Skip to content

ICD360S-e-V/mail

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,347 Commits
.github
.github
 
 
LICENSES
LICENSES
 
 
android
android
 
 
assets
assets
 
 
certificates
certificates
 
 
docs
docs
 
 
enough_mail_fork
enough_mail_fork
 
 
flatpak
flatpak
 
 
ios
ios
 
 
lib
lib
 
 
linux
linux
 
 
macos
macos
 
 
scripts
scripts
 
 
windows
windows
 
 
.gitignore
.gitignore
 
 
.metadata
.metadata
 
 
ACCESSIBILITY.md
ACCESSIBILITY.md
 
 
CHANGELOG.md
CHANGELOG.md
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
OPENSOURCE_RULES.md
OPENSOURCE_RULES.md
 
 
README.md
README.md
 
 
REUSE.toml
REUSE.toml
 
 
SECURITY.md
SECURITY.md
 
 
analysis_options.yaml
analysis_options.yaml
 
 
changelog.json
changelog.json
 
 
cog.toml
cog.toml
 
 
devtools_options.yaml
devtools_options.yaml
 
 
icd360s_logo_preview.png
icd360s_logo_preview.png
 
 
l10n.yaml
l10n.yaml
 
 
pubspec.lock
pubspec.lock
 
 
pubspec.yaml
pubspec.yaml
 
 

Repository files navigation

ICD360S Mail

ICD360S Mail

Secure, end-to-end encrypted email for desktop and mobile

Your emails are encrypted so only you and your recipient can read them.


Release Build License REUSE


E2E Zero Knowledge Zero Telemetry Self-Hosted WCAG



Flutter OpenPGP mTLS DANE WKD

Important

Your emails are never stored on your device. They are fetched live over mutually authenticated TLS and displayed in memory only. No forensic artifact remains after the app closes.

How It Works

graph LR
    A["Your Device"] -->|"mTLS + E2EE"| B["mail.icd360s.de"]
    B -->|"PGP Encrypted"| C["Recipient"]
    B -->|"DANE + DNSSEC"| D["DNS"]
    style A fill:#1565C0,stroke:#0D47A1,color:#fff
    style B fill:#2E7D32,stroke:#1B5E20,color:#fff
    style C fill:#1565C0,stroke:#0D47A1,color:#fff
    style D fill:#4527A0,stroke:#311B92,color:#fff
Loading

👁️ What the server sees

  • Sender address
  • Recipient address
  • Subject line
  • Date and time
  • Message size

🔒 What's encrypted (E2EE)

  • Message body
  • Attachments
  • Attachment names & types
  • Inner MIME structure
  • Everything inside the payload

Features

🔒 Encryption

  • OpenPGP E2EE — PGP/MIME (RFC 3156)
  • Native Go engine — 27 MB in < 1 sec
  • TOFU key pinning — warns on key change
  • Zero-access storage — admin can't read mail
  • WKD — auto key discovery for Thunderbird/ProtonMail
  • Autocrypt — key exchange in every email
  • Password-protected mail — AES-256-GCM for external recipients

🛡️ Authentication

  • Mutual TLS — per-user client certificates
  • Device approval — admin-controlled enrollment
  • Remote revocation — instant wipe on revoke
  • PIN unlock — randomized keypad layout
  • DANE + DNSSEC — verified transport
  • ARC signing — auth preserved on forward

🙈 Privacy

  • RAM-only cache — zero disk, wiped on lock
  • Self-hosted DoH — no Google, no Cloudflare
  • Header stripping — IP/hostname removed from outgoing
  • PII-safe logging — auto-redaction of sensitive data
  • No telemetry — zero analytics, zero tracking

📊 Security Monitoring

  • 10 health checks every 30 minutes
  • SPF, DKIM, DMARC, MTA-STS, TLS-RPT
  • CAA, DNSSEC, DANE (TLSA)
  • IPv4/IPv6 blacklist (43 providers)
  • Recipient security in compose — E2EE / DANE / TLS / Plaintext

Cryptography

Note

All cryptographic operations use modern, audited standards. No legacy algorithms.

Component Standard
🔑 Signing Ed25519 (EdDSA)
🔐 Encryption X25519 / ECDH (Curve25519)
✉️ Messages OpenPGP (RFC 9580, PGP/MIME RFC 3156)
🏦 Vault AES-256-GCM + Argon2id (64 MiB / 3 iters / 4 threads)
📡 Transport Mutual TLS + DANE (TLSA 3 1 1) + DNSSEC
🔍 Key discovery WKD + Autocrypt Level 1

Download

Tip

All downloads are served over HTTPS with cryptographically signed version verification.

Desktop


Windows

QR
macOS

QR
Linux

QR
Linux packages: DEB, RPM, tar.gz, Flatpak repo
Format Download
DEB (Ubuntu/Debian) icd360s-mail.deb
RPM (Fedora/RHEL) icd360s-mail.rpm
tar.gz icd360s-mail-linux.tar.gz

Flatpak (recommended for Fedora Silverblue/Kinoite + auto-updates):

flatpak remote-add --if-not-exists icd360s \
  https://mail.icd360s.de/downloads/mail/flatpak/icd360s.flatpakrepo
flatpak install icd360s de.icd360s.mailclient

Updates land via flatpak update (or automatically through GNOME Software / KDE Discover). The single-file .flatpak bundle is still published per-release but the repo install avoids the "Update Issue" warning that bundle-only installs cause.

Mobile


Android

QR
iOS

QR
Android flavors: F-Droid, Samsung, Huawei, Google Play
Flavor ARM64 ARMv7 x86_64
Universal Download Download Download
F-Droid Download Download Download
Samsung Download Download Download
Huawei Download Download Download
Google Play Download Download Download

Building from Source

git clone https://github.com/ICD360S-e-V/mail.git
cd mail && flutter pub get
flutter run -d macos    # or: windows, linux
Platform requirements
Platform Requirements
All Flutter 3.41+, Dart 3.6+
Android Java 17, Android SDK
iOS/macOS Xcode 15+
Linux libgtk-3-dev, libsecret-1-dev, libjsoncpp-dev
Windows Visual Studio 2022 with C++ workload

About ICD360S e.V.

ICD360S e.V. is a registered German nonprofit (eingetragener Verein). Every active member receives a free, secure @icd360s.de email account with E2E encryption and cross-platform access.

Caution

The live service at mail.icd360s.de is available exclusively to members. This repository contains the open-source code — the operational service is private.

About

Secure, end-to-end encrypted email client for desktop and mobile — Flutter, OpenPGP, mTLS, ClamAV, zero local storage

icd360s.de

Topics

dart security privacy cross-platform imap clamav smtp openpgp flutter email-client zero-knowledge end-to-end-encryption mtls fluent-ui pgp-mime

Resources

Readme

License

AGPL-3.0 license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 281

v2.142.1 Latest
Jun 11, 2026
+ 280 releases

Packages

 
 
 

Contributors

Languages