Live Direct Marketing logo
Inbox Placement Test
Privacy8 min read

ProtonMail: the paranoid inbox and how to land in it

ProtonMail encrypts at rest, does not track you, and runs strict spam filtering without engagement sampling (there is none — users cannot signal via "mark as spam" the way Gmail users can). Here is what actually gets through.

ProtonMail looks like a small provider in the global mail share chart. It is not small by value. Its users skew toward security professionals, founders, crypto and Web3 people, journalists, privacy lawyers, and an increasing share of tech-adjacent EU professionals who left Gmail after the last privacy story. These are not replaceable recipients. And ProtonMail filters harder than almost anything else you will encounter.

The blind spot

Almost no mainstream placement tool seeds ProtonMail. GlockApps does not. Mailgenius does not. If a ProtonMail address is on your list, the only way to know whether you reach it is to actually send to a ProtonMail seed mailbox and check.

Who actually uses ProtonMail

Understanding the audience matters because it shapes the filter tuning. ProtonMail's users are disproportionately:

  • Founders and engineers at early-stage companies, especially in Europe.
  • Crypto, Web3 and on-chain analytics users who moved off Gmail for jurisdiction reasons.
  • Journalists and NGO workers whose threat model includes nation states.
  • Lawyers, doctors and consultants who want end-to-end encrypted options.
  • Mass-market EU switchers driven by the last few years of privacy news.

The consequence for senders: you are talking to people who deliberately opted out of the tracked, scored, engagement-driven inbox. They do not open your image tracker. They do not click your URL shortener. They are not the audience for a fifth follow-up.

How the ProtonMail filter actually works

ProtonMail uses an internally extended Rspamd stack. The key architectural detail: mail is encrypted at rest, so the filter cannot re-score based on user mark-as-spam feedback the way Gmail can. There is no live engagement-driven learning loop — once mail is in the user's mailbox, it is opaque to the filter.

This has two consequences:

  • Filtering leans hard on pre-delivery signals: authentication, content heuristics, URL reputation, IP reputation, sending patterns.
  • "Marking as not spam" matters much less than on Gmail. You cannot escape a cold filter verdict via recipient behaviour the way you can on Google. You need to be right on the first send.

Authentication strictness

ProtonMail enforces SPF, DKIM and DMARC strictly. Specifically:

  1. Missing DMARC with a mismatched From domain is effectively a spam placement. Do not send to ProtonMail without DMARC.
  2. DMARC p=none is tolerated but treated as weaker than p=quarantine. Move off p=none when you can.
  3. ARC is checked when mail has traversed forwarders. If ARC chain is broken you will be scored harder.
  4. Relaxed alignment (adkim=r) is accepted but strict alignment (adkim=s) scores slightly better.

What breaks on ProtonMail that works on Gmail

The single most common pattern in our tests: a cold email that inboxes cleanly at Gmail goes straight to spam on ProtonMail. The usual culprits:

  • Tracking pixels. A single-pixel beacon on a third-party domain is a strong negative signal. Gmail accepts them silently; ProtonMail does not.
  • URL shorteners. Bit.ly, tinyurl and friends are scored heavily negative. Any outbound link should use your own tracked domain aged at least a month.
  • Image-only HTML. Anything above 70/30 image-to-text loses. A promotional layout full of buttons and banners and two lines of actual text almost always scores into spam.
  • Many links. More than four or five outbound links in a short message elevates score noticeably.
  • Marketing-template fingerprints. Anything that looks like a mass-market HTML newsletter (common widths, common table patterns, common footer images) is down-weighted.
The short answer

Plain-text or very lightly HTML-styled messages from a well-authenticated domain with no trackers and no shortened URLs reach ProtonMail cleanly. Everything that looks like marketing automation output does not.

Testing ProtonMail placement for free

The only way to measure ProtonMail placement is to actually send to a ProtonMail seed. Our free placement tool seeds a real ProtonMail mailbox alongside 20+ others, including iCloud, Zoho, Fastmail and HEY. The flow:

  1. You get a generated address. Send one message to it.
  2. We collect the message from every seed mailbox.
  3. You see Inbox / Spam / Missing per provider plus raw headers including Rspamd verdict strings where available.

Free, unlimited, no signup — and specifically covers the providers other tools do not.

Five things ProtonMail-friendly senders do

  1. Ship plain-text by default. If you must send HTML, keep it under 40% of the body by weight. No hero images, no button banks.
  2. Avoid trackers on cold first-touch sends. Turn off open tracking, remove pixel beacons. Add them back only for warm recipients who have previously engaged.
  3. Use your own domain for every link. No bit.ly, no tracked subdomains on a throwaway TLD. A one-year-old .com subdomain is the minimum.
  4. Set DMARC to at least p=quarantine. Publish reporting. Read it.
  5. Respect the unsubscribe. ProtonMail users are motivated and litigious. Honour the first unsub within minutes, not days.

Frequently asked questions

Can ProtonMail users whitelist my domain?

Yes — ProtonMail allows per-sender whitelisting. In practice almost no one uses it. Design for filter-only delivery; do not rely on recipient whitelist actions.

Why is ProtonMail missing from most placement tools?

Seed mailboxes are harder to automate at ProtonMail because of its encrypted-storage model and anti-automation controls. It is more work to seed reliably, so most tools skip it. We built seeding specifically to include it.

Does ProtonMail use ML-based spam filtering?

There are heuristic ML components on the pre-delivery path, but because the filter cannot retrain on post-delivery engagement for encrypted storage, the bulk of the model is rule- and reputation-based. Content and authentication matter more than recipient behaviour signals.

How many ProtonMail addresses should I send to in a first warm-up pass?

Keep the first week's volume to ProtonMail at 5–10% of total. ProtonMail is strict about new-sender patterns and is over-represented among users who will report cold outreach. Ramp slowly and watch complaint signals carefully.
Related reading

Check your deliverability across 20+ providers

Gmail, Outlook, Yahoo, Mail.ru, Yandex, GMX, ProtonMail and more. Real inbox screenshots, SPF/DKIM/DMARC, spam engine verdicts. Free, no signup.

Run Free Test →

Unlimited tests · 20+ seed mailboxes · Live results · No account required