS.
4096-bit GPG encryption ensures your emails are secure. Only you and your recipients can read them.
We can't read your emails. No analytics, no profiling, no data collection. Your privacy is guaranteed.
Keys generated client-side. Encrypted with your password. We never see your private keys.
Entire codebase open source including the API. Build your own platform, fork it, or self-host. Full control and transparency.
10GB free storage. No credit card required. No trial periods. Optional premium features available.
Use your own domain. Full control over your email identity. Easy setup with automatic DNS configuration.
Get started in minutes. Your privacy is built in from day one.
Sign up and get your encrypted identity at username@woolny.me. Your encryption keys are generated client-side and never leave your device. Through SRP (Secure Remote Password) technology, we don't even store password hashes—your password never reaches our servers.
All emails are encrypted with GPG. You control your keys. We can't decrypt your messages even if we wanted to. Your data stays yours. We're working on automatically fetching public keys from Proton Mail and other secure email providers for true end-to-end encryption.
No tracking, no profiling, no data collection. Your privacy is the default, not an option. We don't know who you're emailing or what you're saying. Optional anonymized analytics are available but never enabled by default.
Multiple layers of encryption ensure your data stays private—even from us
Secure Remote Password (RFC 5054) proves you know your password without sending it. Your password never leaves your device—we store only a cryptographic verifier that's impossible to reverse.
Uses 2048-bit groups and SHA-256. Protects against database breaches, MITM, and replay attacks.
4096-bit RSA keys with GNU Privacy Guard encrypt all emails end-to-end. Public keys are shared; private keys stay encrypted on your device.
Industry-standard OpenPGP encryption. Compatible with other PGP clients like Proton Mail and GnuPG.
Your GPG private keys are encrypted using a key derived from your password via PBKDF2. We can't decrypt your keys even if we wanted to.
Keys generated client-side. Your password is the only way to decrypt your encryption keys. Lost password = no recovery (by design).
Create an account using SRP. Your password generates a verifier on your device—only the verifier reaches our servers. GPG keys are generated and encrypted with your password.
Authenticate via SRP handshake—no password transmission. Your encrypted keys are downloaded and decrypted locally using your password-derived key.
Emails are encrypted with GPG before leaving your device. Only recipients with your public key can decrypt. We can't read your messages even if we wanted to.
Technical excellence meets privacy-first design
4096-bit RSA keys with GNU Privacy Guard. All emails encrypted end-to-end.
Keys generated client-side and encrypted with your password before storage.
No analytics, no profiling, no data collection. We don't know who you're emailing or what you're saying.
Optional anonymized analytics available but never enabled by default. IP addresses logged for security only.
Entire codebase open source including the API. Self-host, fork, or build your own platform.
Source code including backend API will be on GitHub. Verify security claims, contribute, or run your own instance.
10GB free storage. No credit card required. Optional premium features available.
Funded by donations and optional subscriptions—not by selling your data.
Compare our approach. We're not competing—we're empowering you to build your own platform.
We take pride in the work of Proton Mail and other privacy-focused services. This project was created to help people build their own platforms or run their own fork, with a fully open source codebase including the API.
Comparison based on publicly available information as of 2025. We respect and appreciate the work of all privacy-focused email providers.
Everything you need to know about Woolny
No. All emails are encrypted with GPG. Your encryption keys are stored encrypted with your password. Even if someone gains access to the encrypted keys, they would still need your password to decrypt them. We don't have access to your private keys, so we can't decrypt your messages.
Your password encrypts your keys. If you lose it, we can't recover your account. This is by design—it means we can't access your data even under legal pressure. Make sure to store your password securely.
Yes. You can add custom domains in your settings. All emails sent to your custom domain are encrypted the same way. Set up MX, SPF, DKIM, and DMARC records to get started.
Yes! Free up to 10GB of email storage. No credit card required. No trial periods. We also offer paid subscriptions for additional storage or premium features. We're funded by donations and optional subscriptions—not by selling your data.