Team von mailbox.org

The mailbox.org team

Data protection, security, and e-mail are part of our DNA

mailbox.org is operated by the family business Heinlein Support GmbH from Berlin, Germany, whose origins go back to the year 1992. At the time, our CEO Peer Heinlein took over operations at the Internet access & e-mail provider JPBerlin, which was later incorporated into the Heinlein Support GmbH in 2004. The team of Heinlein Support has more than 30 staff, all widely held in high esteem for their expertise in computer networks, Linux, and e-mail technology. Heinlein supports administrators from thousands of businesses, including those of other e-mail providers, through individual Linux consulting, emergency support, training at the Heinlein Akademie, or sophisticated server hosting solutions.

How mailbox.org came to existence

In the wake of the Snowden revelations in 2013, we decided to establish an e-mail service with the mission to push the current limitations of data protection and privacy. The e-mail hosting as we knew it from JPBerlin was re-worked and launched under the new brand mailbox.org in 2014, entirely self-funded. Since then, mailbox.org is valued by both private and business users for their secure, ad-free, anonymous, and tracking-free e-mail service.

We have been developing our features and service range constantly to become a real alternative to other web-mail providers, especially those may appear to offer a free service but are actually dependent on using their customer data to generate advertising revenue. We believe that many users want such alternatives, and this belief has been affirmed by the stable double-digit growth figures we have seen in the past few years.

For the most part, our team is now concerned with the day-to-day operations and further development of mailbox.org. This includes customer service and support, server administration and hosting, the design and implementation of new features, as well as product management and marketing. Sometimes, our experienced Linux consultants will also join the effort whenever they have free capacity to do so.

We consider ourselves drivers of innovation in the industry and have contributed many ideas and developments to re-invent e-mail security for the benefit of all. We must be doing something right as our competitors frequently copy features that were originally invented by us. We are also very happy about the numerous occasions, where mailbox.org has received industry awards and won product comparison tests with flying colors. For example, the leading German consumer organization "Stiftung Warentest" has repeatedly awarded their top rank and grade for our e-mail service, when it was compared to 15 other e-mail providers in the years 2015 and 2016.

Peer Heinlein Portrait

Peer Heinlein
CEO

An expert of high esteem when it comes to mail servers and Linux, Peer Heinlein has been in the business for more than 25 years. He has authored six books which have become reference works in the industry. Peer is a trained lawyer, with previously spells of working as a journalist. He considers free and unconstrained communication for everyone as one of the foundations of democracy and human rights. This is why he is so passionate about providing secure e-mail at mailbox.org.

 

We know what we are doing

Our services do not run on rented root servers but on our own, dedicated infrastructure, over which we have full control. Our servers operate in parallel in two geographically separate data centers, with another data storage location in Berlin, Germany. Our two admin teams are monitoring services around the clock using more than 15.000 data measures to make sure operations are running smoothly. For security reasons, we exclusively use Open-Source technology.

Data centre

Our data centers

  • are operated with eco-friendly energy
  • are directly connected to BCIX for fast world-wide data transfer
  • are RIPE NCC members
RIPE NCC, BCIX, Linux
Bild Fernsehturm

25 years of secure e-mail:
Our history

E-mail servers and encryption are part of our history.

 

 

1989 On 5 July 1989, the "Junge Presse Berlin e.V.", a group of student newspaper editors, establishes the "Mailbox JPBerlin" for the purpose of exchanging messages with each other. The term "Internet Service Provider" did not exist yet at the time. Initial assets: A 2.400-baud modem, an x86-286 computer featuring an impressive 256KB of RAM, and a monochrome monitor. Peer Heinlein joins the project one year later and contributes a 300-baud acoustic coupler.
1992 Still a teenager, Peer Heinlein takes over at „Mailbox JPBerlin“ and becomes the group's administrator - at the time called "SysOp" (Systems Operator). He further extends the systems and services. JPBerlin gets an updated x86-386er computer with 512 KB RAM, a whopping 20MB hard drive, as well as a flashy 19.200-baud modem that used the protocol “Turbo-PEP”.
1993 Peer Heinlein and other members of JPBerlin offer Internet training courses for different host organisations. Important content: How to use new technologies like e-mail and search engines. A little later, "How to use PGP encryption software" becomes part of the regular syllabus, as PGP encryption was quite normal at the time.

 

1994

JPBerlin acquires a dedicated internet connection with 128 KBit bandwidth - which is very good at the time. There weren’t many places to communicate with yet; we established connections with the Free University of Berlin and with IN Berlin e.V. The Internet was only gradually emerging and growing. JPBerlin was one of the first service providers to offer dial-up connections to ordinary people - initially this was based on simple modems; ISDN was to follow a little later. Broadband didn’t exist yet. Another remarkable innovation at the time: We were able to host websites for people. Unfortunately, our original website was not preserved but there is a later, archived version from 1998 that was saved.

While many other systems were still limited to exchanging messages once per day over a telephone line, we were able to send and receive over the Internet in real-time. Due to its favourable infrastructure and size, JPBerlin became a central distribution node for other mailboxes in Berlin, for whom we handled the mail traffic.

1995 ISDN becomes widely available in Germany and gradually replaces analog telephone lines as a means for connecting to the Internet.
1998

Spam e-mails become a global phenomenon, also thanks to the widespread distribution of free AOL CD-ROMs. JPBerlin is one of the first providers to filter e-mails for spam and later also for viruses. What used to be the office space for the group is converted into a data centre.

In the following years, we manage to acquire many customers who are socially, ecologically, and politically active. They are not just individuals but also charitable organisations and NGOs such as Attac, Doctors without Borders, the working group on data retention, Wikimedia, and X1000malquer.

This is also the year Google was founded, which will go on to replace Yahoo as the most important search engine on the Web.

2002

Peer Heinlein publishes a book on mail server technology: The Postfix book. With more than 1000 pages in the third edition, it becomes a standard reference for post masters. As early as in the first edition, Peer Heinlein had warned of the extensive surveillance activities of U.S.-based secret services. At the time, the U.S. was running the Echelon project, a large-scale satellite communications monitoring project, and one of its spying bases was located in Bad Aibling, Germany.

2004

Our business keeps growing and eventually gets incorporated as the "Heinlein Professional Linux Support GmbH" in 2004, with a name change in 2012 to the current "Heinlein Support GmbH". Our staff is 5 people strong at the time and moves to a new location in Berlin Prenzlauer Berg - where we are still located today. Our servers move to a professional data centre. Heinlein Support becomes a brand well-known for their Linux and mail server expertise and our team performs thousands of server installations over the years, creating 4.500 happy customers along the way. JPBerlin, now a sub-division of the Heinlein Support GmbH, still operates as usual and while it may not be as profitable as the other parts of the company, its social and political dimension continues to be important to us.

2013

The revelations of Edward Snowden about NSA spying activities spur us on to develop a new provider concept: mailbox.org. We are inspired by Snowden, who said: “Properly implemented strong crypto-systems are one of the few things that you can rely on.” High time, we thought, to make this a reality for our customers.

Our team grows to 20 people - all of which are experienced professionals. We have the required technology available in our data centres and the motivation to be ready in 3 months.

2014

mailbox.org launches on 20 February as an ad-free, secure e-mail provider with a focus on privacy and data protection. Our innovative "Encrypted Inbox" is an instant hit, as it combines strong encryption with ease-of -use and so, makes secure e-mail a product for the masses. In addition to e-mail we also offer a web-mail client with many useful features as well as online data storage. mailbox.org becomes an easy-to-use alternative to the e-mail offers available by large corporations.

We extend our services to business customers in December 2014. Doctors, tax advisers, and many small and medium-sized businesses now use our service. It seems sensitive data that need protecting is almost everywhere to be found.

2015

We are the best! Together with another competitor, mailbox.org wins a product comparison test of 14 different e-mail services, conducted by the leading German consumer organisation Stiftung Warentest. We are very happy about this result and also appreciate that security & privacy were recognised as important aspects of the test setup - this is something that would not have played as great a role only a few years ago. This tells us that public awareness about security on the Internet is growing and the perception of the importance of security shifting.

mailbox.org introduces the "Guard" — a fully-featured PGP encryption solution for web-applications. We also invent the TLS/DANE check, which makes transparent the security quality of transport to a destination e-mail address - directly in the web browser.

2016

We are making improvements on almost all fronts. The web interface receives a major upgrade and we also introduce new security features, such as one-time passwords, and a dedicated PGP key server.

Stiftung Warentest runs another one of their product tests and mailbox.org manages to come out on top once again for the second time in a row: We are awarded the overall rating: SEHR GUT (1,4) (very good) for product quality. We are the best provider in the category „Security and Privacy“, scoring another SEHR GUT (1,0). We were also top of the field in the other categories usability: GUT (1,9) and functionality: GUT (1,6).

2018

mailbox.org changes its outfit with a new logo and comprehensive website relaunch. We hope the new, modern visual design will attract a wider target group of private and business customers. We want to grow further and continue promoting the use of secure e-mail for everyone.

2020

mailbox.org is expanding its web interface to include secure video conferencing, which the team operates itself as usual and hosts in its own data centres. We are thus taking the next step towards a comprehensive communication platform for private and business customers.

mehr Beiträge

Our mission

Privacy made in Germany: mailbox.org creates a space where secure and free communication can exist.

Our mission: Secure and free communication without surveillance

We have been around since the early days of the Internet and played an active part in shaping and developing technologies that facilitate free communication: This is a topic that has been at our core for decades and constitutes a major motivation for what we do. We actively participate in the public debate, but we are also getting increasingly worried about corporate interests undermining the basic principles of free and unconstrained communication - for them, the Internet as just another device for making money.

We know that checks and balances are important in a democratic society that relies on the rule of law. People sometimes forget that the authorities of the state do not just represent the law but are also obliged to follow it, including basic laws and human rights laws. We do our part in defending our users' rights by only responding to those information requests that are lawful and rejecting all others. In our view, any measures that facilitate data retention are contrary to everyone's right of privacy, informational self-determination, and free speech. Even though as an e-mail provider, we are less affected than other ISPs, we recognise the significance of data retention and the wider damage it could do. We have therefore decided to take a leading part in the current constitutional complaint against data retention together with Digitalcourage and other organisations, journalists, laywers, and many others.

 

Preserving free speech & privacy.
Creating a space where digital freedom can exist.

If states adopt extreme data surveillance measures, this turns the principle of assumed innocence on its head and infringes on the basic rights of citizens. We are gravely concerned about how this endangers our democratic society and it is also for this reason that mailbox.org is not your ordinary service provider. We are intent on creating a space that allows free speech and privacy to live and breathe. We do this by offering communication technology that facilitates private communication without surveillance, combined with the convenience of modern Internet applications.

Bild Motorrad

Our social & ecological responsibility

We believe that free and secure communication is a public good, as is our environment.

Acting sustainably

We support an Internet that is secure and free of surveillance. We neither like permanent surveillance by national states or intelligence services, nor being spied out by companies and corporations with commercial interests. As a secure e-mail provider, we are contributing our share to maintaining a free society by facilitating surveillance-free communication for private and business users. We deliberately use Linux and other OpenSource software, further develop these technologies as part of our work, and give financial support to events that promote our purpose, such as the "Chemnitzer Linux-Tage", organisations like the working group on data retention, Digitalcourage e.V. (a charitable organisation), the Tor network, as well as the "Freiheit statt Angst" ("Freedom not Fear") protest.

As an SME, we are very much aware of our social responsibilities towards our staff, society, and the environment we all live in and we are happy to do our part.

 

100% Green energy

Our servers are energy-efficient and powered by eco-friendly energy that provided through the data centers. We use renewable energy in our offices, too, provided by the company "Lichtblick".

Whenever we need to go visit one of the data centers we use public transport or car-sharing offers by Stadtmobil. Should a flight be necessary, we compensate the extra emissions caused with a contribution to atmosfair.

Social banking

Our mailbox.org bank account is with the German Bank for Social Economy, whose core activity is in social services, such as elderly care, disability support, child and youth services, health care, and education.

mailbox.org is an entirely self-funded and debt-free company. We are free and independent because we do not owe anything to any investors!

Work-life balance

To promote a positive work-life balance as an employer, our employees can opt to work full-time or part-time, flexible hours, on location at our base, or from their home office. Although there are times when things can get stressful, any overtime worked by our staff is always fully compensated for with extra holiday.

As a result, we manage to stay fit to provide the best-possible service for you, our customers.

Transparency report

At mailbox.org, unlawful requests for information will always be rejected.

Transparency reports mailbox.org

We at mailbox.org are happy to give our users full insight into the extent of requests for information that we have received from investigative authorities. Such authorities may enquire about the contact data of an account user in relation to an ongoing criminal investigation, or present a judicial warrant that asks for the release of mailbox contents and data logs, or order the surveillance of the user's telecommunications data.

 

Not all the enquiries we receive are legal, and our data protection officer will critically assess every single request in order to make sure it is in line with the requirements of the law. If there are any doubts about the legality of a request, our specialised lawyers will be consulted. If a request is formally and legally correct, we will service it, otherwise it will be rejected.

2023 2022 2021 2020 2019 2018 2017 2016 2015 2014

Requests sent to mailbox.org in the year 2023

Total number of requests: 133
From German authorities: 130
From foreign authorities: 2
From foreign non-EU authorities: 1

Organisations

Criminal investigative authorities: 133
Customs authorities: 0
Intelligence services: 0

Request type

Contact data requests: 130
Inbox confiscations: 3
Traffic data requests: 0
Telecommunications interceptions: 0

In 2023, a total of 45 requests were found to be formally unlawful and consequentially rejected. All requests needed to be lawful and free of errors to receive an answer from us.

Requests sent to mailbox.org in the year 2022

Total number of requests: 55
From German authorities: 51
From foreign authorities: 1
From foreign non-EU authorities: 3

Organisations

Criminal investigative authorities: 55
Customs authorities: 0
Intelligence services: 0

Request type

Contact data requests: 49
Inbox confiscations: 1
Traffic data requests: 0
Telecommunications interceptions: 5

In 2022, a total of 55 requests were found to be formally unlawful and consequentially rejected. Of all unlawful requests, 7 were subsequently re-submitted with their formal issues remedied and processed. 7 requests were ultimately rejected.

All requests needed to be lawful and free of errors to receive an answer from us. All telecommunications interception requests were accompanied by the corresponding original court orders. In 2019 and 2020 mailbox.org suspended all telecommunications interception requests due to an unclear legal situation. on 1 December 2021 an amendment to the TKG was enacted and according to this, e-mail providers such as mailbox.org are currently subject to TKG legislation. As a consequence, the TKG has once again become a legal basis for authorities requesting telecommunications surveillance measures.

Requests sent to mailbox.org in the year 2021

Total number of requests: 65
From German authorities: 62
From foreign authorities: 3

Organisations

Criminal investigative authorities: 65
Customs authorities: 0
Intelligence services: 0

Request type

Contact data requests: 61
Inbox confiscations: 0
Traffic data requests: 0
Telecommunications interceptions: 4

In 2021, a total of 10 requests were found to be formally unlawful and consequentially rejected. Of all unlawful requests, 4 were subsequently re-submitted with their formal issues remedied and processed. 6 requests were ultimately rejected.

All requests needed to be lawful and free of errors to receive an answer from us. All telecommunications interception requests were accompanied by the corresponding original court orders. In 2019 and 2020 mailbox.org suspended all telecommunications interception requests due to an unclear legal situation. on 1 December 2021 an amendment to the TKG was enacted and according to this, e-mail providers such as mailbox.org are currently subject to TKG legislation. As a consequence, the TKG has once again become a legal basis for authorities requesting telecommunications surveillance measures.

Requests sent to mailbox.org in the year 2020

Total number of requests: 85
From German authorities: 79
From foreign authorities: 6

Organisations

Criminal investigative authorities: 85
Customs authorities: 0
Intelligence services: 0

Request type

Contact data requests: 80
Inbox confiscations: 4
Traffic data requests: 1
Telecommunications interceptions: 0

In 2020, a total of 43 requests were found to be formally unlawful and consequentially rejected. Of all unlawful requests, 20 were subsequently re-submitted with their formal issues remedied and processed. 23 requests were ultimately rejected. - All requests needed to be lawful and free of errors to receive an answer from us.

Requests sent to mailbox.org in the year 2019

Total number of requests: 79
From German authorities: 72
From foreign authorities: 7

Organisations

Criminal investigative authorities: 79
Customs authorities: 0
Intelligence services: 0

Request type

Contact data requests: 74
Inbox confiscations: 0
Traffic data requests: 2
Telecommunications interceptions: 3

In 2019, a total of 32 requests were found to be formally unlawful and consequentially rejected. Of all unlawful requests, 22 were subsequently re-submitted with their formal issues remedied and processed. 10 requests were ultimately rejected. The requests from foreign authorities came from the EU and Switzerland.

All requests needed to be lawful and free of errors to receive an answer from us. All telecommunications interception requests were accompanied by the corresponding original court orders. These telecommunications interception requests were made before summer 2019, when a European Court ruling questioned if the rules and regulations of the long-standing German Telecommunications Act do actually apply to e-mail providers. All telecommunications interception processes at mailbox.org are currently suspended until the legal situation has been clarified by the German courts.

Requests sent to mailbox.org in the year 2018

Total number of requests: 72
From German authorities: 68
From foreign authorities: 4 (EU)

Organisations

Criminal investigative authorities: 72
Customs authorities: 0
Intelligence services: 0

Request type

Contact data requests: 69
Inbox confiscations: 0
Traffic data requests: 0
Telecommunications interceptions: 3

In 2018, a total of 48 requests were found to be formally unlawful and consequentially rejected. Among these were two requests for telecommunications interception. Of all unlawful requests, 35 were subsequently re-submitted with their formal issues remedied and processed. 13 requests were ultimately rejected.

All requests needed to be lawful and free of errors to receive an answer from us. All telecommunications interception requests were accompanied by the corresponding original court orders.

Requests sent to mailbox.org and JPBerlin.de in the year 2017

Total number of requests: 38
From German authorities: 37
From foreign authorities: 1 (EU)

Organisations

Criminal investigative authorities: 38
Customs authorities: 0
Intelligence services: 0

Request type

Contact data requests: 30
Inbox confiscations: 0
Traffic data requests: 0
Telecommunications interceptions: 8

In 2017, a total of 22 requests were found to be formally unlawful and consequentially rejected. Among these were two requests for telecommunications interception. Of all unlawful requests, 20 were subsequently re-submitted with their formal issues remedied and processed. 2 requests were ultimately rejected.

All requests needed to be lawful and free of errors to receive an answer from us. All telecommunications interception requests were accompanied by the corresponding original court orders.

Requests sent to mailbox.org and JPBerlin.de in the year 2016

Total number of requests: 17
From German authorities: 17
From foreign authorities: 0

Organisations

Criminal investigative authorities: 17
Customs authorities: 0
Intelligence services: 0

Request type

Contact data requests: 11
Inbox confiscations: 0
Traffic data requests: 0
Telecommunications interceptions: 6

A total of 8 requests were found to be formally unlawful and consequentially rejected. Among these was a request for telecommunications interception. Of all unlawful requests, 7 were subsequently re-submitted with their formal issues remedied and processed. 1 requests was ultimately rejected.

All requests needed to be lawful and free of errors to receive an answer from us. All telecommunications interception requests were accompanied by the corresponding original court orders.

Requests sent to mailbox.org and JPBerlin.de in the year 2015

Total number of requests: 9
From German authorities: 9
From foreign authorities: 0

Organisations

Criminal investigative authorities: 8
Customs authorities: 1
Intelligence services: 0

Request type

Contact data requests: 7
Inbox confiscations: 0
Traffic data requests: 0
Telecommunications interceptions: 2

In 2015, all requests were found to be formally and legally correct and consequentially processed. All telecommunications interception requests were accompanied by the corresponding original court orders.

In addition to these requests, there were two legal incidents against us as a provider:

  1. A copyright infringement complaint against our provider JPBerlin.de, where a user had placed copyrighted material on a personal webpage — after consultation with the plaintiff's lawyer they abandoned the case and did not pursue the issue any further.
  2. An investigation against our CEO Peer Heinlein as operator of mailbox.org, concerning supposed „incitement of grievous bodily harm" in the context of another investigation against a person with a mailbox.org e-mail address. The Berlin police provided administrative assistance and deemed the investigation against us an "obviously non-sensical decision of the investigating prosecutor". As it happened, the issue was formally taken up and immediately closed after we explained that our role was that of an e-mail provider.

Requests sent to mailbox.org and JPBerlin.de in the year 2014

Total number of requests: 3
From German authorities: 3
From foreign authorities: 0

Organisations

Criminal investigative authorities: 3
Customs authorities: 0
Intelligence services: 0

Request type

Contact data requests: 3
Inbox confiscations: 0
Traffic data requests: 3
Telecommunications interceptions: 0

 

Customers who trust in our services

Many well-known companies, large and small, from a wide range of industries rely on mailbox.org's secure communication platform. Here is an excerpt:

 

What others say about us

digitalcourage

   "mailbox.org has been recommended by the German consumer organisation Stiftung Warentest. The company also frequently features in our "Tips for digital self-defence". We are confident and pleased to recommend mailbox.org to anyone!“ Digitalcourage e.V. (charitable organisation) , Co-founder padeluun

Computer Base

   "Business mailbox.org offers us e-mail, address book and calendar as a convenient package from a single provider. At the same time, the company strives to ensure the best-possible security and data protection for their clients. It was this combination that convinced us to go with them and we have never looked back since."
ComputerBase GmbH, Steffen Weber, CEO

   "As an extremely privacy-conscious Internet user I chose mailbox.org because they are the only provider to offer the security I need, and their political convictions are right with me. Also, I can run my mailbox anonymously.“ Anonymous customer since 2016