all-in-one privacy solution":["Proton Unlimited — комплексное решение для защиты данных"],"Black Friday":["Черная пятница"],"No ads. Privacy by default.":["Без рекламы. Гарантия конфиденциальности"],"People before profits":["Люди важнее прибыли"],"Security through transparency":["Безопасность, основанная на прозрачности"],"The best Proton Mail ${ BLACK_FRIDAY } deals":["${ BLACK_FRIDAY }: лучшие предложения Proton Mail"],"The world’s only community- supported email service":["Единственный в мире сервис электронной почты с поддержкой сообщества"]},"specialoffer:limited":{"${ hours } hour":["${ hours } час","${ hours } часа","${ hours } часов","${ hours } часа"],"${ hoursLeft }, ${ minutesLeft } and ${ secondsLeft } left":["Осталось ${ hoursLeft }, ${ minutesLeft } и ${ secondsLeft }"],"${ minutes } minute":["${ minutes } минута","${ minutes } минуты","${ minutes } минут","${ minutes } минуты"],"${ seconds } second":["${ seconds } секунда","${ seconds } секунды","${ seconds } секунд","${ seconds } секунды"],"Limited time offer":["Ограниченное по времени предложение"]},"specialoffer:listitem":{"Create multiple addresses":["Создавайте несколько адресов"],"Hide-my-email aliases":["Создавайте алиасы hide-my-email"],"Quickly unsubscribe from newsletters":["С легкостью отменяйте подписку на рассылки"],"Use your own domain name":["Используйте собственное доменное имя"]},"specialoffer:logos":{"As featured in":["О нас в СМИ"]},"specialoffer:metadescription":{"Get an encrypted email that protects your privacy":["Электронная почта, защищающая вашу конфиденциальность"]},"specialoffer:metatitle":{"Proton Mail Black Friday Sale - Up to 40% off":["Черная пятница в Proton Mail: скидки до 40 %"]},"specialoffer:newmetadescription":{"Get up to 40% off Proton Mail subscriptions this Black Friday. Find great deals on our secure end-to-end encrypted email plans.":["Получите Proton Mail со скидкой до 40 %. Не пропустите выгодные предложения на планы безопасной электронной почты, зашифрованной сквозным шифрованием, в честь «черной пятницы»."]},"specialoffer:newmetatitle":{"Proton Mail Black Friday sale | Up to 40% off secure email":["«Черная пятница» в Proton Mail | Скидки до 40 %"]},"specialoffer:note":{"* Billed at ${ TOTAL_SUM } for the first year":["* ${ TOTAL_SUM } за первый год."],"*Billed at ${ TOTAL_SUM } for the first 2 years":["* ${ TOTAL_SUM } за первые два года."],"30-day money-back guarantee":["Гарантия возврата средств в течение 30 дней"],"Billed at ${ TOTAL_SUM } for the first 2 years":["${ TOTAL_SUM } за первые 2 года"],"Billed at ${ TOTAL_SUM } for the first year":["${ TOTAL_SUM } за первый год"],"You save ${ SAVE_SUM }":["Вы экономите ${ SAVE_SUM }."]},"specialoffer:off":{"${ DISCOUNT } off":["–${ DISCOUNT }"],"${ PERCENT_OFF } off":["–${ PERCENT_OFF }"]},"specialoffer:testimonial":{"I love my ProtonMail":["Обожаю ProtonMail!"],"My favorite email service":["Мой любимый сервис электронной почты"],"Thanks Proton for keeping us all safe in the complicated internet universe.":["Спасибо Proton за защиту в запутанном интернет-пространстве."],"You get what you pay for. In the case of big tech, if you pay nothing, you get used. I quit using Gmail and switched to @ProtonMail":["Полностью оправданное вложение денег. Бигтех-компании используют тебя, если ты им не платишь. Поэтому я перешла с Gmail на @ProtonMail."]},"specialoffer:time":{"Days":["дн."],"Hours":["ч."],"Min":["мин."]},"specialoffer:title":{"And much more":["И это еще не всё"],"Make your inbox yours":["Настройка на свой вкус"],"Safe from trackers":["Защита от трекеров"],"Stay organized":["Всё по полочкам"],"Black Friday email deals":["Безопасная почта для покупок в «черную пятницу»"],"Don’t just take our word for it":["Отзывы наших клиентов"],"Our story":["Наша история"],"Transfer your data from Google in one click":["Перенесите данные из Gmail в одно нажатие"]},"specialoffer:tooltip":{"Access blocked content and browse privately. Includes ${ TOTAL_SERVERS }+ servers in ${ TOTAL_COUNTRIES }+ countries, connect up to 10 devices, access worldwide streaming services, malware and ad-blocker, and more.":["Сохраняйте конфиденциальность в Интернете и получайте доступ к заблокированному контенту. Включает ${ TOTAL_SERVERS } серверов более чем в ${ TOTAL_COUNTRIES } странах с возможностью подключения на 10 устройствах, доступ к стриминговым платформам со всего мира, блокировщик рекламы, функцию защиты от вредоносных программ и другие преимущества."],"Easily share your calendar with your family, friends or colleagues, and view external calendars.":["Предоставляйте доступ к календарю родственникам, друзьям и коллегам, а также просматривайте календари других сервисов"],"Includes support for 1 custom email domain, 10 email addresses, 10 hide-my-email aliases, calendar sharing, and more.":["Включает поддержку 1 пользовательского домена, 10 адресов электронной почты, 10 алиасов hide-my-email, совместный доступ к календарю и другие преимущества."],"Includes support for 3 custom email domains, 15 email addresses, unlimited hide-my-email aliases, calendar sharing, and more.":["Включает поддержку трех пользовательских доменов, 15 адресов электронной почты, неограниченного числа алиасов hide-my-email, совместный доступ к календарю и другие преимущества."],"Manage up to 25 calendars, mobile apps, secured with end-to-end encryption, 1-click calendar import from Google, and more.":["До 25 календарей, мобильные приложения, сквозное шифрование, удобный перенос данных из Google Календаря и другие преимущества"]},"Status Banner":{"At the moment we are experiencing issues with the Proton VPN service":["При использовании сервиса Proton VPN могут возникать проблемы"],"Learn more":["Подробнее"]},"Status banner":{"Learn more":["Подробнее"],"Please note that at the moment we are experiencing issues with the ${ issues[0] } service.":["Сейчас при использовании сервиса ${ issues[0] } могут возникать проблемы."],"We are experiencing issues with one or more services at the moment.":["При использовании одного или нескольких сервисов могут возникать проблемы."]},"suggestions":{"Suggestions":["Предложения"]},"Support":{"Sub category":["Подкатегория","Подкатегории","Подкатегорий","Подкатегорий"]},"Support article":{"${ readingTime } min":["${ readingTime } мин.","${ readingTime } мин.","${ readingTime } мин.","${ readingTime } мин."],"Category":["Категория","Категории","Категорий","Категорий"],"Didn’t find what you were looking for?":["Не нашли желаемый контент?"],"General contact":["Общие контакты"],"Get help":["Получить помощь"],"Legal contact":["Контакты юридического отдела"],"Media contact":["Контакты для прессы"],"Partnerships contact":["Контакты по вопросам партнерства"],"Reading":["Чтение"]},"Support categories":{"Browse Proton product support":["Смотреть ресурсы по поддержке продуктов Proton"]},"Support category":{"There is no article in this category yet.":["В этой категории еще нет статей."]},"Support troubleshooting":{"--- Select ---":["— Выбрать —"],"Adding and importing contacts":["Добавление и импортирование контактов"],"App version":["Версия приложения"],"Automatically save contacts":["Автоматическое сохранение контактов"],"Bridge connection issues with Outlook, Apple Mail or Thunderbird":["Ошибки подключения Bridge к Outlook, Apple Mail или Thunderbird"],"Browser":["Браузер"],"Check if this helps":["Возможно, нужный ответ найдется здесь"],"Choose a category for your question":["Выберите категорию запроса"],"Connectivity errors on Android and iOS":["Ошибки подключения в iOS и Android"],"Contacts":["Контакты"],"Custom domain":["Пользовательский домен"],"Desktop notifications":["Уведомления на рабочем столе"],"Did this solve your issue ?":["Удалось ли нам решить вашу проблему?"],"Difference between Combined Addresses Mode and Split Addresses Mode":["Разница между режимами комбинированных и разделённых адресов"],"Differences between addresses, aliases, and sub-users":["Разница между адресом, псевдонимом и дополнительным пользователем"],"Email notifications":["Уведомления по электронной почте"],"Email tracking protection":["Защита от отслеживания электронной почты"],"Encryption":["Шифрование"],"Encryption keys management":["Управление ключами шифрования"],"Faster assistance is just a few clicks away — please make your selections":["Выберите подходящие варианты. Всего пара нажатий — и вы на шаг ближе к решению проблемы."],"How to avoid receiving spam messages":["Что сделать, чтобы не получать спам"],"How to block unwanted email":["Как заблокировать нежелательные электронные письма"],"How to configure your email client for Bridge":["Как настроить почтовый клиент для Bridge"],"How to create contact groups":["Как создать группу контактов"],"How to create or edit CSV contacts":["Как создать или изменить CSV-файл с контактами"],"How to install Proton Mail Bridge":["Как установить Proton Mail Bridge"],"How to merge duplicate contacts":["Как объединить одинаковые контакты"],"How to send encrypted messages to external users":["Как отправлять зашифрованные сообщения пользователям других сервисов"],"How to set up a custom domain":["Как настроить пользовательский домен?"],"How to unsubscribe from Apple’s TestFlight notification emails":["Как отказаться от уведомлений по электронной почты от Apple TestFlight"],"How to use auto-reply":["Как использовать автоответчик"],"How to use filters":["Как использовать фильтры"],"How to use folders and labels":["Как использовать папки и ярлыки"],"How to use PGP encryption":["Как использовать PGP-шифрование"],"Invalid password error while setting email client for Bridge":["Ошибка неверного пароля при настройке почтового клиента для Bridge"],"Login security notification alerts":["Оповещения безопасности входа"],"Manage mailbox appearance":["Изменение внешнего вида почтового ящика"],"Mobile connectivity and synchronization":["Сетевые подключения и синхронизация на мобильных устройствах"],"No, contact support":["Нет, связаться со службой поддержки"],"Notifications":["Уведомления"],"Other":["Другой"],"Problems with deleting messages":["Ошибки при удалении сообщений"],"Problems with moving messages":["Ошибки при перемещении сообщений"],"Problems with read/unread message status":["Ошибки статуса прочтения сообщений"],"Proton Mail Bridge":["Proton Mail Bridge"],"Proton Mail settings":["Настройки Proton Mail"],"Push notifications not arriving":["Что делать, если push-уведомления не приходят"],"Sending and receiving messages":["Отправка и получение сообщений"],"Sending and receiving messages limitations":["Ограничения на отправку и получение сообщений"],"Sending and receiving troubleshooting":["Устранение неполадок с отправкой и получением сообщений"],"Spam filtering, Allow and Block lists":["Фильтрация спама, чёрные и белые списки"],"Sub-users and organizations":["Организации и дополнительные пользователи"],"Thank you for your feedback":["Спасибо за отзыв!"],"Troubleshooting":["Устранение неполадок"],"Verify custom domain records & anti-spoofing":["Подтверждение записей пользовательского домена и защита от спуфинга"],"What can we help with ?":["Чем мы можем вам помочь?"],"What if your domain records fail (TXT, MX, SPF, DKIM, DMARC)":["Что делать, если записи домена (TXT, MX, SPF, DKIM, DMARC) не работают"],"What is encrypted on Proton Mail":["Какие данные зашифровываются в Proton Mail"],"Yes":["Да"]},"support_modal_search_query":{"How to use a custom domain?":["Как работать с пользовательским доменом"],"Search query":["Поисковый запрос"]},"support_modal_search_result":{"Search result":["Результат поиска"]},"support_modal_title":{"Blog search":["Поиск по блогу"],"Support search":["Поиск в материалах службы поддержки"]},"support_search_button":{"Search":["Найти"]},"support_search_i_am_looking_for":{"I'm looking for":["Я ищу"]},"SupportForm":{"For a faster resolution, please report the issue from the Bridge app: Help > Report a problem.":["Чтобы быстро устранить проблему в приложении Bridge, выберите «Справка» > «Сообщить о проблеме»."],"Information":["Информация"]},"SupportForm:option":{"Account Security":["Безопасность аккаунта"],"Contacts":["Контакты"],"Custom email domain":["Пользовательский домен адреса электронной почты"],"Email delivery and Spam":["Доставка электронных писем и спам"],"Encryption":["Шифрование"],"Login and password":["Имя пользователя и пароль"],"Merge aliases and accounts":["Объединение псевдонимов и аккаунтов"],"Migrate to Proton":["Переход на Proton"],"Notifications":["Уведомления"],"Other":["Другое"],"Plans and billing":["Тарифы и оплата"],"Proton for Business":["Proton for Business"],"Sign up":["Регистрация"],"Storage":["Хранилище"],"Users, addresses, and identities":["Пользователи, адреса и личные данные"]},"SupportForm:optionIntro":{"Select a topic":["Выберите тему"]},"swiss_baseed_feature":{"Swiss based":["В Швейцарии"]},"Testimonial":{"Awards":["Награды"],"Customers":["Клиенты"],"Featured":["Что о нас говорят"],"Go to testimonial source":["Перейти к источнику отзыва"],"Reviews":["Отзывы"],"Videos":["видео."]},"Text":{"Find the plan that's right for you":["Найдите подходящий план"],"If you need help, check out our ${ supportLink }.":["Если вам нужна помощь, перейдите в ${ supportLink }."],"The page you’re looking for might have been removed, or it could be an\nold link.":["Возможно, страница удалена\nили у вас устаревшая ссылка."]},"Title":{"On this page":["На этой странице"],"Related articles":["Статьи по теме"],"Share ${ thisPage }":["Поделиться ${ thisPage }"],"Thank you!":["Спасибо!"],"this page":["этой страницей"]},"Tooltip":{"More information":["Подробнее"]},"tooltip_calendar":{"Create up to 20 custom & shareable encrypted calendars. On top of that, add up to 5 calendars from friends, family, colleagues, and organizations.":["Есть возможность создать до 20 зашифрованных пользовательских календарей и делиться ими с другими людьми, а также добавить до 5 календарей друзей, родственников, коллег и организаций."]},"tooltip_vpn":{"Access blocked content and browse privately. Includes ${ TOTAL_SERVERS }+ servers in ${ TOTAL_COUNTRIES }+ countries, highest VPN speed, ${ TOTAL_VPN_CONNECTIONS } VPN connections, worldwide streaming services, malware and ad-blocker, and more.":["Получайте доступ к заблокированному контенту, просматривайте страницы анонимно и пользуйтесь стриминговыми сервисами со всего мира. Мы предлагаем ${ TOTAL_SERVERS } серверов более чем в ${ TOTAL_COUNTRIES } странах, высочайшую скорость VPN, ${ TOTAL_VPN_CONNECTIONS } VPN-подключений, защиту от вредоносных программ, блокировщик рекламы и многое другое."],"Access blocked content and browse privately. Includes ${ TOTAL_SERVERS }+ servers in ${ TOTAL_COUNTRIES }+ countries, highest VPN speed, 10 VPN connections, worldwide streaming services, malware and ad-blocker, and more.":["Получайте доступ к заблокированному контенту, просматривайте страницы анонимно и пользуйтесь стриминговыми сервисами со всего мира. Мы предлагаем ${ TOTAL_SERVERS } серверов более чем в ${ TOTAL_COUNTRIES } странах, высочайшую скорость VPN, 10 VPN-подключений, защиту от вредоносных программ, блокировщик рекламы и многое другое."]},"version_history_label":{"Version history":["История версий"]},"version_history_tooltip":{"Store up to ${ versionHistoryNumber } versions of each file for up to ${ years } years":["Храните версии каждого файла (до ${ versionHistoryNumber }) не более нескольких лет (${ years })."]},"VideoModal":{"Get started in 2 minutes":["Начните работу за считаные минуты"]},"videosButtonLabel":{"Get started with videos":["Смотреть видео"]},"vpn_features_link":{"View VPN plans":["Посмотреть тарифы VPN"]},"vpn_features_useCase":{"Access blocked content and browse privately":["Доступ к заблокированному контенту и конфиденциальный просмотр веб-страниц"]}}},"unleashApi":"https://account.proton.me/api"};
// We need to import data (the framework context) from the server
// This Astro feature with define:vars works well but creates an inline script
// So we can't directly import the initFramework helper, we have to store the context
window.frameworkContext = frameworkContext;
})();
Proton Mail Bridge is a desktop application that runs in the background on your computer and encrypts and decrypts your mail as it enters and leaves your device. It allows for full integration of your Proton Mail account with email clients like Microsoft Outlook, Mozilla Thunderbird, and Apple Mail.
This document discusses how Bridge handles sensitive information, describes its potential attack vectors, and explains the security features that mitigate these attacks. (Note: This security model applies to the Bridge application for Linux, macOS, and Windows.)
This security model is technical in nature, but was written in plain language so that the average user can understand the important takeaways. You can also read more about what Proton Mail is and is not designed to protect you from in the Proton Mail threat model(new window).
As part of normal, day-to-day operations, Bridge must handle different types of data with varying levels of sensitivity. This data includes (but is not limited to):
User credentials and an access token for authentication with the Proton servers
Public and private keys for sending and reading messages
Encrypted messages, attachments, and metadata
We explain how Bridge secures this sensitive data in greater detail below.
Your passwords never leave your machine Users log in to Bridge, which in turn authenticates with the Proton Mail API using the Secure Remote Password protocol(new window). This authentication process ensures a user’s password never leaves their machine, and it generates an access token and a refresh token.
The access token is relatively short-lived and is used to authenticate any subsequent API requests; it is stored in the device’s memory. The refresh token is used to generate new access tokens and is stored securely in the operating system’s keychain (Windows Credentials Manager, macOS Keychain, or pass/gnome-keyring on Linux). The user’s hashed and salted mailbox password (used to decrypt their PGP keys) and Bridge password (used to connect an email client to Bridge) are also held in the operating system’s keychain.
Ensuring a secure connection to Proton servers Bridge communicates with the Proton Mail API over an encrypted TLS connection. It additionally employs TLS certificate public key pinning to ensure it only connects to trusted Proton Mail servers. If Bridge receives an untrusted public key, it will assume an unknown intermediary is pretending to be a Proton server and immediately warn the user.
Bridge never stores or shares a user’s PGP keys After the user logs in, Bridge downloads their encrypted, private PGP keys from the Proton servers and unlocks them. These keys are held in the device’s memory, never on disk. Whenever a user turns off their device, they wipe its memory. This makes it unlikely an attacker will be able to obtain a copy of a user’s PGP keys, even if they steal the user’s device. These keys are also never shared with other applications on your device and stay within Bridge’s memory space.
Bridge does not store decrypted message data When an IMAP client requests a message body or attachment, it is downloaded from the Proton servers as an encrypted PGP message, decrypted locally, and then transmitted to the IMAP client. Similar to the user’s PGP keys, Bridge does not permanently store any message bodies or attachments to disk, further reducing the amount of sensitive data available on the device.
Attack mitigation
Here we describe the potential attack vectors of Bridge and how we mitigate these attacks.
Reducing the threat of a MITM attack
As described, Bridge employs TLS certificate pinning, which mitigates the risk of a network-level man-in-the-middle (MITM) attack.
Furthermore, the content of messages sent from Bridge to Proton Mail users or external recipients using PGP has an additional layer of protection thanks to end-to-end encryption. This means Bridge encrypts the user’s message before it leaves their device. The message remains encrypted until it reaches the recipient’s device, which decrypts it. This prevents any third party, including Proton Mail, from accessing the content of a user’s message. Messages sent this way remain inaccessible because a user’s mailbox password never leaves their device and, thus, is never transmitted to an attacker.
Secure updates
Bridge on Windows and macOS includes a feature that allows it to self-update. The update process has additional safeguards in place to verify that only trusted versions of Bridge that are created and signed by Proton Mail are installed.
Bridge recommended use cases
Bridge is a unique tool when compared to the other Proton Mail apps. As such, there are specific cases in which it would be more practical and useful than other Proton Mail apps.
Below are some examples of recommended use cases for Bridge:
Offline editing If you find yourself without a stable Internet connection, you can use your favorite email client with Bridge to download emails while you do have good Internet access and then process them offline later. Most email clients will automatically send and receive your drafts once you are back online.
Offline backups of your emails are required If you need to have offline copies of your messages for whatever reason, Bridge is the easiest way to accomplish this. The Bridge app enables your IMAP/SMTP client to do this automatically if you choose to do so.
Add Proton Mail security to already known email clients If you or your staff do not feel confident learning how to use a new email service, Bridge lets you add Proton Mail encryption to your messages while continuing to use your favorite IMAP/SMTP email client. These clients include Outlook, Thunderbird, and Apple Mail, all applications that many people are familiar with. This means that once you set up Bridge, using it does not require any new training.
Bridge security model scope
No application is 100% secure, and no piece of software can protect its user against every potential threat. Proton Mail Bridge is engineered to provide additional protection to its users’ data, but certain conditions are outside of the scope of the security model.
User device security We assume users run the Bridge app in a safe environment. For instance, we assume that Bridge program files are installed to a location where normal (non-admin) users have no write privileges. Furthermore, we expect the user’s device to be free of any malicious software (keyloggers, screen recorders, memory scanners, etc.) that could access the device’s data in memory or on disk. Bridge, unfortunately, cannot secure your data if your device is already compromised.
Additionally, we assume that the IMAP/SMTP ports that the email client connects to are not exposed beyond the device that Bridge is running on. The Bridge application ignores all connections that do not originate from the localhost, and we assume the user will not attempt to circumvent this.
Bridge installer security We assume that the user securely downloaded the Bridge installer from our server (the server should present a valid and expected SSL certificate). For Windows and macOS, the operating system inspects the signatures on the installer file automatically before installation. It then displays the results to the user, which we assume they properly verify. We recommend Linux users refer to our support article on Verifying the Proton Mail Bridge package(new window) for instructions. If you download the Bridge application from an unauthorized source, we cannot guarantee the safety of the installer.
Our recommendations for keeping your device secure
We have invested heavily in the security of our Bridge app. You can help maximize the security of your own device by taking a few simple measures:
Encrypt your device’s hard drive. Windows(new window) and macOS(new window) devices all have built-in encryption systems, but you have to turn them on. Once you have encrypted your drive, write down your recovery code and store it in a secure place.
Enable your operating system’s antivirus protection, if available.
Ensure your network ports are secured by a firewall to prevent outside machines from connecting to them.
Do not install untrusted programs on your device. This includes unknown open source versions of Bridge. Downloading Bridge directly from Proton Mail(new window) is the safest option.
Do not open links or download attachments from untrusted senders.
Conclusion
Our first priority is always our users’ security. Our goal is to make it easy for anyone to protect their privacy by creating tools that apply advanced cryptography to their messages automatically. The Bridge tool was designed to add additional security to already existing IMAP/SMTP email clients. By keeping your device secure, you can use these email clients and still take charge of your data. Thank you for your support!
Proton Mail and Proton VPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan(new window). Thank you for your support.
Безопасная электронная почта и защита вашей конфиденциальности
Protecting a folder with a password is a simple yet effective way of securing
files. You may wonder whether you can password-protect a folder in Google Drive.
We explain what access controls Google Drive offers and what you can do to
improve your sec
We’re excited to announce that Proton Pass supports passkeys for everyone,
allowing you to manage and use passkeys across all devices seamlessly. Passkeys
are an easy and secure alternative to traditional passwords that can help
prevent phishing atta
Passkeys are a new way to secure your online accounts using cryptographic keys
instead of passwords. They offer a high level of convenience and security, and
are a real game-changer in the way we access and secure sites. What is a
passkey, though, an
Apple’s marketing team has built a powerful association between the iPhone and
privacy. The company’s ad campaigns claim that “what happens on your iPhone,
stays on your iPhone.” And, “Privacy. That’s iPhone.”
But Apple’s lawyers are telling a diffe
A cyberattack on national public employment service France Travail has exposed
the personal data of as many as 43 million people.
The latest breach is the second major cybersecurity attack to happen in France
in the past month, raising concerns abo
Google Drive makes it easy to share files and folders, but you may have wondered
at some point whether the people you’ve shared a folder with can see your other
folders. We answer this question below and also share some tips for truly secure
link sha
In 2014, Proton Mail was introduced as a web app, revolutionizing how we think
about email privacy.
Today, we’re excited to broaden the horizons of secure communication by
launching the Proton Mail desktop app. Anyone can now use the new Proton Mail