Hi everyone! Since I was absolutely fucked by Skiff (thank fuck I didn’t pay for it) I’m looking for a new email provider :) I’m not sure I like how proton is transforming into a full on suit, I only need email. Any other recommendations or is proton my only choice really?
https://github.com/privacyguides/privacyguides.org/blob/HEAD/docs/email.md and https://www.privacytools.io/privacy-email document services you’ll probably find interesting.
Regardless of who you choose. Use an aliasing service. It makes moving to a new provider/email address a breeze on the future. It took me days to go around updating all my 200 sites online. If I ever move from proton it will take me 5 minutes to ensure all my sites now go to my new provider.
My only tip would be to create a new domain rather than using a shared one. This will prevent some sites from blocking you from using an alias.
Email alias indeed helps to avoid spam and helps you to assume separate identity per site, but won’t help in any way to stop mail provider/server from processing your email data for user profiling / targeted ad purpose.
Buying email domain and self-hosting is only the full proof way from privacy POV, but it is really difficult target to accomplish. A privacy respecting email hosting + alias should be next ideal choice, IMO.
Check out YUNOhost. It’s an open source operating system for servers which comes with email already set up. You can install it on a cheap VPS or home server and easily manage it graphically via web portal.
Self hosting is best if you have the knowhow, inclination and time to maintain it, but there are alias services that will encrypt any mail they forward using a key you provided so this would eliminate the ability of your chosen non-self-hosted email provider/server to easily read your received mail limiting their ability to profile or target to any metadata and header info that is passed along unencrypted.
Of course, then you are placing trust in the alias service’s privacy and logging policies. But some are open source and you could host an alias forwarding service yourself if you wished as well.
Ah! I was not aware of the fact that Alias service can encrypt email before forwarding to actual mailbox.
Another vote here for Fastmail. I also like Posteo, Mailbox and mxroute, but these are not as fully featured - which may be perfect for you if you’re after email only. What I really like about Fastmail is that on top of being a customer-focused business (rather than a customer is the product business), they offer a really snappy web interface with excellent search - and they are extremely compliant with email standards, building everything on JMAP.
I do not like Proton or Tutanota. I have used both, including using Proton as my main email account for the past two years. I do believe they are probably the best when it comes to encryption and privacy standards, but for me it’s at far too much cost. Encrypted email is almost pointless - the moment you email someone who isn’t using a Proton (or PGP encryption), then the encryption is lost. Or even if they just forward an email to someone outside your chain. I would argue that if you need to send a message to someone with enough sensitivity to require this level of encryption, email is the wrong choice of protocol.
For all that Proton offer, it results in broken email standard compliance, awful search capability and reliance on bridge software or being limited to their WebUI and apps. And it’s a shame, because I really like the company and their mission.
Don’t even need proton for that, just use delta chat.
What’s your objection to Proton? You don’t have to use any of the other products, and the free tier is perfectly usable last I checked (granted many years ago). Not sure what your concern is
Edit: downvoting without replying doesn’t tell us what the concern is. Y’all weird
My 2 ¢: Email is inherently not private. With tls you have encryption in transit, but as soon as the data hits the server no metadata is ever encrypted. With pgp you can encrypt the message content, sure, but not with many of the advanced features we expect from e.g. Signal and matrix. Therefore it doesn’t really matter if you use proton ot tuta, unless you exclusively mail other proton/tuta users.
I am extremely happy with purelymail.com. extremely cheap and versatile. I also use mailfence.com but that’s only because i’d like to have two different servers for something as important as mail. Been a customer with purely for probably 3+ years . Mailfence probably 6+ years. Have seen two small outages with mailfence. None with purely.
I’m curious what’s the advanced feature?
I am no expert, so this is just my understanding: pgp encrypts the message, with the the recipients public key. Once the private key is compromised , bruforced or cracked, all messages are compromised. With signal, and all the other apps that uses signal protocol, it’s different. Here, the key is renewed often (i think for each message) and the key is device dependant. Therefore if the key is compromised no previous messages are compromised and neither are communications with other people. This is what e2e means, and pgp is not that. Also the key or self is harder to crack I think, but i am not sure how strong signals elliptic curve crypto is finished to a 4096 rsa key.
Tldr: pgp is a simple encryption at rest, that can be cracked once and for all. Signal et. All is e2e encrypted and much harder to compromise one and for all.
Proton, Tuta, or mailbox.org are good choices.
I 💜 Protonmail. I generally like proton as a company.This video has really gained my trust for them as a privacy focussed services provider.
Here is an alternative Piped link(s):
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
If you don’t need anonymity you could just buy a domain with a single email and use your own email app SMTP. I think it’s cheaper than most email providers.
I recently switched to skiff from proton as the skiff’s free tier is offering what proton’s mail plus plan. And now they are shutting down their services.
Their free tier storage offering was amazing. I honestly couldn’t see how they could offer so much for free. I was very tempted at the time but chose proton. Although I think I may move to Fastmail when my renewal is due.
I honestly couldn’t see how they could offer so much for free
We just saw that it wasn’t profitable and the business plan was to find an exit strategy via acquisition
deleted by creator
I second disroot
Let me recommend Migadu, as email privacy is kind of a difficult topic. They offer complete email freedom for a very reasonable price; $20 ($10 for students) a year. They explain my main reasoning why I would avoid Proton:
When an email provider rations email address of your own domain name-space at a fee, they are asking you to hand them over control of your name-space. There is zero cost associated with additional email addresses and it is time you learn about it.
When email provider does not offer you standard email protocols that work with standard email clients, they want to lock you in for good. You are tied to using the dedicated applications offered by provider. The freedom of using a better or more suitable application is taken away from you. Protocols were standardized for a reason and today there are hundreds of email clients built for users with different needs.
When email provider alters messages data in non-standard format, they deny you data portability and with it freedom of changing providers.
Email is a collective effort of messaging interoperability. It is built around open, public standards and runs mostly on open source software maintained by folks believing in an open Internet, privacy and personal freedoms. Let’s not give away our freedoms for some Kool-Aid.
Yeah, there’s a distinct lack of nonsense with Migadu.
Check out Posteo. It’s affordable and focuses on privacy.
I’ve been using Posteo for years. I can recommend.
A provider having more than 50 users and offering more than one service doesn’t make them evil. Use Proton. They are the best, and they’re not likely to disappear. If you intentionally seek out small services because you think being an underdog is some sort of privacy merit badge, you’ll get “absolutely fucked” over and over again.
Also, you should consider paying for the products you use to encourage sane and user-friendly business models. But that’s a different discussion altogether.
proton requires them to use their software and adds a footer with protonmail ads to all of your emails without an option to disable it without paying up
I think you need to read up on the reasons why services like GMail and Facebook are free.
yes but they shouldn’t be hiding that fact deep in the settings
also I don’t care about encryption and stuff if it prevents me from using my favorite mail client without installing their bridge software
Ads are harmless. The harmful things is JavaScript.
requires them to use their software
And their software doesn’t even have an option to display HTML messages as it is plain text messages.
by software i mean the imap bridge, but i agree that the official client is pretty bad too
Proton = No SMTP/IMAP support.
They support IMAP though their bridge but you will have to be on a paid plan.
The free plan is pretty terrible anyways so if you actually want to use proton you will have to pay.
Yes and you can’t run a bridge on anything and they might discontinue it at any time and you’ll become hostage. So much for self-hosting, independence and open-source solutions.
Yes and you can’t run a bridge on anything
You can run the bridge on Windows, Linux and macOS. I wish that they had an Android app but I suspect that the aggressive power management on Android might make it a lot harder to implement in a nice way.
they might discontinue it at any time and you’ll become hostage.
There is absolutely no indication that that will happen. Remember that only the paid plans have IMAP and Proton is essentially held hostage by their subscribers since they are their only income source. Their community would be very angry if they dropped support.
So much for self-hosting, independence and open-source solutions.
This has nothing to do with self-hosting. You are literally paying someone for hosting your email.
I agree that the lack of normal IMAP support is annoying. But it’s a side effect to their encryption which is a good thing.
And it’s not like proton is alone with this problem.
Tota doesn’t even seem to have a bridge app. Fastmail changes extra for IMAP.
You can use Proton Mail Bridge to set up SMTP/IMAP with your email app of choice. Obviously, you’re still stuck with using the bridge app on your device in order to get it working.
Waiting for the day their business team devices the bridge is too much freedom you should get all locked-in.
If that were to happen, nothing is stopping users from exporting their emails elsewhere.
If that were to happen, nothing is stopping users from exporting their emails elsewhere.
Yet. You’re delusional, nothing is stopping people at gmail to move to another providers, yet they stay. And trust me gmail has a much better export and supports IMAP.
So your privacy-focused email provider recommendation is Gmail?
Obviously not, but just don’t push proton. They’re a company that resorts to predatory tactics and has zero respect for their users.
For what’s worth Lavabit (back before Snowden) had much higher standards than Proton when it comes to privacy and still supported open protocols like IMAP and SMTP. What Proton is doing is pushing for vendor lock-in at any possible point so you’re stuck with what they deem acceptable because it’s easier for them to build a service this way and makes more sense from a business / customer retention perspective.
It’s not about “using an underdog”, I just like “do one thing and do it well” philosophy you know. I don’t need drives, calendars, vpn, password manager, in one thing. I want a simple email provider that’s it.
Yeah skiff wasn’t like that but it seemed not too push it as much, just “hey it’s there you can use it” not full on products. Maybe I’m just being stupid about it idk
You can simply ignore all of these other features. Proton offers an email-only plan.
True… People also recommend having your own domain so I can switch easily in the future. Having my surname seems a bit… un-privacy-like lol Any recommendations for that?
You can have your own custom email domain and for the use cases you want to be “anonymous” use simplelogin or addy.io on top of that.
Paid subscription of Proton bundles SimpleLogin, an email aliasing service. So you can have your personal email with your surname, and when you want to sign up to some shady corpo site, you give them a randomly generated email address using SimpleLogin. All emails sent to that alias email will be automatically forwarded to your personal email. You can then disable the alias email anytime and stop receiving emails.
I have both, a personal domain with my name and also an anonymous generic domain. I use the anonymous one for 90+% of my online stuff, and use a random unique address for every service (you can set up a wildcard in proton, so *@domain.org lands in the same inbox). I would recommend that for two reasons: if you own your anonymous domain you can move your mailprovider anytime (as opposed to using some email masking service), using unique addresses for every service enables you to easily figure out which one leaked your address if you start getting spam. Just make sure to use a generic name for the domain and dont get an exotic TLD (just get a .com .org or something). Some of the non traditional TLDs may negatively impact your spam scores, and its easy to find a .com or .org when you can literally choose any domain name you want.
Linux, dovecot, postfix and a large quantity of pain medication.
deleted by creator
+1 for proton!
I’ve been using it for years, they’ve never let me down!
deleted by creator
Proton = No SMTP/IMAP support.
How would they be privacy-centric if they supported SMTP and IMAP?
Both support encryption and Lavabit probably had much higher standards than Proton when it comes to privacy and still supported those open protocols. What Proton is doing is pushing for vendor lock-in at any possible point so you’re stuck with what they deem acceptable because it’s easier for them to build a service this way and makes more sense from a business / customer retention perspective.
Lavabit probably had much higher standards than Proton
So it’s all based on an assumption.
So you assume that Proton won’t snitch on you whenever the NSA comes around asking for data?.. And I’m sure Lavabit didn’t snitch on Snowden.
I don’t really care that much about any information like IPs, I care about the actual emails which are encrypted.
There is nothing that indicates that they will snitch since that would be terrible for everyone and also illegal for them to do.
But most importantly lavabit is an American company which is insane for if you care about privacy at all.
Proton also published a transparency report while Lavabit is really opaque.
