this post was submitted on 10 Feb 2024
2 points (100.0% liked)

Privacy

31915 readers
488 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Hi everyone! Since I was absolutely fucked by Skiff (thank fuck I didn’t pay for it) I’m looking for a new email provider :) I’m not sure I like how proton is transforming into a full on suit, I only need email. Any other recommendations or is proton my only choice really?

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 0 points 9 months ago

Run your own, you need a server, tech knowledge and time, or maybe Tuta mail?

[–] [email protected] 0 points 9 months ago

There isn't. Self hosting is the only way you can send email without giving your data. All email provider have your data, assuming there is a provider that is private is lying yourself. Even if they have some kilograms of privacy policy.

[–] [email protected] 0 points 9 months ago
[–] [email protected] 0 points 9 months ago (1 children)

My 2 ¢: Email is inherently not private. With tls you have encryption in transit, but as soon as the data hits the server no metadata is ever encrypted. With pgp you can encrypt the message content, sure, but not with many of the advanced features we expect from e.g. Signal and matrix. Therefore it doesn't really matter if you use proton ot tuta, unless you exclusively mail other proton/tuta users.

I am extremely happy with purelymail.com. extremely cheap and versatile. I also use mailfence.com but that's only because i'd like to have two different servers for something as important as mail. Been a customer with purely for probably 3+ years . Mailfence probably 6+ years. Have seen two small outages with mailfence. None with purely.

[–] [email protected] 0 points 9 months ago (1 children)

I'm curious what's the advanced feature?

[–] [email protected] 0 points 9 months ago

I am no expert, so this is just my understanding: pgp encrypts the message, with the the recipients public key. Once the private key is compromised , bruforced or cracked, all messages are compromised. With signal, and all the other apps that uses signal protocol, it's different. Here, the key is renewed often (i think for each message) and the key is device dependant. Therefore if the key is compromised no previous messages are compromised and neither are communications with other people. This is what e2e means, and pgp is not that. Also the key or self is harder to crack I think, but i am not sure how strong signals elliptic curve crypto is finished to a 4096 rsa key.

Tldr: pgp is a simple encryption at rest, that can be cracked once and for all. Signal et. All is e2e encrypted and much harder to compromise one and for all.

[–] [email protected] 0 points 9 months ago

Have been happy with Tuta

[–] [email protected] 0 points 9 months ago

What's your objection to Proton? You don't have to use any of the other products, and the free tier is perfectly usable last I checked (granted many years ago). Not sure what your concern is

[–] [email protected] 0 points 9 months ago

Plus one for Proton, I don't use their password manager, but their other products I've been using and been pleased with. I consider it well worth the cost.

[–] [email protected] 0 points 9 months ago

I just came across this one too, seems rather promising! https://forwardemail.net/en

[–] [email protected] 0 points 9 months ago (1 children)

Regardless of who you choose. Use an aliasing service. It makes moving to a new provider/email address a breeze on the future. It took me days to go around updating all my 200 sites online. If I ever move from proton it will take me 5 minutes to ensure all my sites now go to my new provider.

My only tip would be to create a new domain rather than using a shared one. This will prevent some sites from blocking you from using an alias.

[–] [email protected] 0 points 9 months ago (2 children)

Email alias indeed helps to avoid spam and helps you to assume separate identity per site, but won't help in any way to stop mail provider/server from processing your email data for user profiling / targeted ad purpose.

Buying email domain and self-hosting is only the full proof way from privacy POV, but it is really difficult target to accomplish. A privacy respecting email hosting + alias should be next ideal choice, IMO.

[–] [email protected] 0 points 9 months ago

Self hosting is best if you have the knowhow, inclination and time to maintain it, but there are alias services that will encrypt any mail they forward using a key you provided so this would eliminate the ability of your chosen non-self-hosted email provider/server to easily read your received mail limiting their ability to profile or target to any metadata and header info that is passed along unencrypted.

Of course, then you are placing trust in the alias service's privacy and logging policies. But some are open source and you could host an alias forwarding service yourself if you wished as well.

[–] [email protected] 0 points 9 months ago

Check out YUNOhost. It's an open source operating system for servers which comes with email already set up. You can install it on a cheap VPS or home server and easily manage it graphically via web portal.

[–] [email protected] 0 points 9 months ago

If you don't need anonymity you could just buy a domain with a single email and use your own email app SMTP. I think it's cheaper than most email providers.

[–] [email protected] 0 points 9 months ago

Let me recommend Migadu, as email privacy is kind of a difficult topic. They offer complete email freedom for a very reasonable price; $20 ($10 for students) a year. They explain my main reasoning why I would avoid Proton:

When an email provider rations email address of your own domain name-space at a fee, they are asking you to hand them over control of your name-space. There is zero cost associated with additional email addresses and it is time you learn about it.

When email provider does not offer you standard email protocols that work with standard email clients, they want to lock you in for good. You are tied to using the dedicated applications offered by provider. The freedom of using a better or more suitable application is taken away from you. Protocols were standardized for a reason and today there are hundreds of email clients built for users with different needs.

When email provider alters messages data in non-standard format, they deny you data portability and with it freedom of changing providers.

Email is a collective effort of messaging interoperability. It is built around open, public standards and runs mostly on open source software maintained by folks believing in an open Internet, privacy and personal freedoms. Let’s not give away our freedoms for some Kool-Aid.

[–] [email protected] 0 points 9 months ago (1 children)

I recently switched to skiff from proton as the skiff's free tier is offering what proton's mail plus plan. And now they are shutting down their services.

[–] [email protected] 0 points 9 months ago (1 children)

Their free tier storage offering was amazing. I honestly couldn't see how they could offer so much for free. I was very tempted at the time but chose proton. Although I think I may move to Fastmail when my renewal is due.

[–] [email protected] 0 points 9 months ago

I honestly couldn’t see how they could offer so much for free

We just saw that it wasn't profitable and the business plan was to find an exit strategy via acquisition

[–] [email protected] 0 points 9 months ago (1 children)

I 💜 Protonmail. I generally like proton as a company.This video has really gained my trust for them as a privacy focussed services provider.

[–] [email protected] 0 points 9 months ago

Here is an alternative Piped link(s):

This video

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source; check me out at GitHub.

[–] [email protected] 0 points 9 months ago

Proton, Tuta, or mailbox.org are good choices.

[–] [email protected] 0 points 9 months ago (1 children)

Another vote here for Fastmail. I also like Posteo, Mailbox and mxroute, but these are not as fully featured - which may be perfect for you if you're after email only. What I really like about Fastmail is that on top of being a customer-focused business (rather than a customer is the product business), they offer a really snappy web interface with excellent search - and they are extremely compliant with email standards, building everything on JMAP.

I do not like Proton or Tutanota. I have used both, including using Proton as my main email account for the past two years. I do believe they are probably the best when it comes to encryption and privacy standards, but for me it's at far too much cost. Encrypted email is almost pointless - the moment you email someone who isn't using a Proton (or PGP encryption), then the encryption is lost. Or even if they just forward an email to someone outside your chain. I would argue that if you need to send a message to someone with enough sensitivity to require this level of encryption, email is the wrong choice of protocol.

For all that Proton offer, it results in broken email standard compliance, awful search capability and reliance on bridge software or being limited to their WebUI and apps. And it's a shame, because I really like the company and their mission.

[–] [email protected] 0 points 9 months ago

Don't even need proton for that, just use delta chat.

load more comments
view more: next ›