Are there any private email services

  • @Platform27@lemmy.mlEnglish
    1911 months ago

    Tutanota and Proton are often recommended services. I personally prefer Tutanota, and their encryption. Though, Proton has a nice suite of services, that is worth looking into. Namely their VPN and Drive…

      • @Platform27@lemmy.mlEnglish
        111 months ago

        Tutanota also encrypts email folder and labels names. Last time I checked, Proton does not.

          • @Platform27@lemmy.mlEnglish
            211 months ago

            Yes, that’s my bad, with Labels. I never really use them, and wrote it without thinking. I do not have a source for my folder claim. I was told this several years ago, by support, when I was enquiring about their service, for business use. It was one of my many questions. While the end user seems their folder name, Tutanota sees a random identifier.

  • Chemical Wonka
    1511 months ago

    E-mail is not a private service by default. You can “try” to mitigate some privacy flaws using PGP for example but PGP is not widespread to be something useful.

    • @kostel_thecreed@lemmy.ca
      211 months ago

      Weird. Support was top tier when I had issues. I also own a business account for 30-35 people, and the issues we get are easily resolved by Tutanota. You most likely got a bad rep.

  • PropaGandalf
    911 months ago

    I went with tutanota and I’m liking it so far. However I’m fully aware that email not intended for secure infirmation exchange at all.

  • @thatsnothowyoudoit@lemmy.ca
    911 months ago

    The only way to ensure privacy is something like PGP. Encrypt before you send. Heck you could even encrypt before you put the contents into a message body.

    With self hosted, the messages themselves aren’t encrypted at rest and they are clear text between hops even if those hops support TLS in transit.

    Ultimately the right answer for you will hinge on what your definition and level of privacy is.

    • @Eufalconimorph@discuss.tchncs.de
      611 months ago

      Note that PGP only encrypts the body, not the subject, sender, or recipient. So it’s only partial encryption and not very private compared to modern messaging services like Matrix. This is a fundamental limitation of email. It’s “Pretty Good Privacy”, not “Very Good Privacy”.

  • lckdscl [they/them]English
    711 months ago

    What’s your threat level?

    There’s no such thing as fully private. For that, encryption where you control your keys is the way to go. If you’re really paranoid then Disroot or Riseup. If you like to be able to use any clients then don’t go with Proton or Tutanota. There are a lot of paid mail services, whatever you go with, you just have to read the privacy policy and know what your threat level is. Just purely paying for the services may make you feel better about your privacy but that’s not always the case. If you do something the authority doesn’t like, the provider gets hit with a subpoena and can hand you over. But again, encryption encryption.

    This resource may help you, although the author is pretty paranoid and I don’t agree with a lot of their views or writing style, but I think this might be the most comprehensive list for email providers.

    • @jhulten@infosec.pub
      211 months ago

      This is important. Without a threat model, recommendations will always be generic. Are you important enough for the NSA to dedicate resources too? You’re screwed.

    • @Potatos_are_not_friends@lemmy.world
      411 months ago

      I’d strongly recommend against self hosted email.

      Has a team of engineers to manage emails and the company finally gave up and switched to AWS because of constantly deliverability issues. I think the commercial companies won that war.

      • Norgur
        111 months ago

        Depends what you do with it. The average private person might never notice issues.