[cedws]

I think there is a miscommunication. I am not talking about PGP encrypted emails - sure, those can be decrypted client side. Plaintext emails, as the majority of emails are, will be received by your server in plaintext, minus transport encryption. How can you guarantee those will not be intercepted by authorities?

[forwardemail]

We use MTA-STS (for inbound AND outbound) with our mode set to enforce[1], to require senders to communicate with us only using TLS encrypted sockets. There is no legal precedence currently requiring software services to implement backdoors.

[1]: https://github.com/forwardemail/mta-sts.forwardemail.net/blo...

[binary132]

Sorry but does that actually address cedws' question about subpoena?

[forwardemail]

Our policies for law enforcement are publicly available at https://forwardemail.net/en/report-abuse#for-law-enforcement

Also - you should note that we largely operate in-memory and don't store to disk any information or logs (unless essential, e.g. IMAP storage, or if they are error logs). We have all of this in our privacy policy and terms on our website. We are extremely transparent.

[binary132]

Memory can still be observed. Encrypted content in memory cannot.