Have been using Protonmail but have also heard bad things over time...looking to make a move.
Also Proton since I use the VPN / Domain service. The issues with Proton for me mostly boil down to their marketing and pricing. The bad things to do with logging were something they were ordered to do by their local jurisdiction (unavoidable) so I just consider it as them acting on good faith.
Posteo is almost perfect. It's cheap, can be bought anonymously, runs on other email clients, but they lack a DMARC policy. They don't log IP addresses at all but your mailbox can be intercepted if they receive an order to.
reply
I use protonmail as well. I heard some people like Tutanota.
reply
I used Tutanota before Proton, however they were hit with a DDoS attack during a time I was using it for important government-related services and I was unable to file forms.
It's been a couple years since that incident, but I think they're a great service past that. I learned not to use it for anything too important though...
reply
Encrypted email is a scam. Unless you only email with other encrypted email providers... Most of the time, we don't.
The better solution, for security, is to use an email provider that is not centralized so that no outside authority can demand metadata and mail.
reply
Don't most mail providers use TLS encryption at least? Yes, this means your mail provider can read your mails but ...
That's also the case if you have a conversation with someone from another provider afaict.
For example, if a non-Proton user sends a mail to a Proton user, it also uses TLS but the mail is stored using "zero-access encryption". But if you send a message to them, it uses TLS encryption so their mail provider can read your mail:

Emails from Proton Mail users to non-Proton Mail users

  • End-to-end encrypted if the Password-protected Emails feature is selected.
  • Otherwise encrypted with TLS if the non-Proton Mail mail server supports it (most providers such as Gmail, Yahoo, Hotmail, etc, support TLS). Note, since these messages are encrypted but not end-to-end encrypted, Gmail, Yahoo, Hotmail, etc will be able to read these messages and hand them over. This is not possible if you use Password-protected Emails, which enable Proton Mail’s end-to-end encryption.
So I think using SMTP for confidential data is just a lost battle.
Use other services.
reply
Encrypted email is essentially harm-reductive. This is why when choosing a provider I just consider what the provider would do with my information rather than concerns about the email system itself. I have a big issue with Proton's marketing because of that, the way they explain it makes it appear like a perfect system when in fact you need to read in the lines or on privacy policies / support articles.
These posts, while focused on PGP (another annoying system I wish I could use less), It makes a lot of the points and problems 'encrypted' email providers have.
reply
100 sats \ 1 reply \ @ek 24 Jun 2023
LARP security
lol, but well said. "Encrypted mail services" give a false sense of security.
I think everyone using these mail services (and even paying for them) should read these articles
reply
I like to believe LARP security also boils down to having security that only exists to be shown off rather than having any major benefit. Kind of like Proton's entire "THE SECURE EMAIL™ BASED IN SWITZERLAND™" marketing shtick, and with PGP users showing off their keys everywhere.
As a customer, they're better as an alternative or ethical service - It's the closest bridge to mainstream email service that isn't completely piled on Google or Microsoft.
reply
Thanks for the articles!
reply
I have accounts at Protonmail and Tutanota. I like Tutanota better, but the only way to access it is via their app or website. You can't use a third party. There are ways of using a third party app for Protonmail, but it also isn't the most ideal way. Nice thing about Protonmail is that it is PGP, which is compatible with other PGP email services. Tutanota is probably better encryption (subject lines are encrypted too), but less compatible unless you are communicating solely with other Tutanota users.
Both services allow you to send an encrypted email that is password protected to anyone. They click on the link and type in the password you gave them. Tutanota's implementation of this is much nicer IMO as it allows both parties to see a thread of the conversation.
Mailfence is around PGP implementation that is free to try out.
The email service that I use the most actually is Fastmail. I know it gets a bad rep for an encrypted service since PGP is offered directly. But, since encrypted services are only good if you are only emailing other encrypted (and compatible) services, most of the emails I'd send with Proton or Tutanota anyway would end up on someone's Gmail account.
If I really need to send a PGP encrypted message I just use a separate GPG program and paste it into a message that I send on Fastmail. Fastmail has a blog post about this here: https://www.fastmail.com/blog/why-we-dont-offer-pgp/
Main cool feature of Fastmail is how you can create on-the-fly aliases. Let's same my email domain is example.com.
I'm on the phone with a landscaping service and they ask for an email address. The name of the company is Green Landscaping so I tell them that my email is greenlandscaping@example.com. They can send an email to that without me having to do anything and I can reply back using that email or send an email from that address as well. So rather than organizing emails by sender, I've started filtering to folders based on the address that the incoming email is being sent to. I've switched away from Gmail over 2 years ago and haven't looked back. It has been so refreshing.
But, if you are emailing friends or family and can convince them to use an end-to-end encrypted service, then Proton, Tutanota, or Mailfence would be your best bet! Posteo would be a good one too, but I don't have as much experience with that one.
reply
Proton Mail and its VPN is great too.
reply
Email is not a private technology and simply needs to go the way of the fax. I use Startmail, however if you want the most private way, you need to sovereignly run your own Matrix server.
reply
https://federated.computer. It's your own server. 100% private. From the same people who invented node.js.
reply
I like these services, the only thing is they are not sovereign.
reply
What bad things you heard about Proton?
reply
There's so much wrong with it, you're better off just getting a server, make it actually encrypted and then, when you do send e-mails, encrypt them, because what they sell you is safety, but that only happens if you send e-mail to other proton addresses, everything else you need to use a encryption key (just like @aoeu explained) and make sure the other side is willing to do it, for registration on websites, e-mails from companies and so on, they'll have them in 'plain text' on their end, so if they do get hacked for example, and get access to any e-mail accounts, they'll see that you're a user there and can track you back on the website itself (generally speaking, of course).
reply
deleted by author
reply
Outlook is great