That seems like a poorly thought out service that might lull a normal user into thinking that their email is actually secure. It sounds like they encrypt the email between their servers and the client. Great. Your email is flying around the internet unencrypted (most likely through the US, mind) and it's stored on their servers unencrypted, yes?
NoMailbox has built-in encryption functionality. It's one of the many features and options in the new web interface.
To be clear, I'm just a satisfied customer. Using NeoMailbox gives me peace of mind. It's the best option I've found, and that's after months of testing many different paid and free email services.
This is essentially what I'm talking about. It probably shouldn't give you peace of mind. You click an 'Encrypt' button on a web interface and it encrypts it and sends it off. I presume that you can go into your 'Sent Items' and look at that email's contents even though you've encrypted it, yes? So it's either sitting there unencrypted on the server or they have the keys.
While I appreciate the condescencion, their website says "We use OpenPGP" and doesn't specify how you can decrypt a message using their webmail client without storing (or sending) your keys on their server. If there is a workable solution to that, I'm genuinely curious about it.
I'm sure they're a lovely email provider, but when they emphasize 'Secure Email' the onus is on them to prove that their secure system isn't a series of wishes and 'trust us'.
