Type: End-to-end encrypted email service — official Tor access
Access: Tor Browser — .onion address
Account required: Yes — free tier available
Clearnet version: tutanota.com
End-to-end encryption: Yes — built-in
Jurisdiction: Germany
Open source: Yes — clients are open source
Last verified: March 2026
What Is Tutanota?
Tutanota is a German end-to-end encrypted email service that builds encryption directly into its interface — no manual PGP key management required for emails between Tutanota users. It is one of two dominant privacy-focused email services alongside ProtonMail, with a slightly different approach to encryption, pricing and jurisdiction that makes the two genuinely different tools rather than interchangeable alternatives.
Its .onion address provides anonymous network access on top of Tutanota’s content encryption — combining IP anonymity from Tor with message content privacy from end-to-end encryption. For users whose threat model includes both network surveillance and content surveillance, the combination addresses both concerns simultaneously.
Onion Address
Clearnet version: https://tutanota.com
Verification: This address is published in Tutanota’s official documentation. It has been stable since launch.
How to Access Tutanota via Tor
- Download Tor Browser from torproject.org
- Set security level to Safer — Tutanota uses JavaScript for its web interface
- Paste the .onion address into the address bar
- Log into an existing account or create a new one
- For maximum anonymity at registration — create the account through the .onion address, use a username with no connection to your real identity and do not provide a recovery email
How Tutanota’s Encryption Works
Tutanota encrypts email content and attachments end-to-end using a combination of AES-128 and RSA-2048. The encryption happens client-side — in your browser or app — before the message leaves your device. Tutanota’s servers never have access to the unencrypted content of your emails.
| Scenario | Encryption Method | Recipient Requirement |
|---|---|---|
| Tutanota to Tutanota | ✅ Automatic E2EE | None — encryption is seamless |
| Tutanota to external (Gmail etc.) | ⚠️ Password-based encryption | Recipient needs the password to decrypt via a link |
| External to Tutanota | ⚠️ TLS in transit only | Standard email — not E2EE |
| Tutanota to ProtonMail | ⚠️ TLS in transit only | Different encryption systems — no E2EE between them |
The critical limitation: Tutanota and ProtonMail use incompatible encryption systems. An email from a Tutanota account to a ProtonMail account travels encrypted in transit but is not end-to-end encrypted — ProtonMail can read it on their servers. For E2EE between different providers, manual PGP is still required.
What Tutanota Encrypts — and What It Doesn’t
Tutanota’s encryption is comprehensive for message content but does not extend to all email metadata:
| Data | Encrypted? |
|---|---|
| Email body | ✅ Yes — E2EE |
| Attachments | ✅ Yes — E2EE |
| Subject line | ✅ Yes — unlike most email providers |
| Sender and recipient addresses | ❌ No — required for email routing |
| Timestamps | ❌ No |
| IP address at login | ⚠️ Logged — use .onion to hide IP |
Subject line encryption is a meaningful differentiator from most email providers including standard ProtonMail — subject lines are typically transmitted unencrypted even when message bodies are encrypted. Tutanota encrypts subjects by default.
Tutanota vs. ProtonMail — Honest Comparison
| Feature | Tutanota | ProtonMail |
|---|---|---|
| Jurisdiction | Germany | Switzerland |
| Subject line encryption | ✅ Yes — default | ⚠️ Paid plans only |
| .onion address | ✅ Yes | ✅ Yes |
| Free tier storage | 1 GB | 500 MB |
| Calendar encryption | ✅ Yes — E2EE calendar | ✅ Yes |
| Custom domain | ✅ Paid plans | ✅ Paid plans |
| PGP support | ❌ No — own encryption only | ✅ Yes |
| Open source | ✅ Clients open source | ✅ Clients open source |
| Ecosystem integration | Email + calendar | Email + calendar + VPN + drive |
Germany as a Jurisdiction
Tutanota operates under German law — a meaningful consideration for users evaluating legal exposure. Germany has strong data protection laws under GDPR and has historically been resistant to US intelligence requests that flow through Five Eyes arrangements. However, Germany cooperates with EU law enforcement and can be compelled to hand over data through German legal process.
Tutanota’s end-to-end encryption means that even with a valid German legal order, the service can hand over only encrypted data it cannot decrypt. The content of your emails is protected by encryption regardless of legal compulsion — what remains exposed is account metadata: email addresses you communicate with, timestamps and account creation information.
Accessing Tutanota through its .onion address removes IP address from the metadata available to Tutanota — they cannot hand over what they do not have.
Creating an Anonymous Tutanota Account
For users who want a Tutanota account with no link to their real identity:
- ✅ Access the registration page through the .onion address — no IP logged
- ✅ Choose a username with no connection to your real name, location or interests
- ✅ Do not provide a recovery email address — recovery emails create an identity link
- ✅ Use a strong randomly generated password stored in KeePassXC
- ✅ Always access the account through the .onion address going forward
- ❌ Never access a anonymously-created account from a non-Tor connection — this immediately links your real IP to the account
- ❌ Never send from this account to people who know your real identity unless that is your intent
Tutanota’s Free Tier Limitations
Tutanota’s free tier provides 1 GB storage and a single @tutanota.com or @tuta.com email address. Limitations that matter for dark web use:
- One alias maximum on free tier — paid plans add more aliases
- No custom domain on free tier
- Inbox rules require paid plan
- Search is limited to subject lines and senders on free tier — full text search requires paid
For most anonymous email use cases — source communication, anonymous account registration, secure correspondence — the free tier is sufficient. The paid tier adds features relevant to heavy email users rather than privacy-specific capabilities.
Frequently Asked Questions
Can I use Tutanota without JavaScript?
No — Tutanota’s web interface requires JavaScript for its encryption operations. It cannot function in Tor Browser’s Safest mode. Set security level to Safer when using Tutanota via .onion. Tutanota’s mobile apps for Android and iOS do not require browser JavaScript — they are the appropriate choice for users who want to avoid JavaScript in their browser entirely.
Does Tutanota accept anonymous payment for paid plans?
Tutanota accepts cryptocurrency for paid plans — check the current payment options on their site. Paying with Monero via a no-KYC method provides the strongest financial anonymity for upgrading to a paid tier without linking your identity to the subscription.
What happens if Tutanota receives a legal order for my account?
Tutanota can comply with valid German legal orders. Under compulsion it can provide account metadata — email addresses communicated with, timestamps, account registration information. It cannot provide email content because it is end-to-end encrypted and Tutanota does not hold the decryption keys. Accessing via .onion removes IP address from the metadata available. The combination of .onion access and E2EE provides meaningful protection against legal compulsion scenarios.
Is Tutanota better than ProtonMail for anonymous email?
Both are strong options — the choice depends on specific requirements. Tutanota’s subject line encryption on the free tier is a meaningful advantage. ProtonMail’s Swiss jurisdiction and broader ecosystem integration — including ProtonVPN and Proton Drive — makes it a stronger choice for users building a broader privacy stack. For email-specific use with subject line privacy as a priority, Tutanota has a slight edge. For ecosystem integration, ProtonMail wins.