On Thursday July 16th, 2026 between 18.00 and 20.00 CEST, there is maintenance work on https://nlnet.nl.
Send in your ideas for NGI Taler/Fediversity. Deadline August 1, 2026

Email

Email clients and servers

This page contains a concise overview of projects funded by NLnet foundation that belong to Email (see the thematic index). There is more information available on each of the projects listed on this page - all you need to do is click on the title or the link at the bottom of the section on each project to read more.

AEAP — Automated e-mail address porting to a new provider
logo

There is no search for email addresses, like there was in the days long gone of the phone book. Once an old contact disappears (e.g. moves jobs, changes provider), even hough you may have exchanged many emails with that person you can not discover which new email address(es) go(es) with that old contact.

The Automated E-mail Address Porting project (AEAP) wants to allows you to find the new email addresses of these existing email contacts. The project will research and develop the porting of an e-mail address to a new provider. We will implement, document, user-test and release a porting mechanism for Delta Chat, a leading end-to-end encryption mail client. Users can decide they want to use a new provider by entering credentials for a new e-mail address. The outcome of the AEAP project will be Delta Chat Desktop, Android and iOS releases to all app stores, providing seamless porting of e-mail addresses. Changing an e-mail provider will not depend on the consent of the existing one. GMail and various other "free e-mail" provider lock-in strategies will be weakened, also through the e2e-encryption that our AEAP effort spearheads.

Read more about AEAP.

Aerogramme — Standards-compliant open-source IMAP server with server-side encryption
logo

Aerogramme is an open-source IMAP server targeted at distributed infrastructures and written in Rust. It is built on top of Garage, a (geographically) distributed object storage software. Aerogramme thus inherits Garage resiliency: its mailboxes are spread on multiple distant regions, regions can go offline while keeping mailboxes available, storage nodes can be added or removed on the fly, etc. Not only does it inherit its resiliency, but it also shares the burden of data management. Aerogramme can be seen as a proxy between the IMAP protocol and Garage protocols (S3 and K2V); it does not handle any data on its own and can be freely moved between machines. Multiple instances can also be run in parallel. As emails are very sensitive, Aerogramme encrypts users' mailboxes with their passwords. Data is decrypted in RAM upon user login: the Garage storage layer handles only encrypted blobs. Aerogramme is to our knowledge the first IMAP server to be designed from the ground up with object storage in mind. Thanks to this design, it is resilient and easy to scale.

Read more about Aerogramme, Aerogramme 1.0.

DIME — A new encrypted, end-to-end email protocol
logo

The DIME project has three distinct goals: to make end-to-end email encryption transparent and automatic, to minimize the leakage of metadata, and to enshrine the standards which make automation resistant to manipulation by advanced persistent threats. This has led to the development of a set of protocols and data formats which combine the best of current technologies into an integrated system that gives adequate protection, yet remains flexible. It allows for people to improve their security without sacrificing functionality.

Read more about DIME.

Email <=> XMPP gateway — Bridge instant messaging with email
logo

Libervia is a versatile communication ecosystem offering features like instant messaging, blogging, event planning, photo albums, file sharing, audio/video calls, and more. It can additionally function as an XMPP component, providing server-side features. This initiative focuses on creating an Email <=> XMPP gateway, enhancing file management for attachments, transforming mailing list threads into interactive, forum-style discussions with modern elements such as tags and mentions, and ensuring support for end-to-end encryption. The Libervia interface will also see improvements for a better user experience, with clear indicators of message origins and security status. This gateway is a move toward unifying various communication methods within single clients, following Libervia's philosophy as seen with its ActivityPub <=> XMPP gateway and is in harmony with other projects like Slidge, Spectrum 2, or Biboumi. With the introduction of this component, not only will Libervia's functionality be elevated, but it will also equip other XMPP ecosystem projects with the ability to connect their users with the email world, fostering deeper integration of XMPP across the spectrum of communication tools.

Read more about Email <=> XMPP gateway.

Himalaya — End-to-end encryption capable scriptable email
logo

Himalaya is a cross platform and open source toolsuite for managing emails. Its aim is to extract the email business logic into a safe and secure Rust library, so it can be consumed by any compatible client. This architecture makes the tool very flexible and versatile: move batch of emails from the command-line input, automatically sign or decrypt emails levering OpenPGP's web of trust, view HTML version of emails from the terminal, write emails with your favourite text editor, set up a new message notifier in a systemd daemon, view emails from a graphical user interface alla Thunderbird… possibilities are endless! The funding from NLnet will be used to release the first production-ready version of the library and to release few compatible clients like a CLI, a TUI, a GUI, a Vim plugin and an Emacs plugin. Himalaya also plans to extend the concept to other email-related domains, like contact management, events/calendar management, tasks management etc.

Read more about Himalaya.

Improve Email Encryption in KMail — Adopt improvements in Email Encryption in KMail
logo

The goal of this project is to make it more simple for inexperienced users to just use encrypted mails, at the click of a button. Autocrypt is a new method for email encryption, that needs nearly no user interaction. It performs the needed key exchange transparently in the background, and does key management automatically. Encrypted Headers is a protocol to send mail headers in the encrypted mail part. Traditional encryption methods leaked meta-data, which could be used for mass surveillance purposes. The result will be part of the KDEPIM codebase, so you don't have to install anything else than KMail to use these improvements.

Read more about Improve Email Encryption in KMail.

Lightmeter — Email server configuration lifecycle management
logo

Lightmeter will make it easy to run email servers large and small by visualising, monitoring, and notifying users of problems and opportunities for improved performance and security. People will regain control of sensitive communications either directly by running their own mailservers, or indirectly via the increased diversity and trustworthiness of mail hosting services.

Read more about Lightmeter.

Mailpile Search Integration — Personal email search engine
logo

Mailpile is an e-mail client and personal e-mail search engine, with a strong focus on user autonomy and privacy. This project, "Mailpile Search Integration", will adapt and enhance Mailpile so other applications can make use of Mailpile's built-in search engine and e-mail store. This requires improving Mailpile in three important ways: First, the project will add fine-grained access control, so the user can control which data is and isn't exposed. Second, enabling remote access will be facilitated, allowing a Mailpile running on a personal device to communicate with applications elsewhere on the network (such as smartphones, or services in "the cloud"). And finally, the interoperability functions themselves (the APIs) need to be defined (building on existing standards wherever possible), implemented and documented.

Read more about Mailpile Search Integration, Mailpile 2 (moggie).

Mox — Modern full-featured open source secure mail server
logo

Mox is a modern email server implementation that makes it easy for people and organizations to run their own mail server, allowing them to stay in control of their own email communication, and keeping email decentralized. While high-quality open source mail server software components exist, their code bases are growing old, and getting a working setup involves configuring at least half a dozen of them to work together. That complexity has turned people to a few (centralized) email providers. Mox gives users their power back! All important protocols/mechanisms needed for a modern email setup have been implemented in mox, including: IMAP4, SMTP, SPF, DKIM, DMARC, MTA-STS, TLSRPT, automatic TLS with ACME and Let's Encrypt, IP/domain/bayesian spam filtering, internationalized email, account autoconfiguration. Setting up mox takes just minutes with the quickstart, with no additional tools/dependencies required. The code base is lean, coherent, self-contained, well-tested, cross-referenced with specifications, liberally MIT-licensed, trivially reproducibly built and is defensively written in Go, a modern, safe programming language. Mox's integrated approach has allowed for novel functionality. Development continues on supporting more protocols and extensions, as well as quality improvements such as more automated tests. On the roadmap at the time of writing (but check the project site!): IMAP4 CONDSTORE, QRESYNC, THREAD extensions, DANE and DNSSEC, sending DMARC and TLS reports, OAUTH2, Sieve, JMAP, Webmail, Calendaring and more.

Read more about Mox, Mox API, Mox management and automation.

Mustang - UI components — Integrated email, team chat, video conference, calendar and file exchange
logo

Mustang is an Open-Source desktop and mobile app that seamlessly integrates email with team chat, video conference, calendar and file exchange into a single app for communication. It is available for Windows, macOS, Linux and planned for Android and iOS. It respects user privacy and data sovereignty, keeping the data on your own computer systems. By supporting various open protocols (and optionally through extensions also closed protocols of multiple vendors), it allows for a smooth transition to openness. In this project, certain UI components will be developed, the File Sharing UI be improved, and a prototype UI for Structured Data in email (SML) be implemented. As time permits, other components will be developed as well.

Read more about Mustang - UI components, Mustang UX.

PGP4civiCRM — Add email encryption to CRM
logo

E-mail security and privacy is not just relevant inside organisations or between individuals. A lot of email traffic comes from the institutions we all have to deal with, including some of the most confidential emails we get. And yet there is no way for users to protect their privacy and confidentiality when sending and receiving messages from organisations using such systems. PGP4civiCRM enables automatic PGP encryption/decryption of e-mails on the server side. While the project will provide special integration for the Constituent Relation Management System CiviCRM, the basic functionality can be used also with regular mailservers like postfix. The PGP4civiCRM core will basically be a milter, that listens for input messages, then looks up PGP keys from configurable sources (local key rings, LDAP) and then, based on a local, configurable, policy, encrypts/decrypts messages (or leaves them untouched) before passing them on. This way system administrators can with tiny effort provide transparent encryption support for all their mail users. Especially for CiviCRM the project will create an extension that allows easy web-based configuration of the relevant pieces and displaying of encrypted, received e-mails using OpenPGP.js.

Read more about PGP4civiCRM.

Stalwart Mail Server — Robust full featured mail infrastructure in Rust
logo

Self-hosting an e-mail server is notoriously difficult. While privacy is a top concern for many individuals and businesses, the complexities of self-hosting a mail server often outweigh the benefits, leading many to choose to sacrifice some privacy and pay a third-party provider to manage their email instead. One of the key challenges of self-hosting an email server is the outdated and complex nature of most available open-source mail server software.

Stalwart Mail Server is an open-source email server written in Rust that aims to help modernize, democratize, and promote decentralization of email. The server offers a robust and privacy-focused solution that is easy for individuals and businesses to set up and maintain on their own.

Stalwart Mail Server consists of three components: a JMAP server, an IMAP4 server with support for ManageSieve as well as many extensions, and an SMTP server with support for DMARC, DKIM, ARC, and SPF. The server does not require any external software or databases to run and can easily scale to multiple servers thanks to its native Raft support.

Furthermore, the use of Rust in Stalwart Mail Server allows it to offer improved performance, safety, and concurrency compared to other solutions, making it a versatile and robust choice for those looking to self-host their own email server.

Read more about Stalwart Mail Server, Stalwart Collaboration Server.

Structured Email for Roundcube — Add schema.org metadata awareness to open source email
logo

Email is probably the only open and widespread technology bridging our private information space (Mobile, Desktop) and the public Internet. It can in fact be considered our "personal API". Structured Email for Roundcube develops a plugin for the popular Roundcube Webmail software, which extracts Schema.org data embedded in email messages. Based on that, it allows for new ways of presenting emails and interacting with them.

Read more about Structured Email for Roundcube.

Alps Webmail — Minimalist open source webmail in Go

Alps Webmail is a minimalist, stateless webmail client designed for modern IMAP infrastructure. Built with simplicity, speed, and extensibility in mind, it avoids central databases and heavy frameworks, making it ideal for scalable deployments and low-maintenance environments. Alps supports multi-tenancy, responsive theming, CalDAV/CardDAV integration, and a lightweight plugin system using Lua or Go. It is already used by thousands of users and aims to become the default webmail layer for self-hosted and provider-grade email platforms, emphasizing usability, transparency, and long-term sustainability.

Read more about Alps Webmail.

GPG Lacre project — Best effort encryption of mail flows with OpenPGP

This project is the continuation of the work on providing open source, GnuPG based email encryption for emails at rest. All incoming emails are automatically encrypted with user's public key before they are saved on the server. It is a server side encryption solution while the control of the encryption keys are fully at the hands of the end-user and private keys are never stored on the server.

The scope of the project is to improve on the already existing code, provide easy to use key upload system (standalone as well as Roundcube plugin) and key discoverability. Beside providing a solution that is easy to use we will also provide easy to digest material about encryption, how it works and how to make use of it in situations other the just mailbox encryption. Understanding how encryption works is the key to self-determination and is therefore an important part of the project.

GPG Mailgate will be battle tested on the email infrastructure of Disroot.org (an ethical non-profit service provider).

Read more about GPG Lacre project.

Husk — Pass-through solution for automatic OpenPGP encryption

Husk is an email filter (milter) for MTAs which encrypts emails while they pass through it. It facilitates Web-of-Trust technologies to use decentralized and federated certificate authorities as sources for authenticated OpenPGP certificates. It aims to reduce the amount of administrative effort of obtaining and keeping them up to date by establishing narrow, focused trust delegations. Husk can be used to encrypt emails for services which cannot encrypt on their own – like notification systems or issue trackers, or being used at the end of transport to implement zero-access encryption (for email at rest).

Husk is written in Rust and uses Sequoia PGP for encryption and certificate handling.

Read more about Husk.

imap-codec library — Release version 1.0 of the imap-codec library

With an expected volume of 333 billion messages per day in 2022, email is one of today's most common methods to exchange information on the Internet. For better or worse, email is unlikely to go away soon, meaning that even the latest software needs to support it in a trustworthy and resilient way. imap-codec is a misuse-resistant IMAP parsing and serialization library focusing on correctness and security. It should pave the way for a new generation of email clients, servers, and utilities written in Rust and become a reusable building block for the Next Generation Internet. To archive that, it is essential to stabilize the API, improve testing, provide excellent documentation, and establish a welcoming and sustainable open-source environment for imap-codec.

Read more about imap-codec library.

MailBox renewal — Performance upgrade of MailBox mail modules

Email is still the workhorse of the internet, and behind the screens some of the heavy lifting is by applications like the Mailbox modules. Under the hood, this software is processing billions of emails every day at some of the largest players in the industry.

The project will deliver a major update of the code after two decades. This is not only long overdue, but actually offers interesting opportunities to take into account new email related RFCs, investigate new possibilities for code optimisation as well as tackling new threats like SMTP smuggling.

As a bonus, the project will work on a standalone tool to be able to once more properly forward emails in the SPF/DMARC era - a very welcome capability, the lack of which is currently causing a lot of headache and lost email for users.

Read more about MailBox renewal.

PTT — Unikernel Mailing list server in OCAML

Email is still one of the main channel of communication.Setting up and maintaining something as simple as a reliable mailing list in-house is significantly more complex than it ought to be. Out of convenience, many organisations and communities outsource running their maiilng lists service to third-party agents. However, this not only creates an unnecessary dependency but also reduces confidentiality, which can be a critical aspect.

This project has the ambition to win back the means of communication, developing a new mailing list application service that is easier to maintain securely (through unikernels using MirageOS), and is efficient in terms of resource usage. The service should integrate into existing infrastructures seamlessly.

Read more about PTT.