I didn't like that Tuta didn't support IMAP which means I am locked in to using their client. I self host my own CalDAV and carddav servers for calendar and contacts and wanted a single client for mail/calendar/contacts. Without IMAP support I could not do that. I ended up going with fastmail and am okay with the privacy tradeoff of no end to end encryption.
this post was submitted on 16 Mar 2025
125 points (95.6% liked)
Privacy
37976 readers
472 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
I've been using it for a few months now. Works just fine, doesn't do anything fancy but it doesn't need to. Filter rule creation is pretty limited, and the desktop client doesn't play well with my VPN for some reason, but otherwise it works fine.
If you don’t want to run your own mail server then there will always be a trade off somewhere. That trade off could be high costs to pay a tech firm to run a private mail server for you, could be lack of features, could be privacy, could be a lot of things. Even with your own mail server there will be trade offs around security etc. depending upon your skillset.
Personally, I have a hybrid approach.
- Business is on a mail server
- Personal with sensitive data (health, bills, etc.) is on a mail server
- Personal - subscriptions, newsletters, etc. is on Proton
- Everything else is on Gmail
I also have other accounts (e.g. DDG, Apple Mail, for specific use cases, but I forward the content I receive there into Gmail.
I’ve had a look at Tuta and haven’t seen enough to convince me to move anything there. I’m not going to move my mail servers to a cloud provider, Gmail is there because the address is 20 years’ old and I can’t be bothered updating everywhere that it’s used, and Proton has been great for years, has grown well, and has a corporate mission that I agree with. DDG, Apple Mail etc. is what the internet sees of me - They generate unique email addresses and then I forward the content I want into Gmail, or sometimes Proton.
What did proton do wrong? Legit question, I'm out of the loop.
Nothing. It's just FUD.
Here's an article about it: https://medium.com/@ovenplayer/does-proton-really-support-trump-a-deeper-analysis-and-surprising-findings-aed4fee4305e
Even if the CEO did support the orange turd, I would personally still be able to separate his personal opinion from what the non profit is doing.
He explicitly supported the republican party in its current guise. That's enough for me to run. Fastmail is where I've temporarily landed - would prefer somewhere away from Aussie jurisdiction, but it felt like the least-shit.
Great source, thanks :)
That was informative, thanks.
I agree with you, I would be extremely surprised if the Proton CEO supported Trump.. I would say very unlikely.
It's not Tuta but I adore Fastmail.
No BS. No gimmicks. Just privacy aware, protocol conformant E-mail at a reasonable price.
5€/month for email? 😵
Services cost money to run. Either you pay for the product or you are the product.
Make your choice, name your poison. No skin off my nose in any case :)
I mean I self host for 4€/month and I could fit multiple emails in there
Email is pretty much just about storage at some point, and there are a lot more cost effective servers for this, than a simple VPS
Self hosting email is a non trivial effort. I've done it before and am in zero rush to do it again.
And before you tell me "Oh hey I've had no problems at all with delivery getting blocked by GOOG or MSFT" good on you but that has NOT been a lot of people's experience trying to self host their E-mail, including mine.
Yeah. Email's actually quite unpleasant (not hard) to do well. Look sideways at anyone doing it free or super-cheap.
I'm selfhosting with mailcow and it's great
But I agree, setting it up from scratch is really annoying
Yes.
I’ve tried tuta before. It seems pretty okay, but it doesn’t support IMAP meaning you have to use their app, and (at least for me) it was SLOW.
I personally use disroot, but there’s loads of other options, like mailfence seems like a decent alternative. Just pick one that supports IMAP
I'm using Tuta and their app for a few years now. The app was slow indeed but it's good now, no problems so far. Lack of IMAP support is justified with security, they say. I personaly don't need IMAP as I'm completely satisfied with the app, which is available officially in f-droid btw.
yk, fair enough. if you like it, that’s fine by me
No single organization should be trusted. "Emails paint an intimate narrative of ourselves — the people we talk to, the books we read, the politics we practice. This information is powerful. When we lose control over it, it can do great harm to ourselves and our loved ones." https://ideas.ted.com/why-we-should-all-care-about-encryption-really/
What's the practical takeaway here? Just don't have an email basically
Take control of your data. Host your own email or use a provider that cares about your privacy.
We talk about this so often in privacy communities because, although emails are particularly difficult to secure, they're so important. Swapping your email provider or hosting your own is so easy to say and so hard to do, but so worth doing. I would suggest taking some steps towards FLOSS/FOSS and other privacy-friendly options in other areas first to get used to the idea of change and some of the difficulties you'll handle in that realm
What’s the practical takeaway here? Just don’t have an email basically
@Cgers@lemmy.dbzer0.com The takeaway here is not "don't use email at all." You can employ OpenPGP, and encrypt your emails. Also, host your own keys. Perhaps don’t allow a single corporation to have your private key and access to your encrypted messages simultaneously.
I recommend mailbox.org instead.
I started using fastmail, best thing I decided to do in awhile
Tuta's product is snake oil.
If you don't care about their (nonstandard, incompatible, and snake oil) end-to-end encryption feature and just want a freemium email provider which (purports to) protect your privacy in other ways, the fact that their flagship feature is snake oil should still be a red flag.
Is there anything about Startmail (company that does Startpage.com) that is worth avoiding? I've never paid for mail but if it's solid and avoids Google I might.
StartPage/StartMail is owned by an adtech company who's website boasts that they "develop & grow our suite of privacy-focused products, and deliver high-intent customers to our advertising partners" 🤔
They have a whitepaper which actually does a good job explaining how end-to-end encryption in a web browser (as Tuta, Protonmail, and others do) can be circumvented by a malicious server:
The malleability of the JavaScript runtime environment means that auditing the future security of a piece of JavaScript code is impossible: The server providing the JavaScript could easily place a backdoor in the code, or the code could be modified at runtime through another script. This requires users to place the same measure of trust in the server providing the JavaScript as they would need to do with server-side handling of cryptography.
However (i am not making this up!) they hilariously use this analysis to justify having implemented server-side OpenPGP instead 🤡
Wow, that is very disappointing. I had started using startpage as a Google alternative. While it still may be preferable to Google specifically, their mail product is definitely out.