Bimil is a Korean (비밀) word for secret, and that’s definitely an adjective you want when it comes to your email. And it’s core to bmail, where they offer post-quantum encrypted email, calendar, contacts, and drive with hardware-verified security.
And they have a free tier: get mail, calendar, contacts and drive with 100MB total storage for free.
What Makes bmail Unique?
The plaintext gap, eliminated: Every other encrypted email provider encrypts mail at rest, but inbound messages from Gmail or Outlook still arrive as plaintext SMTP and sit in cleartext on their servers before getting encrypted. bmail terminates that TLS connection inside an Intel SGX secure enclave, so plaintext never exists in any operator-accessible memory. Post-quantum hybrid encryption (X25519 + ML-KEM-768, NIST FIPS 203) on every message means harvest-now-decrypt-later is not a strategy that works against bmail.
Cryptographic proof, not a privacy policy: Their enclaves produce CPU-signed attestations of the exact code they are running. Compare those hashes against their reproducible builds of the published source and you have mathematical proof of what is happening on their servers. Don’t trust – verify!
A cryptographic canary that cannot be gagged: Those attestation hashes are continuously verifiable by anyone. If they were ever ordered to add logging or a backdoor, the binary changes, the attestation changes with it, and anyone watching sees it immediately. There is no quiet way to comply.
Zero-knowledge auth and zero PII: Login uses OPAQUE (RFC 9807), so their server never sees your password, not even as a hash. No phone, no real name, no recovery email. Account recovery is a BIP-39 24-word mnemonic and nothing else.
Fake ID: an unlinkable second mailbox: Available on any paid plan. Mint a secondary address using Ed25519 Schnorr blind signatures over Ristretto255. The enclave verifies that you hold a paid subscription without ever learning which subscription. The link between your primary and your Fake ID is mathematically impossible to recover.
A full encrypted suite, not a walled garden: Mail, Contacts, Calendar, and Drive, all end-to-end encrypted, all included on every plan including the free tier. PGP and S/MIME for external recipients, SMTP with DANE and STARTTLS where it is available, standards-compliant ICS for calendar invites from Google, Outlook, and Zoom. Free starts at $0; paid starts at $4.95/month.
The bmail Story
Where did bmail come from? I’ll let them tell the story:
bmail was founded on an uncomfortable truth: the privacy industry runs on promises that cannot be technically guaranteed. Every encrypted email provider asks you to trust that their servers behave the way their marketing says. The track record is not encouraging. In 2013, Lavabit was ordered to hand over Edward Snowden’s private keys and chose to shut down rather than comply. In 2020, a German court ordered Tutanota to surveil specific accounts at the delivery layer. In 2021, ProtonMail was ordered by Swiss authorities to log a French climate activist’s IP address, complied, and the activist was arrested. End-to-end encryption protected the message bodies. The metadata around them did not.
bmail’s co-founder Andrew Lee watched the entire privacy category get stuck on the same structural flaw. He helped build Private Internet Access into one of the world’s largest VPNs, and from inside the industry it became clear that the problem was architectural: the operator has access to the data, so the operator can be made to give up the data. The fix is not a better promise. The fix is removing the access.
Together with Mark Karpelès, Lee designed bmail around Intel SGX secure enclaves. The TLS connection from an inbound sending server terminates inside the enclave. Spam filtering and authentication run inside the enclave. Encryption to the recipient’s key happens inside the enclave. Only ciphertext ever crosses the enclave boundary. The architecture is documented across three companion research papers (covering email processing, unlinkable payment authorization, and verifiable non-logging at the API gateway) published by Verifiable Privacy.
The crypto stack is open source. The enclave builds are reproducible. The threat model is published. Everything we claim is something a determined reader can verify, which is the whole point.
Get Started for FREE
Just head over to bmail.ag and check it out!
raindog308 is a longtime community LETizen, technical writer, and self-described techno polymath. With deep roots in the *nix world, he has a passion for systems both modern and vintage, ranging from Unix, Perl, Python, and Golang to shell scripting and mainframe-era operating systems like MVS. He’s equally comfortable with relational database systems, having spent years working with Oracle, PostgreSQL, and MySQL.
As an avid user of LowEndBox providers, raindog308 runs an empire of LEBs, from tiny boxes for VPNs, to mid-sized instances for application hosting, and heavyweight servers for data storage and complex databases. He brings both technical rigor and real-world experience to every piece he writes.
Beyond the command line, raindog308 has a life-long love of German Shepherd Dogs, high-quality knives, target shooting, theology, tabletop RPGs, playing guitar, and hiking in deep, quiet forests.
His goal with every article is to help users, from beginners to seasoned sysadmins, get more value, performance, and enjoyment out of their infrastructure.
You can find him daily in the forums at LowEndTalk under the handle @raindog308.
Leave a Reply