Suggestions for choosing email provider
from oi34ojjhkew@lemmy.ml to privacy@lemmy.ml on 12 May 01:54
https://lemmy.ml/post/47198450
from oi34ojjhkew@lemmy.ml to privacy@lemmy.ml on 12 May 01:54
https://lemmy.ml/post/47198450
I am trying to choose an email provider, to use with my identifying accounts (like banks, gov ids, etc.). I feel that emails for such cases do not need to be end-to-end encrypted, since most information would already be present with banks, gov, etc.
So I was looking at non-E2EE emails - Mailbox and Posteo.
- Between Posteo and Mailbox - which one do you use / is better in terms of privacy?
I noticed that both of these are hosted in Germany. With rise in popularity of right wing party, a bunch of stuff around chat control and verification, and even normal German government support for Israel, I was wondering whether I should look for other solutions hosted elsewhere. Or use Proton / Tuta instead?
Also, I am not sure if any of these companies support right-wing or Israel themselves?
Do you have any suggestions regarding this?
threaded - newest
i generally use privacyguides.org to choose providers, they have a pretty good filter to recommend software and i’ve been around their community and everyone’s pretty cool. it’s comprehensive, has standards in the sense of a set of of things something must have to be listed, etc.
.
I’ve been considering getting Fastmail for how feature rich it is. E-mail isn’t the place for E2EE IMO, but they support using it, they just don’t provide it themselves. If I need end to end I’m using signal or only sharing keys with trusted individuals.
.
The government isn’t the only threat e2ee protects against. When a non-e2ee service is hacked, the data is free for the taking, if the service is e2ee the data is only available from that moment forward. I’m not going to speak for which provider you should use, but you should reconsider needing e2ee.
The post is a bit misleading. Posteo and Mailbox offer end-to-end encryption through OpenPGP.
Proton offers E2EE through OpenPGP and when communicating with other Proton Mail users.
Tuta offers E2EE only for communication with other Tuta users.
The encryption of incoming and outgoing emails to other providers Proton, Tuta, Mailbox (possibly Posteo too) provide, is not end-to-end encryption, as the mail content is visible to the provider and only encrypted at rest.
There is a good video by “By Default” on YouTube which highlights this.
Posteo markets itself on being green, if that’s important to you.
I’ve been using migadu for a few years. They’re a small company based out of Switzerland for their privacy laws. I haven’t had any issues with them. The base plan is cheap and has unlimited mailboxes. Their support is responsive. I’d recommend checking them out
Interesting! So there were founded in 2014? No much growth though. The cheapest plan is $19€/yr with 5GB, I think most will need 10GB but that would put you in the $90/yr (30GB plan)… that is a mayor hike that most users will find themselves in within the first year. But anything else looks good to me. Now, the email it is “Not encrypted” at all, not even facilitate doing it so. They justify it and I am ok with their “email is not intended for so”, but probably no what the OP s looking for.
Second Migadu. Been using them for several years with minimal issues.
I’ve had a few mail delivery issues, but I think it was coming from my unusual domain name vs anything else.
I use Posteo, honestly I don’t think it matters much what you choose, anything will be better than Google, encryption is nice but only works if both people have it. Your emails will be as secure as the other address.
Proton’s founder publicly praised Trump on Twitter, so it’s a no-go for me.
I’ve been using Mailbox for a while and i like it. There are some small annoyances with their web interface but it’s not a big problem, I usually use Thunderbird anyway. Mailbox supports IMAP.
Also, you get custom domains.
I like Mailbox a lot, and seem to head in the right direction.
Yet I disagree with “Proton’s founder publicly praised Trump”, he did write three times on specific events, most notably praising a Trump nomination (Abigail Slater) to lead the Justice Department’s Antitrust Division (hoping she will tackle the big tech 5 as claimed then in January). Of course, that ended in nothing at the end. Andy should have known better, but that is what happens with these people, they are good at what they do, not what they say (and sometimes even what they think). But that is not “praising Trump” but a praising a single action he did. Politically, if you care about that, after hearing a few interviews with him, I think he is more a liberal lefty but that prioritizes antitrust powers on the big 5 (unlike most liberals 1998-2025), so easily misunderstood for a Republican or even MAGA.
Direct quote: “10 years ago, Republicans were the party of big business and Dems stood for the little guys, but today the tables have completely turned.”
This is laughably incorrect. Then he turned around and repeatedly said his statement was politically neutral.
Which is a barefaced lie.
Whatever you chose, I would recommend making a custom domain. I didn’t make one and now I regret it because I want to switch.
Proton gives me some no good vibe I cannot explain, but it works really good and they really have the human capital to make it work. They do have policies of no-refund that makes that bad sentiment grow. Why no refunding non-used portion or even with a penalty? Regarding its founder, Andy, he did made 3 statements that appeared to support Trump, but I think they were misinterpreted; Andy criticized more the Democrats unrelenting support for the Tech Giants than praising the Republican administration since, with Trump, was the only voice that appeared that was going to favor more the small business vs the mega corporations. Of course, that was the promise that Trump, as with all others he made, were a complete lie. I don’t recall any other statements beyond that topic of small business vs big tech.
Mailbox, has been static for a while, but they do offer good service and now they are attempting to modernize. No full privacy by default, but okay for most. Still a bit German-centric. I would recommend this easily.
Posteo would have been my first choice since 5 years ago, but the lack of no being able to use your domain, sorry to say it is inexcusable. They say because your own domain brings some privacy up to light, very true! So advise it, “look, we suggest to use our domains for better privacy for you, but if you want the freedom to move to another provider in the future at the cost of a bit of privacy, you are welcome to bring your own domain”. I want to believe the decision was genuinely because they think it is for better privacy and not to create a lock-in for its customers.
Tuta… oh Tuta. I like the people, I believe and trust them the most! Yet, they probably still need to grow a bit so they can have the resources to do better. Their android client does not share data with Google for the push notifications (hello Proton?!). For just email, it is fantastic and for privacy it is the best, period… if you are OK with the lack of support on IMAP and POP3 protocols that is; They should do some bridge like Proton does and I would put in top among all.
On the concerns of the change of political colors in Germany, first regarding privacy, you are more at the wimps of the people of the provider than the leader of the time. I don’t really see any country as safe today, not a single one! Now, a right owner like Lavabit’s that choose to close shop than given the SSL keys to the US authorities, that is why trust is so critical; I would rather use a provider based in the US with the right owner, than one in Switzerland with one I don’t know much about. Once said that, unless you are a high targeted individual, maybe you should not only focus on privacy, besides, sometimes, the best defense is to blend among the no-so-top-notch-privacy providers. In any case, I trust the most Posteo and Tuta, but recommend Mailbox and Proton to most people. I think there is room for a new player here that covers all the shortcomings, but not here yet.
I’m using Proton Mail and use an alias to sign up for each service. Works well and if you start getting spam you can pinpoint who leaked your data due to to the unique aliases.
Tried proton, and didn’t like that I needed a proxy to use it with my desktop mail client and no option beyond their app on mobile. Wound up moving to Purelymail. It’s a bit quirky, but super cheap, and I haven’t had any issues. I’ve even replicated Hotmail’s sweep feature with a Thunderbird container.
For aliases, I use addy.io.
I’ve seen a lot of people recommend Posteo but I whould not use them. Because they haven’t enabled DMARC. mxtoolbox.com/SuperTool.aspx?action=dmarc%3Aposte…
All major email providers have enabled DMARC. Gmail mxtoolbox.com/SuperTool.aspx?action=gmail.com&run…
Tuta mxtoolbox.com/SuperTool.aspx?action=tuta.com&run=…
I’d recommend Tutanota, ProtonMail, or Mailbox.
I’d avoid Tuta. Suspended an acct for inactivity and then when I went to replace it (with diff IP and name, no less) I got “flagged for review, cannot send/receive” then they said “send us a message with this address that can’t send supposedly,” and I gave up on them.
I use my own domain and cpanal email in the namecheap shared hosting plan.
im using disroot mail as my primary mail since 2021, it’s quite reliable and the community seem friendly
With the small caveat that they don’t accept signups on weekends
Posteo has been fantastic for me, but no bring your own domain as some have mentioned a deal breaker if that’s your bag
Super cheap, unsure on any political stances but they embrace being green / sustainable so that’s usually a give away :)
Use it with betterbird and Thunderbird android just works great
so does chevron. lol