I have personally used Riseup mail and know it is regularly used by many people under severe threat models, like activists and journalists. However, I rarely see it brought up in online infosec circles. Here’s some information about their service:
About encryption, Riseup writes:
Our physical servers are protected in ways that do not allow anyone other than Riseup to access them. […] As an additional measure, all of our servers use full disk encryption that can only be unlocked by Riseup. Additionally, all communications between our servers is also always encrypted.
They provide onion services, and when sending an email to another activist email provider, it will be delivered over Tor Onion Services.
To my knowledge, there is no support for custom domain names.
When you send email with Riseup, your internet address (IP address) is not embedded in the email.
Their service is free, so there’s no need for anonymous payment. They operate through very limited invite codes. There also isn’t any PII besides username and password.
There are no MFA options available.
Again, on encryption:
Your e-mails are encrypted individually on our servers, and can only be unlocked and read using your password. This means that Riseup does not have the ability to read your stored emails. Encryption of incoming email is automatic, and only when you login does the mail become decrypted so it can be read. This takes place on the server, which then becomes temporarily trusted while you are authenticated.
Unless you use the Mailvelope browser plugin, or your own OpenPGP solution, our e-mail system is not end-to-end encrypted or client-encrypted.
Then sending an email to another secure email provider or another Riseup user, everything remains encrypted.
Unless Riseup is run by actual birds, the Riseup Collective is anonymous. It can be argued that their history and orientation still provides some trust.
They have a canary.
What they write about themselves on their website seems quite honest, and I doubt their marketing extends much further than that. They are not making money, so there is little interest in making anyone use their service if it doesn’t fit their requirements.
I’d almost be amused if they used Google Analytics.
Their documentation, like their service in general, isn’t the most extensive in the world, but I find that it covers everything that is needed and would be expected for someone using Riseup.
I see some clear weaknesses of Riseup email, for example the lack of MFA options. However, because Riseup has a much more specific user with a clear threat model in mind than your usual email service has, I don’t see this as a bad thing in every case. Some of the requirements (like custom domains or public facing leadership) imo just do not fit riseup because they probably were made with a different type of service in mind.
So, do I think Riseup Email should be added? Probably not, but I’m not completely sure. I put this under Tool Suggestions because I can see an argument for adding them in some way. But even if adding them is out of the question, I would still like to hear your opinion on the service they provide and how you think it stacks up to the alternatives, especially for activists and journalists.
Besides email, Riseup also provides the following services, which you might want to take a look at: