A lot of people who are moving away from Proton due to the recent controversy are switching to Tuta
this post was submitted on 31 Jan 2025
73 points (95.1% liked)
Ask Lemmy
37530 readers
1202 users here now
A Fediverse community for open-ended, thought provoking questions
Rules: (interactive)
1) Be nice and; have fun
Doxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them
2) All posts must end with a '?'
This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?
3) No spam
Please do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.
4) NSFW is okay, within reason
Just remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either !asklemmyafterdark@lemmy.world or !asklemmynsfw@lemmynsfw.com.
NSFW comments should be restricted to posts tagged [NSFW].
5) This is not a support community.
It is not a place for 'how do I?', type questions.
If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email info@lemmy.world. For other questions check our partnered communities list, or use the search function.
6) No US Politics.
Please don't post about current US Politics. If you need to do this, try !politicaldiscussion@lemmy.world or !askusa@discuss.online
Reminder: The terms of service apply here too.
Partnered Communities:
Logo design credit goes to: tubbadu
founded 2 years ago
MODERATORS
This is the way
Pick a provider which lets you bring your own domain and you’ll never need to change address again if you move providers.
Plus you can give out really stupid email addresses that work
Rather make the domain odd.
Whats odd about that domain, much better then weird shit like apple.com
I'll vouch for Proton. The recent controversy wasn't great but it's also a single negative incident for a company that has otherwise had a pretty stellar track record. I recommend reading his responses in the reddit AMA he did after the incident. I still think he's a fool, but I don't think he's fascist or that there's any reason at all to doubt the privacy, security, or direction of the company, which is both partly open source and regularly audited.
I've been using ProtonMail for probably around 7 years now and it's been great.
I would say Tuta or Runbox or Posteo, but the truth is that any paid account that is not Google or Microsoft is way better than anything so as not to be profiled too much with their trackers and privacy-invasive practices.
On the technical side, no email is ever safe from being read either by the sending server or the receiving one. Email hasn't changed for the past 50 years.
The contents can be read, sure, but unless ChatGPT is doing a lot of hallucinating at least a few providers support e2e encryption and don't manage the private keys.
Edit: To avoid reading the whole thread, providers may support E2EE but can't guarantee it in all cases. A guarantee requires the clients on each end to manage the encryption and decryption so no plaintext enters the network.
a few providers support e2e encryption
There is no such thing with the email protocol, and most providers don't have that kind of hack.
To be clear, this page is a lie? https://proton.me/security/end-to-end-encryption
So even if I have the recipients public key the message actually goes to Proton servers in plaintext before it is encrypted?
Messages you send to other Proton Mail accounts
That's a small but important detail. If you have public keys from people at other providers, AND you trust their security (JS thing I guess), then fine. But 99.99% of the world do not have that and don't know what it means.
If you want full trust, use Thunderbird and GnuPG. Proton is a nice package but you don't control it, so no trust IMHO.
mailbox.org
Just make sure you buy a domain and use that as your mail MX. So when you eventually have to switch again, it's easy
Protonmail
Email, as a suite of protocols, was designed long before we thought deeply about encryption. In 2025, you can count on email encryption in transit and encryption at rest from providers, although try to verify it. E2EE like Proton and Tuta offer is severely limited. I was recently looking up if Proton and Tuta were even compatible with each other in terms of PGP encryption. I could find no confirmation that they are.
If you use Proton and you email another Proton user it’ll be encrypted with PGP. Otherwise your email is sent unencrypted, and email you receive is unencrypted, then Proton stores it on their server encrypted. All of this paragraph applies to Tuta as well.
You can get most of the same benefits from other providers by downloading your email locally and deleting off the mail servers. The benefit of regular email servers is open standards and compatibility with your preferred mail and calendar applications.
I use Fastmail and love it. I know many people mention using burner addressed with a custom domain, but I prefer generating a burner email with a FastMail domain for signing up to websites. Using my own domain would make it easier to identify me.
Posteo and Tuta are pretty decent!
Not sure if relevant to OP but in my case, I needed a way to route multiple emails (Gmail and own domain) to a catch all account. Found ForwardEmail service and after a very easy setup, it works fantastic. They even have SMTP.
For client, I use Thunderbird and Vivaldi's own email features.
any service that let you use your own domain (custom domain email) + imap/pop3