Hi everyone! Since I was absolutely fucked by Skiff (thank fuck I didn’t pay for it) I’m looking for a new email provider :) I’m not sure I like how proton is transforming into a full on suit, I only need email. Any other recommendations or is proton my only choice really?
Let me recommend Migadu, as email privacy is kind of a difficult topic. They offer complete email freedom for a very reasonable price; $20 ($10 for students) a year. They explain my main reasoning why I would avoid Proton:
When an email provider rations email address of your own domain name-space at a fee, they are asking you to hand them over control of your name-space. There is zero cost associated with additional email addresses and it is time you learn about it.
When email provider does not offer you standard email protocols that work with standard email clients, they want to lock you in for good. You are tied to using the dedicated applications offered by provider. The freedom of using a better or more suitable application is taken away from you. Protocols were standardized for a reason and today there are hundreds of email clients built for users with different needs.
When email provider alters messages data in non-standard format, they deny you data portability and with it freedom of changing providers.
Email is a collective effort of messaging interoperability. It is built around open, public standards and runs mostly on open source software maintained by folks believing in an open Internet, privacy and personal freedoms. Let’s not give away our freedoms for some Kool-Aid.
Tuta, I've had an account with them for years. Since the end of 2023 Proton Mail dropped off my list because of its funding for Bellingcat.
https://propagandainfocus.com/proton-mail-imperialist-stooge/
Proton, known for its privacy-centric email service Proton Mail, announced at the end of 2023 that it would help raise money for controversial group Bellingcat, a documented proxy British intelligence operation, through its annual Lifetime Account Charity Fundraiser.
I know you are not interested in proton but they are the absolute best and you possibly cannot get anything better than their services on the privacy and security end (which they are focused on).
I 💜 Protonmail. I generally like proton as a company.This video has really gained my trust for them as a privacy focussed services provider.
Plus one for Proton, I don't use their password manager, but their other products I've been using and been pleased with. I consider it well worth the cost.
I recently switched to skiff from proton as the skiff's free tier is offering what proton's mail plus plan. And now they are shutting down their services.
Posteo, mailbox.org, Tuta.
-
https://posteo.de/en
-
https://mailbox.org/en/ (can have your own custom domain)
-
https://tuta.com/ (can have your own custom domain but like Proton you cannot use K9-mail app and similar)
-
My 2 ¢: Email is inherently not private. With tls you have encryption in transit, but as soon as the data hits the server no metadata is ever encrypted. With pgp you can encrypt the message content, sure, but not with many of the advanced features we expect from e.g. Signal and matrix. Therefore it doesn't really matter if you use proton ot tuta, unless you exclusively mail other proton/tuta users.
I am extremely happy with purelymail.com. extremely cheap and versatile. I also use mailfence.com but that's only because i'd like to have two different servers for something as important as mail. Been a customer with purely for probably 3+ years . Mailfence probably 6+ years. Have seen two small outages with mailfence. None with purely.
I am no expert, so this is just my understanding: pgp encrypts the message, with the the recipients public key. Once the private key is compromised , bruforced or cracked, all messages are compromised. With signal, and all the other apps that uses signal protocol, it's different. Here, the key is renewed often (i think for each message) and the key is device dependant. Therefore if the key is compromised no previous messages are compromised and neither are communications with other people. This is what e2e means, and pgp is not that. Also the key or self is harder to crack I think, but i am not sure how strong signals elliptic curve crypto is finished to a 4096 rsa key.
Tldr: pgp is a simple encryption at rest, that can be cracked once and for all. Signal et. All is e2e encrypted and much harder to compromise one and for all.
There isn't. Self hosting is the only way you can send email without giving your data. All email provider have your data, assuming there is a provider that is private is lying yourself. Even if they have some kilograms of privacy policy.
Run your own, you need a server, tech knowledge and time, or maybe Tuta mail?