Privacy-first mail providers are often skipped in deliverability reports because each one is a sliver of the market. ProtonMail is somewhere around 100 million accounts. Fastmail is a rounding error next to Gmail's 1.8 billion. But the users on these providers are disproportionately engineers, founders, analysts, lawyers and journalists — exactly the people B2B senders want to reach. A 2% share of addresses can easily be 15% of your pipeline value.
Strict authentication, minimal tracking, and a plain-text part are the three things that separate inbox from Spam on privacy-first providers. ProtonMail will reject unsigned mail outright. iCloud silently drops messages that look image-heavy. Fastmail bans link shorteners. If you get these three right, you reach the highest- intent recipients on the internet.
ProtonMail: encrypted, Swiss, strict
Proton sits behind Swiss privacy law and runs end-to-end encryption on mail stored in user mailboxes. Incoming messages are scanned by Proton's own filters before encryption, and those filters are among the strictest on the public internet. No SPF pass? Rejected at SMTP. DKIM signature missing or broken? Spam. DMARC withp=none? Tolerated but down-ranked. DMARC with p=reject and full alignment? Welcome to the inbox.
Proton users rarely use web or mobile clients alone. Many connect over the Proton Bridge, which exposes IMAP/SMTP locally and handles encryption in the background. That means tracking pixels loaded by Apple Mail or Thunderbird through Bridge are often blocked at the client level — open rates from Proton users run 3–5× below Gmail. Don't judge a ProtonMail recipient by their open rate.
- Must-have: SPF pass, DKIM valid, DMARC aligned, reasonable sending history.
- Nice-to-have: short plain-text body, no URL shorteners, HTTPS-only links.
- Avoid: JavaScript, inline CSS tricks, image-only messages, attachments above 25 MB.
iCloud Mail and Apple Mail: silence and MPP
iCloud Mail is the mail layer behind every @icloud.com, @me.com and @mac.com address. It also powers Hide My Email, which Apple issues as disposable forwarders for users on iOS 15+. When a recipient clicks "Hide My Email" on a signup form, you receive a relay address that forwards into their real iCloud inbox. The relay can be disabled by the user at any time.
Apple Mail Privacy Protection (MPP) pre-fetches every tracking pixel in every message, from an Apple IP, regardless of whether the user opens. That inflates opens to near 100% on any MPP-enabled account. Bouncing signals back through opens is useless for iCloud and @me.com addresses. Reply rate and click rate are the only trustworthy signals for this population.
iCloud's filter itself leans hard on authentication and on domain age. New domains get throttled for weeks. Bulk senders without List-Unsubscribe headers land in Junk without notification. There is no postmaster tool equivalent and no feedback loop for complaints — when iCloud decides to filter you, you find out by watching inbox rates drop in a seed test.
Zoho Mail: business users, custom anti-spam
Zoho Mail is used by roughly 20 million business users, mostly small businesses on custom domains hosted by Zoho. The filter is less aggressive than Gmail on authenticated senders with a clean history. It is more aggressive than Gmail on anything resembling bulk outreach — Zoho's anti-spam engine correlates patterns across its customer base, so if one small business reports your sender as spam, every other Zoho customer benefits from that signal within a day.
The practical implication: if you're running cold outreach into SMB contact lists, Zoho is where one bad list can taint deliverability for every Zoho-hosted domain at once. Monitor complaint rates on Zoho seed inboxes separately, and throttle or stop campaigns the moment complaints cross 0.1% on that cohort.
Fastmail: paid users, quick complaints
Fastmail users pay around $5–10 per month for their mailbox. That has two consequences. First, the users care. They report spam fast, they unsubscribe fast, and they don't tolerate newsletters they don't remember signing up for. Second, Fastmail's filters lean on reputation lists — Spamhaus ZEN, URIBL, SURBL — and on link reputation. A single link to a recently-registered domain (less than 30 days) will move a message to Spam even if the sender is clean.
Fastmail also punishes URL shorteners heavily. Bit.ly, TinyURL, Rebrand.ly — all carry penalty weight. Use your own tracking domain with at least 90 days of age and a clean Spamhaus record.
HEY by Basecamp: the Screener gate
HEY uses a first-contact gate called The Screener. The first time a sender emails a HEY user, that message goes to a dedicated Screener queue, not the inbox. The user decides whether to let the sender through. If they say yes, all future mail from that sender lands normally. If they say no, the sender is permanently blocked. If they ignore the screener, the sender stays in limbo.
The practical approach for HEY is straightforward: assume your first message is effectively a pitch to the Screener. Write like a human. No template. No tracking pixel. No footer of fifteen links and a compliance disclaimer. A short, direct note has a dramatically better chance of getting approved than any designed HTML.
What gets you in on all four
- Strict, aligned authentication. SPF pass, DKIM signing, DMARC at
p=quarantineorp=rejectwith alignment on both mechanisms. - A populated plain-text part in every multipart message. Not a single-line auto-generated stub.
- Minimal tracking. Skip the pixel on first contact. If you must track clicks, use a tracking domain older than 90 days.
What doesn't work
- Image-heavy HTML with a one-line text alternative. iCloud and Proton both treat this as an obfuscation attempt.
- URL shorteners. Fastmail, Proton and Zoho all weight against them.
- Bulk-sender patterns. Burst volumes above 500/day from a previously quiet domain will trigger Proton's anti-abuse model within hours.
- Relying on open rate as a health metric. Apple MPP destroys this signal for roughly 60% of iCloud and @me.com users.
How to test delivery to privacy-first providers
Most deliverability tools show you Gmail, Outlook and Yahoo. Few show you Proton, iCloud, Zoho or Fastmail. An inbox placement test with seed mailboxes on each of these providers is the only reliable way to see your folder placement on them. If you can't find a tool that covers them, create test accounts on each yourself and send to a small seed list before every campaign.
Privacy-first recipients are higher-intent by definition. The effort to pass their stricter filters is repaid in reply rates that are typically 2–3× what the same sequence scores on Gmail. These are the mailboxes of founders, engineers and buyers with budget. Treat them accordingly.