Hey all, I've been taking my digital privacy and security much more seriously this year, but the one thing I've been stuck on and feels overwhelming to me is email. So I wanted to know what do you guys use or what practices do you follow? Do you keep a separate email or alias for every single account, or just compartmentalize, like one email address for online shopping, one for business, one personal correspondence, and etc.
What services do you use? Right now I have a free Tutanota and ProtonMail account but haven't decided which one to pay for, if either. ProtonMail makes me iffy with the amount of controversy and debate that has come out of them in recent years even though it comes with a lot of other nice stuff like cloud storage and a vpn. Tutanota I just dislike the fact I can't add it to third party mail apps like Thunderbird, but this might not be a deal breaker. I know there are others, so what do you guys use? I don't need something to protect my emails from the NSA or organizations like that but definitely something more private and secure than gmail. Thanks.
I'm not aware of the controversies regarding ProtonMail, yet they're my main email provider. I have one main email for everything, and an alias for public-facing email. ProtonMail has a free service called SimpleLogin that allows you to create on-the-spot email for a specific service (even comes with a browser extension). I don't have anything else regarding emails, those two services really cover all my bases.
I'd be interested to know which controversies you're referring to though?
Probably referring to these reports:
I think OP is going to have a tough time finding an email provider which won't comply with court orders
There is always the option of setting up your own e-mail server. Have been using “docker mail server” for testing purposes and it’s relatively easy to setup locally.
Haven’t deployed it to a server yet though.
I set up my own email server and it's hard, postfix was born in hell, fortunately there are guides to help.
Since email is federated, you need to comply with the biggest players to be accepted, but the requirements aren't that bad. Sometimes hard to find every specific though, like having a domain older than 2 weeks.
I'm dating myself but I used to run qmail on FreeBSD and loved it. When I switched to Linux postfix config and documentation confused me forever and I gave up. FreeBSD docs were so much better at the time. 😬
That's all fine and dandy until your IP address and/or email address gets blacklisted. Hosting the server is the easy part. Properly dealing with anti-spam measures so you don't get flagged as a spammer or scammer is the hard part. And before you think that's unlikely, one of the ways of getting flagged is to run an email service on a consumer ISP network (e.g. comcast).
Most if not all ISPs block the common ports for this reason. So it’s a given to host on bare metal servee with dedicated IP.
But if you are only sending and receiving for yourself, does it really matter? Might matter if you send bulk emails or manage an email dist. But for personal usage, I don’t think deliverability would be an issue
Fine, don't believe someone that's done it before. Google "why you shouldn't host your own email server" and research before you say anything else.
Receiving mail doesn't usually seem to be that difficult, sending mail tends to be the challenge. So if you only care about receiving mail it may be easier.
I tried it a few years ago and it was fine until some asshole impersonated my domain and a major spamlist decided to hate my guts. I'm not a professional email admin so updating to the latest and greatest standards wasn't easy. At least at the time. If you're okay with bounces and silently undelivered mail it's probably fine. It's probably also a lot easier nowadays with scripts and easy how-to guides about how to setup the domain authorization. But my experience really turned me off of the "hey it's fun to run a mail server" thing. Particularly after Google and others came out with the ability to just use Gmail with your own domain.
Ah, that sucks. Have been wanting to try hosting my own email at some point but this has got me scared. Will have to do my research beforehand for sure
Cool, have been wanting to setup an email server with docker, but mainly for fun/learning and not really to use as a serious email provider. I've heard in most cases it's more trouble than it's worth and most of the time your emails won't even be received by the major providers.
Helm used to be one such service. They hosted the IP address and smtp gateway, but you hosted the actual email server. They had no data to hand over; it was in your home. Unfortunately, their service went offline last year.
Mainly the reports @malloc was referring and other things about them misrepresenting how anonymous their email service actually is. Not that I need a totally anonymous email service or need to hide from the government, it just has given me second thoughts about going for them.
Are you satisfied with ProtonMail, do you use their other stuff like cloud storage and the VPN? Do you think it's worth the extra cost? The VPN has also drawn me to them because I need a VPN that supports port forwarding. Thanks.