cloud.sr2.uk/docs/link/channels/proton.md

---
title: Proton Mail Channel
sidebar_label: Proton Mail Channel
sidebar_position: 55
description: Using a ProtonMail email account
---

[Proton Mail](https://proton.me/mail) is the largest end-to-end encrypted email hosting service.
It was launched in 2014 and is headquartered in Geneva, Switzerland.
It is owned by the non-profit Proton Foundation through its subsidiary Proton AG.
Proton Mail uses client-side encryption to protect email content and user data before they are sent to Proton Mail
servers, unlike other common email providers.

The source code for the back end of Proton Mail remains closed-source, but Proton Mail released the source code for the
web interface, iOS and Android apps, and the [Proton Mail Bridge app](https://github.com/ProtonMail/proton-bridge)
under an open-source licence.

Although Proton Mail's encryption uses the open standard OpenPGP, and the Link platform support OpenPGP when used with
other email providers, it is not possible to directly interact with the encryption from the Link platform.
This is because Proton Mail does not provide the traditional IMAP and SMTP server endpoints to send and receive emails
and only allows connection via the Proton Mail bridge app which handles all encryption and decryption of messages.

## Requirements

* You must have a paid plan to use the Proton Mail channel as the use of the Proton Mail Bridge app is not possible on
a free account.
* Additionally, a user must be dedicated for the use of the helpdesk, it is not sufficient to create an alias on an
existing user.

## Encryption & Key Management

OpenPGP private keys are created automatically for each Proton Mail account, although these are stored in a way that
they are not generally available other than when successfully authenticated to the platform.
In the case of Link, this means that the Proton Mail Bridge app is authenticated and then has access to the OpenPGP
private key.

It is not currently possible to import public keys of 3rd-party (i.e. non-Proton Mail) email addresses, and so only
emails between Proton Mail users will be end-to-end encrypted.
The service also
[does not support the Autocrypt standard](https://protonmail.uservoice.com/forums/945460-general-ideas/suggestions/32845105-autocrypt-support),
which allows other clients to import discovered public keys automatically on new conversations.
The Proton Mail documentation [has more on this topic](https://proton.me/support/proton-mail-encryption-explained).

We will provide you with your public OpenPGP key when the channel is set up, and you can make this discoverable via your
website, but for conversations with 3rd-party accounts we expect the conversations will only be encrypted in one
direction and your replies will not be encrypted.

The helpdesk is unaware of the encryption happening in Protonmail, and cannot inform agents when an email that was sent
or received by the helpdesk was encrypted or not.

## Setting up

If you do not have an organisational account, we can fully manage the Proton Mail account setup including billing.
Please [contact us](https://www.sr2.uk/contact) to discuss this.

If you have an organisational account,
[send an invite for the new user](https://proton.me/support/add-users-organization#create-a-new-user) (the new helpdesk
channel address) to contact@sr2.uk, and email the same address to let us know you are doing this and that you would
like the channel added to your helpdesk.

Once the setup is complete we will provide you with OpenPGP public key and will also upload it to
[keys.openpgp.org](https://keys.openpgp.org/) to aid in its discovery by users.
We can also provide support on setting up Web Key Discovery (WKD) on your custom email domain if desired to further
increase the chances that inbound emails will be automatically encrypted, although this still cannot help to encrypt
replies to 3rd-party email services.