Is Tuta a good alternative to gmail?
from countrypunk@slrpnk.net to privacy@lemmy.ml on 16 Mar 2025 23:37
https://slrpnk.net/post/19612959
from countrypunk@slrpnk.net to privacy@lemmy.ml on 16 Mar 2025 23:37
https://slrpnk.net/post/19612959
I’ve been looking to switch from gmail to a different email provider that’s more private. I’ve been hearing about Tuta, are there any drawbacks to it? Are there better options?
For a while I was planning on making the switch to protonmail but that’s off the table now due to the recent events surrounding them.
threaded - newest
Haven’t read anything bad about Tuta so I guess it’s fine. Other good ones are Proton, mailbox.org or posteo.de. Anything that’s not by Google, Microsoft, and so on.
I’m currently planning on switching to Tuta as well. They have been the most recommended replacement since the proton incident.
no
Care to elaborate?
yes
chodi joined lemmy 55 minutes ago. Ignore their non-reply and block
I’ve seen two posts by this individual so far. Both useless.
Edit: Make that 3 for 3 in the useless category. There’s one below me here.
Tuta andPosteo are both pretty excellent (posteo is cheaper, but has a few less options that might be a deal breaker if you need them, like custom domain support).Disroot is a good free option, and they offer custom domains after a one time donation.
Mailbox is okay, though they are known to have a very odd 2fa, and will recycle your address if you ever stop paying, allowing others to claim it and potentially impersonate you.
Posteo is unique in that they’ll never delete your account for inactivity, or even if you stop paying, where they’ll let you access and read emails, but not let you send them until you pay again.
Edit: apparently Tuta is going downhill according to others here, which is unfortunate :(
Posteo’s lack of custom domain support can be augemented by using Addy.io or other similar email proxy/forward services.
Do they compare similarly in regards to privacy?
From what I understand, Tuta may have a slight edge theoretically, but email itself is a pretty poor protocol when it comes to privacy.
Tuta was forced by court order to implement a message logger for an individual, but AFAIK all of their previous messages were encrypted and could not be read by Tuta, and therefore the Government could only see new unencrypted messages coming in before they were encrypted.
Disroot only recently implemented at-rest encryption, so that should be fairly solid now. Posteo also allows you to encrypt your inbox and calendar at rest.
Even with that, consider all private email providers as mostly just to avoid surveillance capitalism (to prevent your data from being mined and sold), but with only marginal protection from state agents.
@ProdigalFrog
Tuta was involved in a Canadian spy case, where in court it was alleged to be a front for an EU Intelligence Agency. Cameron Ortis was the counterintelligence spy on trial. https://gizmodo.com/tuta-email-denies-connection-to-intelligence-services-1851022465 and lots more if one does a search. I know I wouldn't use them, so you've been warned.
@countrypunk
How can you trust an unnamed intelligence officer though? For all we know, they might have an actual honeypot competing against Tuta and want to gain marketshare.
After all, intelligence agencies are guaranteed to be the first one’s who discovered Ortis was selling secret information. Might as well give him fake information to spread around and make criminals doubt any previous information sold by him.
@yetAnotherUser
Where there's smoke, there often is fire. If you don't trust the allegations, fine.
@countrypunk @ProdigalFrog
thanks for mentioning disroot, that seems much more like what i was looking for than tuta which i was originally going to try out.
@reksas
Disroot is good, I've used them b4.
@countrypunk @ProdigalFrog
Mailbox.org beta offers regular 2FA setup via authenticator. I’ve been using it for months and I’m yet to run into any issues.
In general, I’ve been with MBO for almost a year and I’m happy with the service. You basically get a complete replacement for the google suite which you can use via your app(s) of choice.
Glad to hear they’re improving the 2FA! I did forget about their office suite and file storage ability, which does set them apart from all except Proton.
I don’t have the know how to talk about safety and privacy, but here are some caveats.
I think you have to use their client and can’t add your adress to 3rd party clients like thunderbird. Their client is however nice to work with.
If you forgot your password, the only way to change it is by using a key that is given to you after account creation. Keep it safe! Check for spelling errors If you lost the note or it’s not in you passwordmanager or whatever you use, your account is not recoverable. Their support can’t help you reset your pw.
Other than that they make email encryption pretty easy with a checkbox right under the recipient in the email editor.
Another handy feature are the aliases. (Payed feature) You can set up some email adresses for certain purposes, and filter their traffic into different inboxes quite easily. If one of them.get’s compromised, deactivate and move in. Your master adress is probably still usable.
What I do not like is the fact that paying customers get support first.
I don’t get why they don’t just make it a paid service entirely. Seems odd that email providers like to do that.
Offering a free tier lets people try the service, and encourages them to become a paid user if they run up against the limits of the free tier.
Yes, I use it and generally like it. Their app is a little buggy, but they have email support and accept bug reports on GitHub. This is helpful for finding out what other users are seeing. It’s a small dev team with frequent releases
Do you know if there’s a difference in the frequency of releases of the f-droid version and the play store version?
I’ve used Tuta for years, paid account with multiple custom domains.
I prefer them for their principles, but their clients are extremely frustrating. Emails load very slowly and their email search is basically unusable.
I’ve resorted to downloading old emails and using other clients to import and search through them. I really wish they would improve their email search.
Appreciate the honest insight. Thanks for sharing. :)
Thunderbird/Betterbird?
Tuta does not allow you to use third party email clients like Thunderbird.
I should re-iterate I download the emails to use in an offline client. Their service doesn’t support third party clients to receive and send email.
When I do taxes, I need to search thousands of emails for receipts and the tuta apps make this impossible. This is my workaround.
Right, so I’m wondering what client that is.
My bad. Its been a while, but Thunderbird at one point. If I remember right there was an update relatively recently that made it much more difficult to import offline emails, so if you find a better alternative let me know.
Hmm, I wonder if Betterbird has solved that problem… I’ve actually only ever used webmail as I didn’t understand the benefit of a desktop platform—until these (increasingly) privacy-invasive times!
yep, the app is SLOW
I don’t know if tuta and posteo have some special privacy features, but if you’re just looking for a non-gmail provider I’ve been very happy with fastmail. It’s an Australian provider with a good track record afaik.
Would also highly recommend getting your own domain if you can, so your address doesn’t belong to whichever provider you choose.
I’m in the US. I wonder if there’s any drawback to using an Australian provider. Like, will it get flagged or something?
I don’t think so. I’m in Sweden myself.
If it’s Australian, don’t expect strong privacy. But then again, I wouldn’t expect that from a US based email provider either.
Source: am Australian.
In comparison to Gmail? Yes, but that’s a very low bar to clear. You need to be aware that Tuta are currently enshittifying. The product is getting worse and the price increases. It’s slow, but it’s happening. I switched to disroot.org after 2 years of Tuta because I got fed up with it.
It is in my Scrolls of Grudge, and I quote:
NOOOOOOO! Shit! Ah, for the love of cthulu … damnit!
Sigh … this just bummed me out. Thanks for the info.
I am a paid user of Tuta and I have never seen any ads. Where did you see them and what kind of ads?
_drkt provided no proof of Tuta’s enshittification. There are no paid ads for third party products in any Tuta UI. Don’t panic yet. Read all the comments here, maybe.
Haha you almost fucking got me, I actually wrote a whole thing about how those are ads but then I read your comment again and noticed that clever little write-off. Ads for their own products are still ads and I don’t want to fucking see it. Get that shit off my eyeballs, I paid for this product.
The newsletter is an ad, it’s not news. They’re just advertising their products to you and you can’t unsubscribe and you can’t ignore it because they very deliberately have a special styling for the newsletters that makes it stand out from normal emails.
I don’t know why you want to defend this company. I’m glad you’re okay with the level of shitty behavior they engage in; it’s definitely less than most email providers do- I’m just letting people know that Tuta aren’t angels. They’re a company, and they used to be better. Proton was exactly the same. It was a good service and then it became shitty.
I would love to log back in and show you the 3 separate buttons on my UI that did nothing except link to a “Please pay us for this feature” page because I was a legacy premium user because I didn’t want all those new bullshit they made. I stress that it’s not a case of them implementing a button in the UI for all users and because I’m a legacy user I get it too even if I can’t use it- the buttons had special CSS to make them stand out. They were ads. Why couldn’t Tuta just leave me alone? I could still be paying them to this day if they had just not gone down that path. I just want an email that is an email and nothing more and doesn’t get in my way. Tuta had that, and then they took it away and asked for more money to put it back.
I think the misunderstanding here is that I was a legacy premium user. I was paying less to get only the email+calendar because that’s what I signed up for, originally. When people sign up today, that’s not an option. People who are new to Tuta (relatively) haven’t seen this change happen and haven’t witnessed how obviously desperate Tuta was to get people off the legacy premium plan.
Also my name is drkt_ but I’m sure you tried your best.
You should try Proton, then /s
Proton constantly tries to push you to upgrade to their next plaid plan too. So much so that this coupled with still zero fucking support for Proton Drive under Linux are the two reasons I have cancelled my paid Proton plan… and I had been paying for years.
edit: typos
Yeah, I know! Don’t say that too loud, though. Proton and Tuta are the precious baby boys who can do no wrong in most “privacy” communities.
Those two services have strengths but they also have some drawbacks, that are more or less painful depending one’s needs. If there are people out there who feel so empty that they can’t stand any critics concerning a product they think is great, well, what can I say? I’m so sorry for them.
I’ve used Tuta for more than 4 years. It’s a solid choice if you accept a couple few things:
they’re a small company, doing their best to survive.
you have to use their client apps. They take security very seriously and assume all of their users do as well.
prices might go up every few years but I am still paying my original rate, for my original features.
the search function does work but is very slow.
But otherwise, I’m very happy and expect to stay with them for the forseeable. Good luck in your search.
I’ve had a bug with the android app where sometimes notifications for emails just don’t happen. I’ve received a new email notification, opened the app, and found that the notification was for an email received 5 hours ago, and I didn’t get any notification for the email 3 days ago or the email 1 hour ago.
Despite this issue and several other minor issues, I still recommend Tuta. Mostly because I can’t find anything better.
This happens to me as well. It’s a bit annoying but I still prefer it over others.
If you’re on Android, by any chance, have you gone through all the battery optimization, background process killing, and startup settings? Some OEM’s versions of Android are real bad in that way. Giving the app the right settings and permissions may decrease the number of delayed notifications like that.
I am using Android until I can find an alternative. I’ve turned off all optimisations I can find. I haven’t had the issue in a few weeks, but it did happen once since changing settings. I’m hoping that something random I did (like a phone restart) somehow fixed everything.
You mean you’re considering something like PostmarketOS? Just wonder where people are looking for alternatives.
I’m looking everywhere I can. I haven’t found any OS that works with my current phone (Nokia G42), and the aren’t too many phones that meet my needs (dual Sim, small, headphone jack, repairable, runs open source OS).
I’ve given up actively searching and I’m mostly browsing Lemmy and hoping to stumble across something useful. Please let me know if you have any more suggestions.
No PGP support kinda kills it imho
I have the feeling people actually need to have the urge from panic to have to migrate all their data.
Tuta’s product is snake oil.
A cryptosystem is incoherent if its implementation is distributed by the same entity which it purports to secure against.
If you don’t care about their (nonstandard, incompatible, and snake oil) end-to-end encryption feature and just want a freemium email provider which (purports to) protect your privacy in other ways, the fact that their flagship feature is snake oil should still be a red flag.
Is there anything about Startmail (company that does Startpage.com) that is worth avoiding? I’ve never paid for mail but if it’s solid and avoids Google I might.
StartPage/StartMail is owned by an adtech company who’s website boasts that they “develop & grow our suite of privacy-focused products, and deliver high-intent customers to our advertising partners” 🤔
They have a whitepaper which actually does a good job explaining how end-to-end encryption in a web browser (as Tuta, Protonmail, and others do) can be circumvented by a malicious server:
However (i am not making this up!) they hilariously use this analysis to justify having implemented server-side OpenPGP instead 🤡
Wow, that is very disappointing. I had started using startpage as a Google alternative. While it still may be preferable to Google specifically, their mail product is definitely out.
I started using fastmail, best thing I decided to do in awhile
I recommend mailbox.org instead.
No single organization should be trusted. “Emails paint an intimate narrative of ourselves — the people we talk to, the books we read, the politics we practice. This information is powerful. When we lose control over it, it can do great harm to ourselves and our loved ones.” …ted.com/why-we-should-all-care-about-encryption-…
What’s the practical takeaway here? Just don’t have an email basically
@Cgers@lemmy.dbzer0.com The takeaway here is not “don’t use email at all.” You can employ OpenPGP, and encrypt your emails. Also, host your own keys. Perhaps don’t allow a single corporation to have your private key and access to your encrypted messages simultaneously.
Take control of your data. Host your own email or use a provider that cares about your privacy.
We talk about this so often in privacy communities because, although emails are particularly difficult to secure, they’re so important. Swapping your email provider or hosting your own is so easy to say and so hard to do, but so worth doing. I would suggest taking some steps towards FLOSS/FOSS and other privacy-friendly options in other areas first to get used to the idea of change and some of the difficulties you’ll handle in that realm
I’ve tried tuta before. It seems pretty okay, but it doesn’t support IMAP meaning you have to use their app, and (at least for me) it was SLOW.
I personally use disroot, but there’s loads of other options, like mailfence seems like a decent alternative. Just pick one that supports IMAP
I’m using Tuta and their app for a few years now. The app was slow indeed but it’s good now, no problems so far. Lack of IMAP support is justified with security, they say. I personaly don’t need IMAP as I’m completely satisfied with the app, which is available officially in f-droid btw.
yk, fair enough. if you like it, that’s fine by me
Yes.
It’s not Tuta but I adore Fastmail.
No BS. No gimmicks. Just privacy aware, protocol conformant E-mail at a reasonable price.
5€/month for email? 😵
Yeah. Email’s actually quite unpleasant (not hard) to do well. Look sideways at anyone doing it free or super-cheap.
I’m selfhosting with mailcow and it’s great
But I agree, setting it up from scratch is really annoying
Services cost money to run. Either you pay for the product or you are the product.
Make your choice, name your poison. No skin off my nose in any case :)
I mean I self host for 4€/month and I could fit multiple emails in there
Email is pretty much just about storage at some point, and there are a lot more cost effective servers for this, than a simple VPS
Self hosting email is a non trivial effort. I’ve done it before and am in zero rush to do it again.
And before you tell me “Oh hey I’ve had no problems at all with delivery getting blocked by GOOG or MSFT” good on you but that has NOT been a lot of people’s experience trying to self host their E-mail, including mine.
What did proton do wrong? Legit question, I’m out of the loop.
Nothing. It’s just FUD.
Here’s an article about it: medium.com/…/does-proton-really-support-trump-a-d…
Even if the CEO did support the orange turd, I would personally still be able to separate his personal opinion from what the non profit is doing.
That was informative, thanks.
I agree with you, I would be extremely surprised if the Proton CEO supported Trump… I would say very unlikely.
Very thinly veiled tho… It’s not an immediate threat, but it’s best to just move away from it if you can.
Great source, thanks :)
He explicitly supported the republican party in its current guise. That’s enough for me to run. Fastmail is where I’ve temporarily landed - would prefer somewhere away from Aussie jurisdiction, but it felt like the least-shit.
I am very happy with Proton.
If you don’t want to run your own mail server then there will always be a trade off somewhere. That trade off could be high costs to pay a tech firm to run a private mail server for you, could be lack of features, could be privacy, could be a lot of things. Even with your own mail server there will be trade offs around security etc. depending upon your skillset.
Personally, I have a hybrid approach.
I also have other accounts (e.g. DDG, Apple Mail, for specific use cases, but I forward the content I receive there into Gmail.
I’ve had a look at Tuta and haven’t seen enough to convince me to move anything there. I’m not going to move my mail servers to a cloud provider, Gmail is there because the address is 20 years’ old and I can’t be bothered updating everywhere that it’s used, and Proton has been great for years, has grown well, and has a corporate mission that I agree with. DDG, Apple Mail etc. is what the internet sees of me - They generate unique email addresses and then I forward the content I want into Gmail, or sometimes Proton.
I’ve been using it for a few months now. Works just fine, doesn’t do anything fancy but it doesn’t need to. Filter rule creation is pretty limited, and the desktop client doesn’t play well with my VPN for some reason, but otherwise it works fine.
I didn’t like that Tuta didn’t support IMAP which means I am locked in to using their client. I self host my own CalDAV and carddav servers for calendar and contacts and wanted a single client for mail/calendar/contacts. Without IMAP support I could not do that. I ended up going with fastmail and am okay with the privacy tradeoff of no end to end encryption.