Confidant Mail is an open-source non-SMTP cryptographic email system optimized for large file attachments. It is a secure and spam-resistant alternative to regular email and online file drop services. It uses GNU Privacy Guard (GPG) for content encryption and authentication, and TLS 1.2 with ephemeral keys for transport encryption.

Confidant Mail is the easiest way to use PGP encryption. You can download and install the software and start using it in a few minutes. The only information you have to know and type in is your name, email address, and a password. No complex setup is required. Your public key will be created automatically.

Confidant Mail version 0.45 released 2018-09-06, with a bug fix to the Repair function for large accounts. Click to get the upgrade.

Offensive Warfare 2.0 - The Future of Cyber Warfare - Hacking and Cyber Security Community - is now setting up a Confidant Mail discussion list May 2019.

There is an experimental version, now being tested and available for download, that uses WxPython 4.0.3, OpensSSL 1.1.1 and TLS 1.3

Added a Wordpress blog on 2017-08-14, which may eventually become the main site. Right now I will be posting relevant articles.

Tutorial May 2016: Click Windows or Linux for a step-by-step screen recording showing you how to install and use Confidant Mail.

New feature April 2016: Click here to get alerts by text or regular email when new CM arrives.

Cick here to read why Confidant Mail is better than encrypted webmail.

Features:

• All messages are encrypted and signed with GNU Privacy Guard.
• The server administrator cannot read or alter your email.
• Public keys are retrieved automatically using DNS or Kademlia peer-to-peer.
• Passive snoopers cannot see who is communicating with whom.
• Forward secrecy of messages via encryption subkey rotation
• Two or more machines can access an account with automatic folder sync
• Attachment length is unlimited. Sending multi-gigabyte files is easy.
• Large messages are transferred in hash-checked blocks, like BitTorrent.
• Positive acknowledgment of all messages confirms delivery.
• Proof-of-work makes junk mail costly for the sender.
• Messages can be forwarded with the cryptographic signature intact.
• Sign up for a free server account, run your own server easily, or use peer-to-peer mode.
• Change servers without changing your email address.
• Servers are paired and replicated for high availability.
• Optional TOR or I2P anonymity.
• Use your existing email address. The recipient must have Confidant Mail.
• Works on Windows XP/7/8, MacOS, and Linux.
• Client automatic configuration makes setup easy.
• Support for OpenPGP smartcard

Current status:

• SSL status:
• Version 0.45 fixes the Repair function for large accounts
• Version 0.44 fixes some appearance issues
• Version 0.43 adds help window auto size and time zone in reply date
• Version 0.42 adds high DPI and UI improvements
• Version 0.41 fixes a bug in revoked subkey deletion, added Whonix support
• Version 0.40 fixes a bug in key refresh, and supports GPG 2.1.23
• Version 0.38 provides adjustable connect timeout, View Server Certs option, and UI improvements.
• Version 0.37 provides direct to Address Book and other user interface improvements.
• Version 0.36 fixes the Windows delete key in the editor, adds a Mac icon, fixes problems with Linux already-running detection, and adds recovery from corrupted data blocks.
• Version 0.35 with GPG 1.4.21 which fixes an important security bug
• Version 0.34 fixed Unicode search bug, IPv6 support
• Added printing and fixed a foreign character bug (0.33)
• Added full text search, find button, and outbound bandwidth throttling (0.32)
• Added proof-of-work bypass tokens and save list column widths (0.31)
• Added global font size adjustment, save default font selection, fix Mac/Linux spellcheck (0.30)
• Improved editor and user interface (0.29)
• Added more checking for expired remote keys (0.28)
• Added key rotation for forward secrecy (0.27)
• Added support for GnuPG 2.1 and ECC keys (0.27)
• Added Easy Setup dialog (0.25)
• Added delete and archive on view pages, fix a bug in multiple client (0.24)
• Added multiple client folder sharing (0.23)
• Added listserv and file server, support for Unicode username, email address, and passphrase (0.22)
• Windows 7/8/10 automatic installer available
• Ubuntu Linux 12.04 and 14.04 ready to run binaries available
• MacOS ready to run binaries available
• Server pair available for testing and light use
• Email and large attachment functionality is stable
• Kademlia tested to 6,144 nodes
• TOR works, anonymity code is not thoroughly audited
• I2P support tested successfully in v0.19
• This site is also available as http://cwu7eglxcabwttzf.onion/

Developer contact:
Mike Ingle <mike@confidantmail.org> d2b89e6f95e72e26e0c917d02d1847dfecfcd0c2