ElectronMail – a Desktop Client for ProtonMail and Tutanota

The majority of people on the internet have email accounts from big companies, such as Google, that do not respect your privacy. Thankfully, there are privacy conscience alternatives like Tutanota and ProtonMail. The problems is that not all of them have a desktop client. Today, we will look at a project that seeks to solve that problem for you. Let’s take a look at ElectronMail.

‘Electron’-ic warning!

The following app is built with Electron (the name is ElectronMail for a reason). If the use of Electron upsets you, please consider this a trigger warning.

ElectronMail: Desktop Client for Tutanota and ProtonMail

Electron Mail About
Electron Mail About

ElectronMail is simply put an email client for ProtonMail and Tutanota. It is built using three big technologies: Electron, TypeScript and Angular. It includes the following features:

  • Multi accounts support per each email provider
  • Encrypted local storage
  • Available for Linux, Windows, macOS, and FreeBSD
  • Native notifications
  • System tray icon with a total number of unread messages
  • Master password to protect account information
  • Switchable view layouts
  • Offline access to the emails
  • Encrypted local storage for emails
  • Batch emails export to EML files
  • Full-text search
  • Built-in/prepackaged web clients
  • Configuring proxy per account
  • Spell Checking
  • Support for two-factor authentication for extra security

Currently, ElectronMail only supports Tutanota and ProtonMail. I get the feeling that they will be adding more in the future. According to the GitHub page: “Multi email providers support. ProtonMail and Tutanota at the moment.”

ElectronMail is licensed under the MIT license.

How to install ElectronMail

Currently, there are several options to install ElectronMail on Linux. for Arch and Arch-based distros, you can install it from the Arch User Repository. There is also a Snap available for ElectronMail. To install it, just enter sudo snap install electron-mail.

For all other Linux distros, you can download a .deb or .rpm file.

Electron Mail Inbox
Electron Mail Inbox

You can also download an .exe installer for Windows or a .dmg file for macOS. There is even a file for FreeBSD.

Removing ElectronMail

If you install ElectronMail and decide that it is not for you, there are a couple steps that the developer recommends. Be sure to follow these steps before you uninstall the application.

If you are using the “Keep Me Signed In” feature, click “Log out” on the menu. This will delete the locally stored master password. It is possible to delete the master password after uninstalling ElectronMail, but that would involve editing the system keychain.

You will also need to delete the settings folder manually. You can find it by clicking “Open setting folder” after selecting the application’s icon in the system tray.

Electron Mail Setting
Electron Mail Setting

My Thoughts on ElectronMail

I don’t usually use email clients. In fact, I mostly depend on web clients. So, I don’t have much use for this application.

That being said, ElectronMail has a nice feel to it and is easy to set up. It has a good number of features activated out of the box and the advanced features aren’t that hard to activate.

The one question I have relates to search. According to the features list, ElectronMail supports full-text search. However, the free version of Tutanota only supports a limited search. I wonder how ElectronMail handles that.

At the end of the day, ElectronMail is just an Electron wrapper for a couple of web-based emails. I would rather just have them open in my browser than dedicate separate system resources to running Electron. If you only use Tutanota email, they have their own official Electron-based desktop client. You may try that.

My biggest issue is with security. This is an unofficial app for two very secure email apps. What if there is a way to capture your login info or read through your emails? Someone who is smarter than I would have to go through the source code to know for sure. That is always the issue with unofficial apps for a security project.

Have you every used ElectronMail? Do you think it would be worthwhile to install ElectronMail? What is your favorite email client? Please let us know in the comments below.

If you found this article interesting, please take a minute to share it on social media, Hacker News or Reddit.

Similar Posts

  • This is an unofficial app for two very secure email apps. What if there is a way to capture your login info or read through your emails?

    The developer of another abandoned ProtonMail client now recommends ElectronMail:

    https://github.com/unofficial-protonmail-desktop/application

    ElectronMail is loaded with features, but it is somewhat large (almost 600 MB on my platform.) The app is open source, with reproducible builds, so it is extremely unlikely to contain any malware. If you are concerned that it may send data to another site, install a desktop application firewall, and only authorize the official mail servers. Then you would be alerted if the app connects to any other server.

    I would rather just have them open in my browser

    One potential benefit of the app is that it could guarantee the strongest TLS cipher was used, and I dont know if ProtonMail servers would enforce the use of a particular cipher if you login through a web browser. If you do use the browser, you should always open a new window in private mode with no extensions, since malicious extensions can steal login credentials… but people often forget to practice good security hygiene, and the app would solve that problem.

    But of course ProtonMail is only secure when both parties use ProtonMail. And ProtonMail uses PGP — which is obsolete, and does not support forward secrecy (PFS) so all previous messages are revealed if the private key is compromised.

    https://proprivacy.com/privacy-news/security-alert-stop-using-pgp-s-mime-now

    In the long term, we must establish a global standard protocol for e-mail exchange that protects metadata, which the mainstream free e-mail providers like Google & Microsoft will voluntarily adopt. This is only likely to happen if the new protocol can support fallback to insecure SMTP (et cetera) if necessary, so things don’t break during the transition to a new global standard.