Hi everyone! Since I was absolutely fucked by Skiff (thank fuck I didn’t pay for it) I’m looking for a new email provider :) I’m not sure I like how proton is transforming into a full on suit, I only need email. Any other recommendations or is proton my only choice really?
My 2 ¢: Email is inherently not private. With tls you have encryption in transit, but as soon as the data hits the server no metadata is ever encrypted. With pgp you can encrypt the message content, sure, but not with many of the advanced features we expect from e.g. Signal and matrix. Therefore it doesn’t really matter if you use proton ot tuta, unless you exclusively mail other proton/tuta users.
I am extremely happy with purelymail.com. extremely cheap and versatile. I also use mailfence.com but that’s only because i’d like to have two different servers for something as important as mail. Been a customer with purely for probably 3+ years . Mailfence probably 6+ years. Have seen two small outages with mailfence. None with purely.
I’m curious what’s the advanced feature?
I am no expert, so this is just my understanding: pgp encrypts the message, with the the recipients public key. Once the private key is compromised , bruforced or cracked, all messages are compromised. With signal, and all the other apps that uses signal protocol, it’s different. Here, the key is renewed often (i think for each message) and the key is device dependant. Therefore if the key is compromised no previous messages are compromised and neither are communications with other people. This is what e2e means, and pgp is not that. Also the key or self is harder to crack I think, but i am not sure how strong signals elliptic curve crypto is finished to a 4096 rsa key.
Tldr: pgp is a simple encryption at rest, that can be cracked once and for all. Signal et. All is e2e encrypted and much harder to compromise one and for all.
Removed by mod
If you don’t need anonymity you could just buy a domain with a single email and use your own email app SMTP. I think it’s cheaper than most email providers.
I 💜 Protonmail. I generally like proton as a company.This video has really gained my trust for them as a privacy focussed services provider.
Here is an alternative Piped link(s):
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
There isn’t. Self hosting is the only way you can send email without giving your data. All email provider have your data, assuming there is a provider that is private is lying yourself. Even if they have some kilograms of privacy policy.
Have been happy with Tuta
Run your own, you need a server, tech knowledge and time, or maybe Tuta mail?
Check out Posteo. It’s affordable and focuses on privacy.
I’ve been using Posteo for years. I can recommend.
I know you are not interested in proton but they are the absolute best and you possibly cannot get anything better than their services on the privacy and security end (which they are focused on).
+1 for proton!
I’ve been using it for years, they’ve never let me down!
Proton = No SMTP/IMAP support.
How would they be privacy-centric if they supported SMTP and IMAP?
Both support encryption and Lavabit probably had much higher standards than Proton when it comes to privacy and still supported those open protocols. What Proton is doing is pushing for vendor lock-in at any possible point so you’re stuck with what they deem acceptable because it’s easier for them to build a service this way and makes more sense from a business / customer retention perspective.
Lavabit probably had much higher standards than Proton
So it’s all based on an assumption.
So you assume that Proton won’t snitch on you whenever the NSA comes around asking for data?.. And I’m sure Lavabit didn’t snitch on Snowden.
I don’t really care that much about any information like IPs, I care about the actual emails which are encrypted.
There is nothing that indicates that they will snitch since that would be terrible for everyone and also illegal for them to do.
But most importantly lavabit is an American company which is insane for if you care about privacy at all.
Proton also published a transparency report while Lavabit is really opaque.
Linux, dovecot, postfix and a large quantity of pain medication.
Posteo or Disroot
I second disroot
A provider having more than 50 users and offering more than one service doesn’t make them evil. Use Proton. They are the best, and they’re not likely to disappear. If you intentionally seek out small services because you think being an underdog is some sort of privacy merit badge, you’ll get “absolutely fucked” over and over again.
Also, you should consider paying for the products you use to encourage sane and user-friendly business models. But that’s a different discussion altogether.
proton requires them to use their software and adds a footer with protonmail ads to all of your emails without an option to disable it without paying up
I think you need to read up on the reasons why services like GMail and Facebook are free.
yes but they shouldn’t be hiding that fact deep in the settings
also I don’t care about encryption and stuff if it prevents me from using my favorite mail client without installing their bridge software
Ads are harmless. The harmful things is JavaScript.
requires them to use their software
And their software doesn’t even have an option to display HTML messages as it is plain text messages.
It’s not about “using an underdog”, I just like “do one thing and do it well” philosophy you know. I don’t need drives, calendars, vpn, password manager, in one thing. I want a simple email provider that’s it.
Yeah skiff wasn’t like that but it seemed not too push it as much, just “hey it’s there you can use it” not full on products. Maybe I’m just being stupid about it idk
You can simply ignore all of these other features. Proton offers an email-only plan.
True… People also recommend having your own domain so I can switch easily in the future. Having my surname seems a bit… un-privacy-like lol Any recommendations for that?
Paid subscription of Proton bundles SimpleLogin, an email aliasing service. So you can have your personal email with your surname, and when you want to sign up to some shady corpo site, you give them a randomly generated email address using SimpleLogin. All emails sent to that alias email will be automatically forwarded to your personal email. You can then disable the alias email anytime and stop receiving emails.
I have both, a personal domain with my name and also an anonymous generic domain. I use the anonymous one for 90+% of my online stuff, and use a random unique address for every service (you can set up a wildcard in proton, so *@domain.org lands in the same inbox). I would recommend that for two reasons: if you own your anonymous domain you can move your mailprovider anytime (as opposed to using some email masking service), using unique addresses for every service enables you to easily figure out which one leaked your address if you start getting spam. Just make sure to use a generic name for the domain and dont get an exotic TLD (just get a .com .org or something). Some of the non traditional TLDs may negatively impact your spam scores, and its easy to find a .com or .org when you can literally choose any domain name you want.
You can have your own custom email domain and for the use cases you want to be “anonymous” use simplelogin or addy.io on top of that.
Proton = No SMTP/IMAP support.
They support IMAP though their bridge but you will have to be on a paid plan.
The free plan is pretty terrible anyways so if you actually want to use proton you will have to pay.
Yes and you can’t run a bridge on anything and they might discontinue it at any time and you’ll become hostage. So much for self-hosting, independence and open-source solutions.
Yes and you can’t run a bridge on anything
You can run the bridge on Windows, Linux and macOS. I wish that they had an Android app but I suspect that the aggressive power management on Android might make it a lot harder to implement in a nice way.
they might discontinue it at any time and you’ll become hostage.
There is absolutely no indication that that will happen. Remember that only the paid plans have IMAP and Proton is essentially held hostage by their subscribers since they are their only income source. Their community would be very angry if they dropped support.
So much for self-hosting, independence and open-source solutions.
This has nothing to do with self-hosting. You are literally paying someone for hosting your email.
I agree that the lack of normal IMAP support is annoying. But it’s a side effect to their encryption which is a good thing.
And it’s not like proton is alone with this problem.
Tota doesn’t even seem to have a bridge app. Fastmail changes extra for IMAP.
You can use Proton Mail Bridge to set up SMTP/IMAP with your email app of choice. Obviously, you’re still stuck with using the bridge app on your device in order to get it working.
Waiting for the day their business team devices the bridge is too much freedom you should get all locked-in.
If that were to happen, nothing is stopping users from exporting their emails elsewhere.
If that were to happen, nothing is stopping users from exporting their emails elsewhere.
Yet. You’re delusional, nothing is stopping people at gmail to move to another providers, yet they stay. And trust me gmail has a much better export and supports IMAP.
So your privacy-focused email provider recommendation is Gmail?
Obviously not, but just don’t push proton. They’re a company that resorts to predatory tactics and has zero respect for their users.
For what’s worth Lavabit (back before Snowden) had much higher standards than Proton when it comes to privacy and still supported open protocols like IMAP and SMTP. What Proton is doing is pushing for vendor lock-in at any possible point so you’re stuck with what they deem acceptable because it’s easier for them to build a service this way and makes more sense from a business / customer retention perspective.
In my humble opinion, unless you use your account only to receive emails but also to send them, your provider has limited effect on your privacy. That’s why I personally don’t have a use for Tuta, Proton and other similar, super private services (mind you, I’m not saying they arent good). That said, I’ve been a happy customer of mailbox.org for quite a few years and I found them reliable and cheap (if you don’t need a custom domain). Same for Posteo, I guess. At the moment, I’m a paying customer for Zoho email, with quite a few custom domains abd I’m fairly happy. They have a free tier as well and their privacy policy looks good to me.
Just go with Proton. They are the best and the most likely to not sell out/stay relevant in the business
No SMTP/IMAP support.
That’s because they are encrypted. There’s a bridge
That makes them totally unreasonable and pushed for vendor lockin and proprietary applications you can’t run anywhere.
This is hilarious, people here get all pissed about google and microsoft when it comes to email and then pick an alternative that is less open in all possible ways.
Just use a domain then and switch whenever you feel like.
I’ve always considered it for my data not to be read by the company and it’s employees but you bring up an interesting point.
Let me recommend Migadu, as email privacy is kind of a difficult topic. They offer complete email freedom for a very reasonable price; $20 ($10 for students) a year. They explain my main reasoning why I would avoid Proton:
When an email provider rations email address of your own domain name-space at a fee, they are asking you to hand them over control of your name-space. There is zero cost associated with additional email addresses and it is time you learn about it.
When email provider does not offer you standard email protocols that work with standard email clients, they want to lock you in for good. You are tied to using the dedicated applications offered by provider. The freedom of using a better or more suitable application is taken away from you. Protocols were standardized for a reason and today there are hundreds of email clients built for users with different needs.
When email provider alters messages data in non-standard format, they deny you data portability and with it freedom of changing providers.
Email is a collective effort of messaging interoperability. It is built around open, public standards and runs mostly on open source software maintained by folks believing in an open Internet, privacy and personal freedoms. Let’s not give away our freedoms for some Kool-Aid.
