At OnionMail, we believe transparency is a cornerstone of any privacy-focused email service. Users entrusting us with their communications deserve to know exactly how their accounts are managed throughout their lifecycle — from registration, through periods of inactivity, all the way to username reservation after account closure.
This article provides a complete and authoritative overview of our account policy: what a free account allows, what an upgraded account unlocks, what happens during inactivity, how aliases are protected, and why our system is designed the way it is.
Free Account Registration on OnionMail
OnionMail offers anonymous registration. Anyone can create a free account without providing personal information, KYC, or identity verification. The registration process is intentionally minimal to preserve user privacy and align with the values of the Tor ecosystem.
A free OnionMail account is designed primarily as a receive-only inbox. Once registered, users can:
- Receive emails from any sender, including users of standard email providers (Gmail, Outlook, ProtonMail, Tutanota, etc.)
- Read, archive, and delete incoming emails
- Download all messages as a single archive
- Manage folders and inbox organization
What a free account cannot do is send outgoing emails. Outbound sending is a feature reserved for upgraded accounts. This separation allows us to offer a genuinely free, anonymous, privacy-respecting inbox to anyone who needs one — without exposing the network to abuse from spam or unsolicited mass mailing.
The Three-Month Login Requirement (Free Accounts)
To keep a free OnionMail account active, the user must log in at least once every three months. Logging in is the only requirement — no email activity, no specific actions, just a successful authentication within the rolling 90-day window.
As long as the user logs in at least once every three months, the account remains active indefinitely. There is no overall lifetime limit, no expiration date, no annual renewal. A user who logs in regularly will never lose their account.
This requirement exists for several important reasons:
- Resource allocation: Anonymous email infrastructure on the Tor network has finite storage and operational capacity. Reserving resources for genuinely active users ensures sustainable service quality for everyone.
- Security hygiene: Long-dormant accounts are a recognized attack surface in any authentication system. An account untouched for years is more vulnerable to credential leaks, brute-force attempts, and targeted compromise.
- Anti-abuse: Without an activity requirement, the network would accumulate vast numbers of unused accounts, many of which would have been registered for one-off purposes such as anonymous registrations on third-party services. This degrades performance for legitimate users.
The three-month window is generous enough to accommodate occasional users while still keeping the system clean and responsive.
What Happens to Inactive Free Accounts
If a free user does not log in for three consecutive months, the account enters the inactivity-removal process. The account and all its associated data are deleted from our systems. This is consistent with privacy best practices: data that is no longer being used should not be retained indefinitely.
A common concern raised by users new to privacy-focused services is whether account deletion creates a window in which a malicious actor could re-register the same username and impersonate the original user — for example, to receive password reset emails from third-party services.
OnionMail addresses this concern directly with a username freeze policy.
The Username Freeze Policy: Protection Against Alias Hijacking
When an OnionMail account is removed for inactivity, the username is not immediately released back into the pool of available names. Instead, the username enters a mandatory freeze period of at least one year.
During this freeze period:
- The username cannot be re-registered by anyone, including the original owner
- No new account can be created using that alias
- The address effectively does not exist on the network — emails sent to it bounce
- There is no possibility for a third party to claim the alias and intercept communications
Only after the freeze period of at least one year has elapsed does the username return to the pool of available registrations.
This policy is a deliberate security design choice. We recognize that many users employ their email address as a recovery method for accounts on other platforms (GitHub, GitLab, domain registrars, financial services, etc.). A short or zero-day release window would create a real risk of alias hijacking, where a malicious actor registers a recently freed username to receive password reset emails for the previous owner’s third-party accounts.
By enforcing a one-year minimum freeze, we close this attack vector almost entirely. A would-be attacker would need to know that a specific alias was freed, wait at least twelve months, and then race other potential registrants for it — all while the original owner has had ample time to recover their other accounts through alternative means.
Upgraded Accounts: No Activity Requirement and Full Sending Capability
Users who want a fully featured email account without the three-month login requirement can upgrade to a paid plan. An upgraded OnionMail account removes the inactivity limitation entirely for the duration of the paid period and unlocks the features needed for serious, everyday email use.
An upgraded account includes:
- Full outgoing email capability. Send emails to any recipient, including users of mainstream providers and other Tor-based services.
- No login requirement during the upgrade period. For the full year of an active paid plan, the account will not be deactivated for inactivity. There is no obligation to log in at any specific interval — the account remains active for the entire upgrade period regardless of usage.
- Account restore via Tox ID. Upgraded users can connect a Tox ID to their account, enabling a recovery path if access is ever lost. Tox is a peer-to-peer, end-to-end encrypted messaging protocol that aligns with the privacy values of OnionMail and provides a recovery channel that does not depend on traditional email or SMS.
- All the features of a free account, including anonymous registration, full inbox management, archiving, and bulk download.
When the one-year upgrade period ends, the account automatically reverts to free-tier status. From that moment, all the policies described above for free accounts apply: outgoing email is no longer available, and the account must be accessed at least once every three months to remain active. Users who renew their upgrade before the period expires maintain uninterrupted access to all upgraded features.
This structure gives users a clear choice. Those who only need a private inbox can use OnionMail entirely for free, with the modest commitment of logging in every three months. Those who need a full email solution — sending, account recovery, freedom from activity tracking — can upgrade and enjoy a year of unrestricted use, then decide whether to continue.
How to Keep Your Account Safe
To ensure uninterrupted access to your OnionMail account, we recommend the following practices:
- Free users: log in at least once every three months. A single login resets the inactivity counter for another full 90 days. Setting a recurring calendar reminder (every 60 days, for safety margin) is a simple way to ensure you never lose access.
- Upgraded users: connect a Tox ID for recovery. The Tox ID restore feature is a powerful safeguard. If you ever lose access to your credentials, the linked Tox ID provides a privacy-respecting recovery path.
- Update third-party recovery methods. If you use your OnionMail address as a recovery option on critical services, verify that you also have alternative recovery methods (backup codes, secondary email, authenticator app) in case you cannot access OnionMail temporarily.
- Store your credentials securely. Use a reputable password manager. Privacy and security work hand in hand, and a strong, unique password protected by a password manager is the foundation of account safety.
- Don’t rely solely on email-based recovery for high-value accounts. This is good general advice for any email provider, not just OnionMail. Email is an inherently transient medium; treat it as one factor in a layered authentication strategy, not the only one.
Frequently Asked Questions
What happens if I don’t log into my free OnionMail account for several months?
If you do not log into your free OnionMail account for three consecutive months, the account is removed and the username enters a freeze period of at least one year, during which it cannot be re-registered by anyone.
Can someone hijack my OnionMail alias if my account becomes inactive?
No. When an inactive account is removed, the username is frozen for a minimum of one year before it can be registered again. This freeze period is specifically designed to prevent alias hijacking and protect users who may use their address as a recovery method on third-party platforms.
How often do I need to log in to keep my free OnionMail account active?
You need to log in at least once every three months. As long as you do so, the account remains active indefinitely, with no overall time limit.
Do upgraded accounts have the same three-month login requirement?
No. Upgraded accounts are exempt from the activity requirement for the entire duration of the paid period. You can go a full year without logging in and the account will remain fully active. The activity requirement only applies once the upgrade expires and the account reverts to free-tier status.
What features does an upgraded OnionMail account include?
Upgraded accounts can send outgoing emails (a feature not available on free accounts), can connect a Tox ID for account recovery, and are not subject to the three-month login requirement for the duration of the upgrade. All features available on free accounts remain available on upgraded accounts.
What is Tox ID account restore?
Tox is a peer-to-peer, end-to-end encrypted messaging protocol. By linking a Tox ID to your upgraded account, you create a privacy-respecting recovery channel that can be used if access to your account is lost, without relying on phone numbers or third-party email providers.
What happens when my upgrade period ends?
When the one-year upgrade period expires, the account automatically reverts to free-tier status. Outgoing email becomes unavailable, the Tox ID restore feature is disabled, and the standard three-month login requirement begins to apply. The account itself is not deleted at that moment — it simply becomes a free account again.
Does OnionMail charge for free accounts?
No. Free accounts are genuinely free and require no personal information to register. They function as receive-only inboxes — they can receive, read, archive, and download emails, but they cannot send outgoing messages.
Can a free OnionMail account send emails?
No, free accounts are receive-only. They can receive emails from any sender, including users of mainstream providers, but outgoing email sending is reserved for upgraded accounts.
What does “logging in” mean for the activity requirement?
Any successful authentication into your account counts. You do not need to send or receive emails — simply signing in within the three-month window is enough to keep a free account active.
Why does OnionMail delete inactive free accounts at all?
Three reasons: efficient use of network resources, reducing the security risk that dormant accounts pose to any authentication system, and limiting accumulation of one-off accounts that degrade service quality for active users. Users who want to be exempt from this policy can upgrade their account.
How long is the username freeze period exactly?
A minimum of one year. After this period, the username may become available again for new registrations.
Can I recover a free account that has been removed for inactivity?
Once a free account has been removed, it cannot be recovered. The username is frozen and cannot be re-registered for at least a year, meaning there is no “limbo” period during which the original owner can reclaim it. This is intentional: a recovery option would necessarily create a security hole that attackers could exploit. Users who want continuity should either log in within each three-month window or upgrade to a paid plan, which removes the inactivity requirement and adds Tox ID recovery.
Is the three-month window strict, or is there a grace period?
We recommend treating the three-month window as a hard deadline. Logging in well before the 90-day mark — for example, every 60 days — is the safest practice. Users who want to eliminate this concern entirely can upgrade.
Conclusion
OnionMail’s account policy is built around a simple principle: privacy and security are not in conflict, and good policy design serves both. Anonymous registration, free receive-only accounts, a clear and predictable activity requirement for free users, optional upgrades with full sending capability and Tox ID recovery, and a strict username freeze period together form a system that respects user privacy while actively protecting against the most common forms of email-based attacks.
If you have additional questions about how OnionMail handles accounts, aliases, or any other aspect of our service, please consult our documentation or reach out through the official support channels listed on our site.