This step-by-step guide walks you through how to set up a private OnionMail account using Tor. Learn how to configure Thunderbird, route traffic through Tor, and encrypt your messages with OpenPGP to protect your communications from data brokers and corporate surveillance. If you’ve ever wanted an anonymous email service that doesn’t log or profile you, this is the fastest way to get it running.
Privacy isn’t just for the elite. It’s for everyone willing to take ten minutes and refuse the default. This is a quick guide for the less than technical savvy to set up their very own free private tor enabled email using Onionmail. Privacy is for everyone, not just the super cyber nerds.
What OnionMail Is
OnionMail is a Tor-based email network. It runs POP3 and SMTP servers hidden inside the Tor ecosystem. No Google middleman. No metadata leaks to your ISP. Each server is run by someone different, so there’s no single point of control. You can read more at onionmail.info.
Step 1: Get Tor Browser
You’re going to need Tor. No way around it. Go to torproject.org and download it. Without it, nothing else works.
Step 2: Choose a Server and Sign Up
Open Tor Browser and visit the directory page: https://onionmail.info/directory.html
Choose one of the servers and sign up for an account. I say sign up but it is just choosing a user name you want to go before the @xyz.onion email address and solving a captcha.
So pick one of the listed servers, then:
- Choosing a username (the part before @)
- Solving a CAPTCHA
- Getting your new address, e.g., user@xyz.onion
Account information
Once you are done signing up an Account information page will pop up. MAKE SURE YOU SAVE THIS!!! It has your address and passwords (for sending and receiving email) that you will need. If you lose them then you are shit out of luck.
Step 3: Install an Email Client
You can use anything: Claws Mail, Neomutt, or Thunderbird. We’ll use Thunderbird here because it’s familiar and works well with Tor.
- Download and install Thunderbird.
- When the setup screen asks for your info, it won’t like @xyz.onion.
Type something like user@example.com so the Configure Manually button appears.
Click that.
Step 4: Configure Incoming (POP3)
Under Incoming Server:
- Protocol: POP3
- Hostname: xyz.onion (whatever your server is)
- Port: 110
- Security: STARTTLS
- Authentication: Normal password
- Username: your chosen username
- Password: your POP3 password
Step 5: Configure Outgoing (SMTP)
Under Outgoing Server:
- Hostname: xyz.onion
- Port: 25
- Security: STARTTLS
- Authentication: Normal password
- Username: same username
- Password: your SMTP password
Once done, fix your “From” address in Thunderbird so it matches your @xyz.onion addres. To do this click on email at the top and change your address if you had to use a spoof one to get the configure manually to pop up.
Step 6: Route Through Tor
Thunderbird has to talk to the .onion network. So now we need to configure the Proxy so it routes correct through tor.
- Click the gear icon on the bottom left for settings.
- Open Settings -> scroll to Network & Disk Space -> click Connection Settings.
- Choose Manual Proxy Configuration
- SOCKS Host: 127.0.0.1
- Port: 9050 (if you’re using a VM, check your Tor config)
- Select SOCKS5
- Check Proxy DNS when using SOCKS5
Click OK. Done.
Step 7: Check Mail
Make sure Tor Browser is running (or your Tor daemon is active). For thunderbird to reach the onion mail server it has to be connected to tor. Depending on your local setup, it might be fine as is or you might have to have tor browser open in the background.
Click on inbox and then the little cloud icon with the down arrow to check mail.
If you get a warning about the security certificate, it’s because the server uses a self signed cert.
Thunderbird will ask to Add Security Exception. Confirm it.
Step 8: Encrypt It
The server can read your mail. Don’t hand them plain text.
Go to Account Settings -> End-to-End Encryption.
Either:
- Import your existing OpenPGP key, or
- Open the Key Manager and generate a new one for this account.
If you don’t already use encryption, start here. This is what keeps the admin from peeking.
Final Notes
This setup isn’t perfect. It’s human run, volunteer hosted, and fragile in spots, but it’s yours. It’s decentralized, untraceable, and out of corporate reach.
You are done. Enjoy your new private email service.
If you like the service and intend to keep using it then consider donating to Onion Mail. It is volunteer hosted and they do incur costs. Donation page can be found HERE.
-GHOST
Written by GHOST, creator of the Untraceable Digital Dissident project.
This is part of the Untraceable Digital Dissident series — tactical privacy for creators and rebels.
Explore more privacy tactics at untraceabledigitaldissident.com.