Hello all,
I’m looking to switch over to move privacy focused setup, so far i have a VPN, and will be making other changes. Is there any email providers that you know respect privacy, or how one would do this?
Another recommendation for Proton Mail. As others have said I’d recommend getting your own domain for email so you can always migrate providers without having to change your email address.
Another plus one for Proton with your own domain.
Self hosting sounds good, but it’s fraught with mines that if you don’t know what you’re doing can take from “can’t send email because my domains been back listed” to “everything in my network is now sending spam to the entire world”. Sure, many folks self hosting sounds with no issues, but the price for configuring something wrong can be steep and IMO is just not worth the trouble and risks when there are good options for encrypted, privacy protecting email services for a reasonable price.
I use mailbox.org and I manage my own PGP keys. You can also encrypt your whole inbox with your key. To access your inbox, then, you will either have to use something like Thunderbird or give your private key to mailbox.org. And yes, I recommend using your own domain. Also, there is no free-tier.
https://www.privacyguides.org/en/email/#recommended-providers
Plus your own domain
why using my own domain?
With your own domain, you can always change email providers without changing your address.
You can get a catch all address so you can have many many many many different addresses you can use. Which is helpful for privacy. Siloing each service into its own email address. It gives you optionality
someone offered a service here to just host my own. im in the process of doing that.
SimpleLogin lets you create email aliases, kind of in between self-hosting and using a provider.
An advantage of Tuta and Proton is, that there is a basic free tier. Your Mail is a center-point of your online activity. Hoping it to never happen, if you ever can’t afford the (cheap) price, you won’t lose access to your mail. Which would suck, for all accounts linked to it.
Posteo was the winner when I last looked over the alternatives, although I haven’t switched yet. Tuta, mailbox.org and Runbox were runners up.
Various reasons (mostly price, provider getting blocked too much, and being in the USA) led to a hard “no” for CounterMail, Soverin, Mailfence, StartMail, Fastmail, Proton, RiseUp, Hushmail, Skiff and Mail.com.
It’s likely you don’t need a VPN. You’re putting a lot of trust in that company; make sure it’s well founded. I just use my ISP for normal stuff, then when I want to surf under the radar for one reason or another I open up Tor.
thanks. i might do self hosted email as recommend to me above. i use mullivad as my VPN provider. The only other things i need are secure comms but there’s no one i really talk to so that’s not really an issue atm
I use Posteo. Their privacy policy seems to be more sane than the others, with riseup and disroot coming in first and second, but I’d rather not use email providers that present themselves as a “safe” place for activists and journalists.
Plus one for posteo. I’ve used them for several years now and have had no issues
Use end-to-end encrypted email if the people you’re emailing are willing to set that up (not hard, but a lot of people have learned helplessness when it comes to tech), and/or you could host your own email. I don’t think there’s much point to looking for an email provider that “respects privacy” because that’s simply working on a pinkie promise that they don’t read your unencrypted emails. I suppose it’s better if they claim they don’t read your emails, than if they don’t make that claim at all, but beyond that I don’t think it matters with external email providers.
yeah, im hoping thoese who i talk to will use E2EE email, but i’ll be using it mostly for personal stuff. The last two things is a browser, and phone, but the last one might be impossible.
You mean getting a privacy-respecting phone? You could get a Pixel with GrapheneOS as one of the most popular options. There are also a number of OSes and phone manufacturers competing in the privacy-concerned market you could look into. Note that privacy is not the same thing as security, and for security, GrapheneOS is the clear winner.
Yes, i am aware security and privacy are different. I want privacy. A cellphone is not going to fix that, but i really have no choice in that matter because i do need access to a phoneline 24/7 due to having children(call from the school). Ideally i would be using a phone without stock android or no android at all, and running a mobile linux distro, and using a voip provider on WIFI only.
Linux phones definitely are a thing, but depending on your threat model, they may not be enough. There isn’t a smartphone which is 100% open-source from all hardware, to firmware, to software. But there’s a variety of phones that are known to run Linux. The Google Pixel 3a is known for working very well with Ubuntu Touch. There’s also the PinePhone, Purism phones, and there will be others too that support “desktop Linux” (specified for pedantry, since Android is also a type of Linux I guess).
You also don’t need a smartphone. They do still sell “dumb mobile phones” that just do SMS and phone calls; I’ve bought some recently. You can get them for really cheap too, like in the range of 20 USD/EUR kind of price. I don’t think that particularly contributes to privacy since these phones are also proprietary and easily backdoored, but I suppose then it’s missing out on much of the spyware that smartphones have installed as software. If it’s location data you’re worried about, sticking it in a faraday cage should be good enough, but if you need to receive unexpected calls that won’t work. If you’re paranoid about the mic recording, while I think that would be an unlikely and unfeasible way of spying, you could also physically block that by putting the phone in something soundproof, but again you’d need some way to hear that the phone is ringing. For camera paranoia just tape over the camera.
yeah. its a tough situation, because if i didn’t need to have a phone while out, id just use VOIP from my laptop. I think there’s a level a privacy where i have to admit i have no control over due to life decisions.
Migadu is a decent option if you don’t want to self-host.
Wondering why nobody is talking about StartMail. StartMail provides encrypted email services, including PGP encryption for secure communication, and the option to send password-protected emails to non-users. It also offers unlimited disposable email aliases to protect your primary email address and avoids tracking or profiling users.
Posteo is 1 dollar a Month. Its legit.
I was lucky to find https://purelymail.com/ which fit my budget and needs - primarily supporting multiple domains for my family and personal projects without extra costs.
Self-hosted if you have the skills for
PS: I don’t know your needs but emails are inherently insecure, if possibly avoid it