Tutanota / Mailbox.org?
-
I have used both. Both are good. Tuta doesn't support people as people said, but I think you'll find that the amount of people you will interact with that can and want to use pgp encrypted email is slim.
The way tuta works is you can send and receive regular email. And when you send it encrypted, the recipient gets a regular email that's says something like"you received a confidential email" (you can edit the text). That person then follows a link in the email and you need to provide them with a password (ideally you provide this password out of band... by text or chat or something... but you can of course just send by regular email).
After they log in, they are basically on a limited web interface to tuta where they can only exchange emails with you (but they can see every email between the two of you in their "inbox).
It's a pretty good system. There is also encrypted calendar and contacts. They have webmail of course and also apps. There's a dedicated calendar app.
Mailbox.org is actually more of a full office suite at this point. The web interface isn't as tight and can be confusing. They can handle your pgp keys or you can do it yourself. You need to decide if you care about trusting someone else with your keys. I actually still have my mailbox.org address because I like the domain. It forwards to my tuta email.
Oh yeah, tuta also allows you to use any of a number of their domains or you can bring your own (pricing may vary). They also have aliasing and catch-all addresses for custom domains.
Both are based in Germany for what it's worth. German privacy laws are pretty strict. For any law enforcement to be granted access to any of your stuff there needs to be a court hearing. They have a warrant canary and transparency report here https://tuta.com/blog/transparency-report .
Also, because tuta is end to end encrypted, all they can release is encrypted data. There's is more of an explanation at rhe bottom of that transparency report post about what can be requested and what data they even have on users. Mailbox.org might have similar policies but I haven't taken the time to find them.
One thing I will note is that tuta has HSTS enabled I believe so if you're behind a corporate firewall that does certificate snooping by way of MITM when you try to access, it won't connect.
Thanks I really appreciate elaborated comments about both. I think I'm going to skip the Tuta encryption for now. While it has a way of keeping it encrypted for the destination, it involves the final user having to click some links in order to open the encrypted mail. I mean...I think most of the people I'd write to would hate having to do extra steps just to see an email I wrote. So I guess I'd have to stick to unencripted, and then the advantage is kinda lost. I'd like a fully encrypted mailbox, yeah, but not at the cost of making it incompatible with any other app or email standards. I guess I didn't have a great experience with Proton apps for Android.
Don't take me wrong, I'd love to have a fully encrypted mailbox, but not by making it all cumbersome.
-
It's not on your list but I've had a Mailfence email for the last couple of years and they've been solid.
You could also use YUNOhost to host your own on a VPS. I had no experience before setting mine up and it was fine. Unlimited email accounts and aliases out of the box, plus you can host other stuff besides, like a website, file server or even a fediverse instance.
I have had a very bad experience with Mailfence where emails from well-known domains do not arrive (no, not even in spam) and I never got any response from their support when I asked for their assistance to receive 2FA codes that I needed. Also, Indeed emails consistently show up in the spam folder, no matter how many times I mark them "not a spam". Sure, I may not be a paying customer but why offer a free tier if you cannot provide a reliable service? This has caused problems for me and if I had known beforehand I would have went somewhere else.
-
Thanks I really appreciate elaborated comments about both. I think I'm going to skip the Tuta encryption for now. While it has a way of keeping it encrypted for the destination, it involves the final user having to click some links in order to open the encrypted mail. I mean...I think most of the people I'd write to would hate having to do extra steps just to see an email I wrote. So I guess I'd have to stick to unencripted, and then the advantage is kinda lost. I'd like a fully encrypted mailbox, yeah, but not at the cost of making it incompatible with any other app or email standards. I guess I didn't have a great experience with Proton apps for Android.
Don't take me wrong, I'd love to have a fully encrypted mailbox, but not by making it all cumbersome.
Well, tuta encrypts at rest as well, meaning the data is encrypted in their storage even when the emails sent and received are not using their secure/confidential encryption.
Realistically, any secure email system with encryption is going to require extra steps by the recipient. Having them click a link and enter a password isn't that cumbersome in my opinion (versus dealing with pgp keys and such)
-
System shared this topic on
