A while back I started on this journey, and as most people did, I’ve had my ups and downs and went through the learning curve, I’ve now reached the point of so much knowledge that I truly know, I dont know shit. People of Lemmy I come to you today because idk what to do, I recently made a free account with proton, their subscription is fairly cheap so idm paying the monthly tier of 15GB so I can have control over ending it whenever I please instead of being locked in for a year. Now, I heard about Tuta but never dived much into it, i know Proton has had its controversies (Don’t be shy of reminding me of what they were), but what are my options here truly for a proper FOSS email provider? I can negate the free part for a reasonable price, but truly private AND secure is a must.

Self Hosting isn’t an option yet for personal reasons unless it’s completely free.

  • superglue@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    12
    ·
    2 months ago

    This might be an unpopular opinion in this community, but here it goes.

    Privacy doesnt really exist with email. Yes, Proton does support encryption, but nobody but Proton uses it. When your bank sends you an email, its plain text, and its pretty much guaranteed its sent from an outlook or gmail server. If they want your data they can get it whether youve got proton or not.

    As for me - I actually still use my universities email. Its on outlook, but, hardly anything is sent to it, it never gets flagged as spam, and it doesnt cost me anything and will hopefully be there forever.

    • sakuraba@lemmy.ml
      link
      fedilink
      arrow-up
      4
      ·
      2 months ago

      Came to say the same, the only benefit I see in proton and other providers is not having my email monitored by Google but that’s it

    • BladeFederation@piefed.social
      link
      fedilink
      English
      arrow-up
      4
      ·
      2 months ago

      Nah that’s a pretty common (and correct) take. Never email something you wouldn’t want to see come up in a court case. Secure email can limit exposure somewhat though. Unless it’s the government it may be impossible or at least harder to put things together about you from other email addresses. At the very least every email is not being scanned by Gemini and used to train it. And the more people that use privacy respecting email the more private it is.

    • snowydroopz@lemmy.worldOP
      link
      fedilink
      arrow-up
      2
      ·
      2 months ago

      Never actually thought of it that way, like how no matter what you do, since most of your family uses META, you’re indirectly hit by the crossfire

      • superglue@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 months ago

        Right ya. You’re best bet if you want to achieve privacy is to pretty much stop using email as much as possible. Proton is fine, and it is better than say using outlook or gmail, but barely.

        • SupremeDonut@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          2 months ago

          Privacy doesn’t really exist in what way? In a sense that the layperson should be concerned or just a person of interest in a diplomatic position?

    • StumblingWasabi@lemmy.today
      link
      fedilink
      arrow-up
      1
      ·
      2 months ago

      Yeah, as long as it’s not Google, it works. The real trick is to find a good email aliasing service (I use Addy.io) so when email are exposed in a data breach you can just turn it off and avoid spam. Also good for when your trying different emails out because you just have to update what the aliases send to.

  • whatiswrongwithyou@lemmy.ml
    link
    fedilink
    arrow-up
    11
    ·
    2 months ago

    Everyone telling you email isn’t private is right.

    Don’t use it for things you don’t want to be public knowledge.

  • Libb@piefed.social
    link
    fedilink
    English
    arrow-up
    5
    ·
    2 months ago

    but truly private AND secure is a must.

    Remember that email is none of that, unless both people use encryption.

    Tuta and Proton both are encrypted, which is great, but the moment you exchange with someone that is not using encryption (aka, the vast majority of people), they’re not anymore.

    I always considered email like sending a good old postcard: something anyone could read without being invited, just by looking at it.

    so I can have control

    Be it Tuta or Proton, or any other commercial offering, you won’t have real control without owning your actual domain name. Owning it means you can change email provider if/when you wand (and if you don’t feel like using your own).

      • Libb@piefed.social
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        2 months ago

        Your purchase it from some registrar.

        I’m from France so it probably won’t be the same as you, it will cost you a small yearly fee. Like, for example I do own the domain ‘thefoolwithapen.com’ (my blog) among a few other domain names. So I can use libb@thefoolwith… with either my own email/hosting or most third-party provider, I don’t have ti use their own name/domain. Sorry for the lack of specificity in my explanations, I’m everything but an expert ;)

        Edit: clarifications

        • snowydroopz@lemmy.worldOP
          link
          fedilink
          arrow-up
          1
          ·
          2 months ago

          Okay so whenever I buy a domain name, I now can use that domain name on any emai regardless of the email provider (google, proton, etc.) Can the domain name be taken away from me somehow?

          • Libb@piefed.social
            link
            fedilink
            English
            arrow-up
            1
            ·
            2 months ago
            1. Depends the email provider, I 'm not sure (quite certain they’re not) all are offering that.
            2. Yes. The moment you stop paying as it will most likely be sold for cheap. One of the oldest domain I owned (from the 90s) and got rid of a few years ago is now used by someone hosting porn… Which is kinda funny. Maybe one can also lose it in a trial? But that would be very specific… Say, you own StarWarsSucksHard.com you won’t probably own it for long the moment Disney’s armies of lawyers focus their attention on you ;)
  • nixFREAK@sopuli.xyz
    link
    fedilink
    arrow-up
    4
    ·
    2 months ago

    Honestly use whatever you want and use pgp, or gnpg. Encrypt all your messages using ecc.

  • flo_l@lemmy.ml
    link
    fedilink
    arrow-up
    3
    ·
    2 months ago

    I’m using Migadu and I’m happy with it. You need your own domain though.

  • Voxel@feddit.uk
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    2 months ago

    TL;DR: Stick with Protonmail. There is, based on what you told us, no reason for you to switch to another provider.

    I wouldn’t recommend Tuta at the time of writing, due the lack of OpenPGP (no, their own EE2E does not act as a solid replacement) and JMAP/IMAP support.

    • thanksforallthefish@literature.cafe
      link
      fedilink
      arrow-up
      1
      ·
      2 months ago

      Hmmm ? Has Proton introduced imap support ? I was going to migrate to them a few years ago until I realised that was missing. Not keen on getting locked into their proprietary app.

      • elkien@lemmy.today
        link
        fedilink
        arrow-up
        3
        ·
        2 months ago

        No it hasn’t, but with the Proton Mail Bridge you can get close, as it creates a local IMAP server that you can use with any email client - it’s far from ideal though and it has plenty of glitches

        • thanksforallthefish@literature.cafe
          link
          fedilink
          arrow-up
          1
          ·
          2 months ago

          Thanks for the response, yeah that is better than nothing, but if OP hasn’t migrated yet then better to choose a provider that isn’t locking them into an apple-esque walled garden. If they decide to stop supporting the bridge then you’re stuck.

          I like proton but they make a few too many weird decisions. I mean imap has been around for a long time, why not use the open standard.

    • snowydroopz@lemmy.worldOP
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      2 months ago

      Take it easy on me with the big boy terms haha, you mind explaining them? Except E2E, I know what end to end encryption is, tho idk if EE2E is another thing or just a typo by you

      Another user said mailcow, thoughts?

      • sakuraba@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        2 months ago

        I think they meant E2EE (End-to-end encryption)

        OpenPGP is an encryption standard

        JMAP/IMAP iirc lets you use other clients like Thunderbird (you won’t be able to use 3rd party clients with proton unless you pay for it so take that into account too)

        • snowydroopz@lemmy.worldOP
          link
          fedilink
          arrow-up
          1
          ·
          2 months ago

          Isn’t PGP what they say to always encrypt any message you send with prior to sending it? Especially on Dread and DNM Bible, never understood how to actually use it though

          • sakuraba@lemmy.ml
            link
            fedilink
            arrow-up
            2
            ·
            2 months ago

            yeah it is used for encryption, in this case mails between proton users can be encrypted using OpenPGP

            i recommend to research a bit yourself on these topics and your use case for privacy in this context. email is not private by design.

  • 64bithero@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    2 months ago

    While there is no way to completely protect your email I am big believer in minimizing vulnerability. It’s somewhat nice to know your email provider at least isn’t reading your direct emails. Most of my correspondence comes from auto reply emails. It’s the same I recommend to people still on Windows or MacOS. Use apps with no telemetry as much as possible. That to me would include email.

  • ShutUpWesley@piefed.zip
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 months ago

    The real answer isn’t don’t use email for private communication. It’s like asking what’s the most private way to shout into a crowded room

  • danhab99@programming.dev
    link
    fedilink
    arrow-up
    1
    arrow-down
    1
    ·
    2 months ago

    I’ve kind of given up on the concept of email as a whole. Nobody emails anymore. Nobody in my family uses email, I’ve never had a friend who emails me, I’m the weirdo for asking for an email address so I can email you a calendar invite because I’m a weirdo for using the calendar…

    Maybe it’s just been my experience but does anyone actually use email? And if so what about everyone else’s security?