diff --git b/etc/icedove-uxp.profile b/etc/icedove-uxp.profile
new file mode 100644
index 0000000..0c65e32
--- /dev/null
+++ b/etc/icedove-uxp.profile
@@ -0,0 +1,27 @@
+# Firejail profile for icedove-uxp
+# This file is overwritten after every install/update
+# Persistent local customizations
+include /etc/firejail/icedove-uxp.local
+# Persistent global definitions
+include /etc/firejail/globals.local
+
+# Users have icedove-uxp set to open a browser by clicking a link in an email
+# We are not allowed to blacklist browser-specific directories
+
+noblacklist ${HOME}/.cache/mozilla/thunderbird
+noblacklist ${HOME}/.gnupg
+noblacklist ${HOME}/.mozilla/thunderbird
+
+mkdir ${HOME}/.cache/mozilla/thunderbird
+mkdir ${HOME}/.gnupg
+mkdir ${HOME}/.mozilla/thunderbird
+whitelist ${HOME}/.cache/mozilla/thunderbird
+whitelist ${HOME}/.gnupg
+whitelist ${HOME}/.mozilla/thunderbird
+include /etc/firejail/whitelist-common.inc
+
+ignore private-tmp
+
+# allow browsers
+# Redirect
+include /etc/firejail/firefox.profile