Hello,
I am thinking on which email provider to use as an alternative for Gmail.
I don’t expect E2EE because I know nobody who uses either Tutanota or Proton Mail personally. I just want an alternative to Gmail, where I can message people I know who use Gmail securely.
EDIT: I have chosen my email provider as Proton Mail because I can send encrypted emails not only to people using Proton Mail, but to people who don’t too, which I feel is better.
It depends on what you need and what the other side has. It is true you can use PGP encryption with proton, yet not with tutanota. However, how many of your friends use PGP? You could also host yourself? This said, on both tutanota and proton you can set a password to encrypt to none tutanota/proton users. Both services are excellent, both lack imap or pop3. Yes proton can do this with a bridge on desktop, but has google services on android where only the app works. Tutanota does that without Google services.
The big question is, what are you looking for? Just a Gmail replacement or PGP capable email. If it’s just for a Gmail replacement have also a look to skiff.com.
Came here to say that I have been using tutanota for years now and it works very well.
It does fit the use case of encrypted emails to people who don’t use tutanota. How it works is they will receive an unencrypted email letting them know they have an encrypted email waiting for them, along with a secure link to an https encrypted, password protected web interface with inbox and outbox.
Just wanted to point this out for anyone else evaluating privacy focused email providers.
If the recipient of my mail uses a OpenPGP-compatible client (say, Apple Mail or Thunderbird), then they should be able to receive encrypted mails if they set it up correctly.
True.
Then with Proton (idk about tutanota) you should be able to mail E2EE with them, since you can import their Public Keys into Proton. It’s not just “E2EE Proton2Proton”, since Proton uses PGP, you can safely mail E2EE with anyone using PGP.
The wiki lays it out pretty well. Since you’re interacting with normal people all your emails are both sent and received in the clear and can be read by your email provider and your counterparties email provider.
As far as Google alternatives go fast mail which isn’t an encrypted email service is a reasonable alternative that lots of people enjoy.
The big difference between proton and Tutanota is what is encrypted at rest.
Proton does not encrypt subject lines to and from lines at rest. So that means they can always inspect who sent you mail and what the subject was. The benefit of this is indexing as fast and you can use their search quickly.
Tutanota does encrypt everything at rest. So nothing is readable including subject to and from lines. Except by your client with the correct key. You can search your email locally but you have to maintain a large cache of your email if you want to search all of it.
As far as encrypted email goes it’s great, but only for encryption at rest, if it’s caught in live transmission then the data’s compromised. But it’s definitely better than leaving the data open on some server. So the choice is yours
Please consider at least a low cost service, it really raises the quality of the service a lot if it’s even $1 a month like Posteo or $2 like Migadu. You get a lot of genuinely useful features (unlike super-hyped services like Proton) and it removes any incentive to exploit or upsell you.
Personally I use Proton for my mail needs but then Tutanota for my calendar. Perhaps something you could consider so your Tutanota account doesn’t get deleted.
If by ”backup” you mean “infrequently used”, be careful about using Tutanota for that purpose - it will delete free accounts after 6 months of inactivity.
Since we’re on a privacy forum I want to point out that if you’re not paying for a product you are not the customer you are a product. If you want to make privacy alternatives to Google viable you should consider financially supporting them .
This brings up a good point I hadn’t thought of mentioning before. You should really use your own custom domain name for email. That makes migrating the different services much easier and you don’t have to change your email address with your friends. Your own domain usually requires a paid service one for the domain registrar itself, and the mail provider. All the services we talked about today charge money for custom domains but it’s worth it
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !privacyguides@lemmy.one
In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.
This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.
You can subscribe to this community from any Kbin or Lemmy instance:
Check out our website at privacyguides.org before asking your questions here. We’ve tried answering the common questions and recommendations there!
Want to get involved? The website is open-source on GitHub, and your help would be appreciated!
This community is the “official” Privacy Guides community on Lemmy, which can be verified here. Other “Privacy Guides” communities on other Lemmy servers are not moderated by this team or associated with the website.
Moderation Rules:
We prefer posting about open-source software whenever possible.
No soliciting engagement: Don’t ask for upvotes, follows, etc.
Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
Be civil, no violence, hate speech. Assume people here are posting in good faith.
Don’t repost topics which have already been covered here.
News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
No help vampires: This is not a tech support subreddit, don’t abuse our community’s willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
No misinformation: Extraordinary claims must be matched with evidence.
Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.
I use Tutanota instead of Proton Mail.
I prefer ProtonMail for a few reasons:
It depends on what you need and what the other side has. It is true you can use PGP encryption with proton, yet not with tutanota. However, how many of your friends use PGP? You could also host yourself? This said, on both tutanota and proton you can set a password to encrypt to none tutanota/proton users. Both services are excellent, both lack imap or pop3. Yes proton can do this with a bridge on desktop, but has google services on android where only the app works. Tutanota does that without Google services.
The big question is, what are you looking for? Just a Gmail replacement or PGP capable email. If it’s just for a Gmail replacement have also a look to skiff.com.
I see you’ve more or less chosen proton.
Came here to say that I have been using tutanota for years now and it works very well.
It does fit the use case of encrypted emails to people who don’t use tutanota. How it works is they will receive an unencrypted email letting them know they have an encrypted email waiting for them, along with a secure link to an https encrypted, password protected web interface with inbox and outbox.
Just wanted to point this out for anyone else evaluating privacy focused email providers.
Tutanota does the same for e2ee, don’t know why OP didn’t mention that.
Yes, I’m aware of that, however, I don’t think sending a password-protected email requiring you to go to another website that user-friendly.
Anyways, I’m still thinking on what email service to use.
It’s not too bad. Pretty standard with like anyone who needs to communicate securely like banks and insurance.
compared to gmail, both are more then viable options and it depends on personal preferences. Personally I chose Proton and I am very happy with it.
don’t know how that should work, but ok…
If the recipient of my mail uses a OpenPGP-compatible client (say, Apple Mail or Thunderbird), then they should be able to receive encrypted mails if they set it up correctly.
True.
Then with Proton (idk about tutanota) you should be able to mail E2EE with them, since you can import their Public Keys into Proton. It’s not just “E2EE Proton2Proton”, since Proton uses PGP, you can safely mail E2EE with anyone using PGP.
https://www.privacyguides.org/en/email/
The wiki lays it out pretty well. Since you’re interacting with normal people all your emails are both sent and received in the clear and can be read by your email provider and your counterparties email provider.
As far as Google alternatives go fast mail which isn’t an encrypted email service is a reasonable alternative that lots of people enjoy.
The big difference between proton and Tutanota is what is encrypted at rest.
Proton does not encrypt subject lines to and from lines at rest. So that means they can always inspect who sent you mail and what the subject was. The benefit of this is indexing as fast and you can use their search quickly.
Tutanota does encrypt everything at rest. So nothing is readable including subject to and from lines. Except by your client with the correct key. You can search your email locally but you have to maintain a large cache of your email if you want to search all of it.
As far as encrypted email goes it’s great, but only for encryption at rest, if it’s caught in live transmission then the data’s compromised. But it’s definitely better than leaving the data open on some server. So the choice is yours
Thanks for the link!
It seems that Proton Mail is better for my use case. I’ll keep my Tutanota account as a backup then.
I am not willing to pay for a service atm
Please consider at least a low cost service, it really raises the quality of the service a lot if it’s even $1 a month like Posteo or $2 like Migadu. You get a lot of genuinely useful features (unlike super-hyped services like Proton) and it removes any incentive to exploit or upsell you.
Personally I use Proton for my mail needs but then Tutanota for my calendar. Perhaps something you could consider so your Tutanota account doesn’t get deleted.
If by ”backup” you mean “infrequently used”, be careful about using Tutanota for that purpose - it will delete free accounts after 6 months of inactivity.
Since we’re on a privacy forum I want to point out that if you’re not paying for a product you are not the customer you are a product. If you want to make privacy alternatives to Google viable you should consider financially supporting them .
This brings up a good point I hadn’t thought of mentioning before. You should really use your own custom domain name for email. That makes migrating the different services much easier and you don’t have to change your email address with your friends. Your own domain usually requires a paid service one for the domain registrar itself, and the mail provider. All the services we talked about today charge money for custom domains but it’s worth it
deleted by creator
No, Tutanota does not use PGP
https://tutanota.com/blog/posts/innovative-encryption/
They go into detail here, but because they want to encrypt subject line to and from they do not use PGP.
If you want to have encrypted communication with somebody you should not use email. You should use something else like signal