this post was submitted on 17 Jun 2023
40 points (100.0% liked)

Privacy Guides

16855 readers
21 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.


You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...


Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!


This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.


Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don't ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don't repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 2 years ago
MODERATORS
 

Hi All,
I would like to choose a new email provider, where security and privacy of the email is one of my main concerns (nothing to hide, but want to keep my data private, differently than what happens with the major providers). I have read maaany posts and websites guides but I am still confused. I am happy to pay a euro or so /month, so I had reduced my choice to Mailbox, Posteo, Mailfence. The problem is that each of them has some flows that don't let me go ahead with them!
Mailbox: uses PGP, so not straightforward to send encrypted emails (unlike with tutanota) and to have encryption at rest. No mobile app. Alias reuse after 90 days Posteo: no spam folder. ALias reuse after 24 months Mailfence : has no encryption at rest , no mobile app. Not sure about alias reuse

Have you got any comments on the above providers and /or other suggestions (except for Tutanota and Protonmail)? thank you, appreciated!

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 27 points 1 year ago (1 children)

I like Proton Mail. It does have a free tier, but the paid tier is pricier than you suggested in your post.

[–] [email protected] 5 points 1 year ago (1 children)

The free tier is only 500mb, but I've been using it as my primary email for a year and with spam management I'm only at 100mb.

[–] [email protected] 3 points 1 year ago (1 children)

You wrote that 500mb is too small tho. 500mb are enough for me as well for mails.

[–] [email protected] 4 points 1 year ago (1 children)

If I wasn't deleting unnecessary emails, that would run out in about 24 months.

[–] [email protected] 6 points 1 year ago

Well, it's always a good idea to delete unnecessary mails and junk mails

[–] [email protected] 25 points 1 year ago (1 children)

Absolutely can’t recommend the entire proton suite enough. I use mail and drive daily, vpn when needed, and just waiting on calendar and contacts to be developed out a little more.

[–] [email protected] 8 points 1 year ago* (last edited 1 year ago)

I came here to recommend proton, the default quota is too small at 500mb, but if you manage spam etc it's a good app/platform.

I hope they offer an entry plan like with Google One at A$2.50.

[–] [email protected] 16 points 1 year ago (2 children)

Why do you need a mobile app? It's just email, all IMAP clients should work.

I have a mailbox address since years, never use the webui for checking mails, only for changing some settings, I access my mails with Thunderbird on desktop, Fairemail on Android. Both apps have builtin PGP, so you shouldn't care what the provider supports.

The spam filter in mailbox is glorious, never got a spam there.

[–] [email protected] 4 points 1 year ago (1 children)

Well imap isn't encrypted, right? That's why one can or rather needs to run a software with proton called proton bridge to get imap locally

[–] [email protected] 5 points 1 year ago (3 children)

Yes, but for me standards are more important than encryption. I can encrypt mails with pgp, than they are end to end encrypted, imap doesn't matter. I considered proton when I switched to mailbox, but usually I don't send encrypted mails, because the reciepents cant read them, so I wouldn't use the pros of proton.

load more comments (3 replies)
[–] [email protected] 1 points 1 year ago

Thank you. If I have not confused the different email proveiders, with mailbox encryption in transit is always active, while it needs to be activated while at rest. I do not understand why someone would not want their emails to be encrypted even at rest, by the way.

[–] [email protected] 13 points 1 year ago* (last edited 1 year ago)

Protonmail and/or Tutanota, both fit my current needs and works fine for me.

[–] [email protected] 10 points 1 year ago (1 children)

Came here to say tutanota and protonmail. Guess I will leave now...

[–] [email protected] 5 points 1 year ago

I second proton mail. Totally satisfied and really like their calender.

[–] [email protected] 10 points 1 year ago (1 children)

I'm using fastmail.com as my email provider in the USA. They're a small company based out of Australia with global servers. They pride themselves on privacy and security. Been using them for several years now. They're not the cheapest game in town, but they have an impressive feature set. They actually host a domain and web site for me that's included with my mid-tier account fees. I have zero complaints with them.

Even paid accounts with companies like Microsoft, Google, and Yahoo do not guarantee privacy. Yahoo has been known to scan email content for targeted advertising. Discovering that is what actually motivated me to use a paid service.

[–] [email protected] 1 points 1 year ago

I also use 1password and there’s an easy “create masked email” feature where a fastmail marked email is set as the email for a new 1password login… love it!

[–] [email protected] 8 points 1 year ago (2 children)

You can selfhost your own mailserver and you have full control over the data.

[–] [email protected] 7 points 1 year ago (1 children)

I've heard this is becoming increasingly difficult to actually accomplish

[–] [email protected] 2 points 1 year ago

If you have your own domain, give it a shot. If it gives you problems, point your DNS to some other solution.

[–] [email protected] 2 points 1 year ago (3 children)

I have some tech skill and this option looked flat out daunting to me. Then when considering the cost of domain, it looked more expensive than choosing a mail service.

Does anyone know a good guide for own mail server, including getting cheap enough domain?

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago)

10€/year domains are the standard. There are some alternatives like Hostinger which have "free" ones. Managing domain settings can be a pain in the ass a lot of the time. I personally use Cloudflare to manage my DNS settings for ease of use, tho I've heard tgere are privacy concerns with using Cloudflare.

As for the guide, here's one from ChatGPT:

Certainly! Here's a step-by-step guide to setting up a self-hosted and secure email service using Docker containers:

Step 1: Set up a server

  • Choose a server provider or use your own hardware to set up a server with a reliable internet connection.
  • Install a Linux distribution of your choice (e.g., Ubuntu, Debian) on the server.

Step 2: Install Docker and Docker Compose

  • Follow the official Docker documentation to install Docker on your server.
  • Install Docker Compose, which will simplify the management of multiple Docker containers.

Step 3: Acquire a domain name

  • Register a domain name from a domain registrar of your choice (e.g., Namecheap, GoDaddy).
  • Configure the domain's DNS records to point to your server's IP address.

Step 4: Obtain an SSL certificate

  • Use Let's Encrypt to obtain a free SSL certificate for your domain.
  • Follow their documentation to set up Certbot and generate an SSL certificate.

Step 5: Configure DNS records

  • Set up the necessary DNS records for your email service:
    • Create an MX record that points to your server's domain.
    • Create an SPF record to verify your server's authenticity.
    • Add DKIM and DMARC records for additional security (optional but recommended).

Step 6: Set up and configure mail server containers

  • Choose a mail server software to run in Docker (e.g., Postfix, Dovecot).
  • Create a docker-compose.yml file to define the containers and their configurations.
  • Configure the mail server containers with appropriate settings, such as domain name, SSL certificate, and mail storage location.

Step 7: Start the containers

  • Run the docker-compose up -d command to start the containers in detached mode.
  • Verify that the containers are running without any errors by checking the logs.

Step 8: Test the email service

  • Create an email account using the chosen mail server's administration tools.
  • Configure an email client (e.g., Thunderbird, Outlook) to connect to your server using the provided credentials.
  • Send and receive test emails to ensure the service is working correctly.

Step 9: Implement additional security measures

  • Configure firewall rules on your server to allow only necessary ports (e.g., 25 for SMTP, 143 for IMAP).
  • Regularly update the Docker images and containers to ensure you have the latest security patches.
  • Consider enabling additional security features like fail2ban to protect against brute-force attacks.

It's important to note that setting up a secure email service requires a good understanding of server administration and email protocols. It's recommended to consult official documentation and seek professional assistance if needed to ensure proper configuration and security.

[–] [email protected] 2 points 1 year ago
[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

https://mailinabox.email or https://mailcow.email for the server. And then Porkbun.com usually have some domains on sale for a dollar or two.

[–] [email protected] 6 points 1 year ago (4 children)

Why the need for a specific mobile app for Mailbox? I use Mailbox in combination with FariEmail app on Android. It even supports PGP. Couldn't be happier.

load more comments (4 replies)
[–] [email protected] 5 points 1 year ago

I've switched to protonmail and I'm happy with the free plan for mail

[–] [email protected] 4 points 1 year ago (1 children)

I use posteo.net for 10 years now, and I am super happy with them. I don't get spam, and I have never missed an email.

They choose not to use a spam folder system, and I understand their reasoning, and agree with them.

They sometimes get criticized for some other decision (something to do with certificates, if I remember correctly), but after reading their reasoning, I agree with them.

In my experience, they have now real downside, and I recommend them to everyone I know when they come to me with email problems.

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago) (1 children)

Keep in mind posteo.net does not have DMARC which means anyone can spoof an email @posteo domain.

All of the other providers have this. Mailing lists can be used with DMARC.

[–] [email protected] 1 points 1 year ago

Thank you for pointing this out. I am no way expert but trying to study and understand. I then found other negative comments regarding the lack of DMARC, while on posteo website they say: "We have a DMARC "none" policy for Posteo email domain names, since DMARC is currently not recommended for mailbox providers. Outbound DMARC policies are primarily "best-suited for transactional emails and semi-transactional emails" (dmarc-org FAQ). At the present, DMARC has implications which do not meet customers' individual use of email." link

The dmarc-org FAQ is interesting too. I understand that Posteo publishes thier DMARC record, if I am not wrong

I would appreciate your opinion, you seem competent! Thank you

[–] [email protected] 3 points 1 year ago (1 children)

I've been using protonmail for a while and it works great for me, that said i'd go with tutanota if i could start over. They have a linux app and their android app is on fdroid, which for some reason proton refuses to do

[–] [email protected] 1 points 1 year ago (2 children)

Pretty sure the protonmail app is on fdroid

[–] [email protected] 2 points 1 year ago

No it's not, only Proton VPN

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

It's on izzyondroid, not fdroid proper, and as i understand the Proton devs weren't the ones who put it there. Ideally they would put it on fdroid proper, or failing that host their own repo, rather than relying on the community to copy it to izzyondroid. It's often behind the play store version as well, which is an issue for security

[–] [email protected] 3 points 1 year ago

I know that feeling i also tried most , iam atm with Proton mail for secure stuff and Microsoft email for general but the spam protection on microsoft Absolutely SUCKS.

searching too a paid provider.

[–] [email protected] 3 points 1 year ago

I'm currently using skiff, I don't know if it suits you or not.

  • Modern Interface
  • E2EE
  • Aliases available (can send messages using aliases)
  • 10gb of storage
  • Has a mobile application
[–] [email protected] 2 points 1 year ago (2 children)

I've been on Soverin.net for a while.

load more comments (2 replies)
[–] [email protected] 2 points 1 year ago (1 children)

PGP is great. If you learn how to use it on your own device, it doesn't matter what host you use. If you post your OS, I'll can point you to instructions on setting it up locally.

You're never going to get the bulk of senders (library, town council, your aging parents) to encrypt their mail to you. Can you make peace with that?

It is important to find a host that has a funding model based on subscriptions instead of monetizing users.

My recommendation is find a host with a good subscription model and in a county that respects user privacy. I like KolabNow in Switzerland.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

Thank you. I had come across KolabNow, I will look into it again. I have never used PGP and it does not seem a smooth mechanism to me, as I am used to encrypt emails with password. Maybe I am wrong ... PS: I am onWindows

[–] [email protected] 2 points 1 year ago (2 children)

Oh, it is not a smooth mechanism at all. If it were, everyone would use it. Google started to develop a browser extension some years ago to make key management and encrypting easier but it was abandoned because it would inhibit their ability to do targeted advertising.

Here is a link to set up PGP on Windows.

Thunderbird has PGP built in and it's pretty seamless once it's set up.

[–] [email protected] 1 points 1 year ago (1 children)

Google developed that!? Or has it been an extension for google mail rather?

[–] [email protected] 2 points 1 year ago

I'm not surprised they got rid of it.

Link to their blog announcing it.

load more comments (1 replies)
[–] [email protected] 2 points 1 year ago

i have found this to be a useful comparison. they stress that the results are not necessarily in order - but everyone has their own desires, and it's easy to hold them up against this summary

https://restoreprivacy.com/email/secure/

[–] [email protected] 2 points 1 year ago

Not specifically privacy focused, but i've been super happy with https://purelymail.com.

I'm sure it isn't at the level of proton or the like, but it works well and cheap.

[–] [email protected] 2 points 1 year ago

Still haven't found the perfect email service provider but Mailfence has worked for me. It's easy to set it up with a mail client or use PWA, and I feel its calendar function is overall more robust than the competitors. Service and troubleshooting has also been timely and good for me. Not the most user friendly but best balance of everything in my opinion.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

I used this guide when setting up my self hosted email: https://workaround.org/ispmail/buster/big-picture/

I also added in Ciphermail for email encryption and it's been almost hands off ever since.

Granted, there were quite a few things to digest until things were working as I wanted.

load more comments
view more: next ›