What's your e-mail provider?

[Guest]

I'm using mailbox myself, tho I am curious if any of you have any mail providers that do let you use your own domain, I have used posteo before, it was nice but the fact I couldn't use my own domain is a let down, and I did read the FAQ their point with the fact domains are registered with your information is a very good point, except I have paid for privacybyproxy so the public can't see any info on my domain and if the government do ask for my domain, it's all fake info that isn't real and the paypal is also set off-shore and doesn't belong to me or is linked to me in any way, so therefore the reasoning may not be that good but I can definitely understand it still tho if someone wants privacy enough(me) they will DEFINITELY find a way.

[cm0s 118]

went back to hushmail happy with the company and have had no problems.

little expensive but can live with it.

[NecroKatze 1]

I am an avid user of Countermail and can highly recommend it!

 

The only downside is that it is java based for the sake of encryption and web based only. This makes it not very handy, but very secure if you value that a bit more like I do.

[Kolomansell 0]

So no opinions kolabnow.com? I was using their service for about a year and so far no problems with them. Fortunately I cant say anything about privacy there... Im a "normal" user so  (I hope) no privacy/security violating entities have had interest in my account.

 

Posteo.de - 1Euro/month looks really good against cca 5E in kolabnow.  But is it really worth it from privacy perspective? I heard some contradictive stuff about germany and their collaboration with privacy violating countries (I mean US and UK).

[nitehawk 4]

ghostmail.com

 

Sign up to secure encrypted GhostMail and enjoy instant free and secure email, chat & storage. No downloads needed.

GhostMail is your new secure email, chat and storage platform, with features like self-destructing emails and two factor login.

GhostMail is also perfect as your encrypted collaboration platform.

 

inbox.lv

• 20 GB
• Anti-Virus and Anti-Spam
• Free SMS notifications

and gmail.com

speaks for itself

[snapz 37]

I followed this treat since the beginning and i, thanks to the positive reactions here, signed up with Posteo since oct. last year.

Concerning security and the settings in general i love it.

[itguy2017 25]

Somewhat old thread, figured I would comment..

 

Protonmail = Seems good, team seems effective. Only thing I worry about is Unit8200 handling their DDOS protection. (shrug)

Hushmail = Immediately caves to govt. demands and has given up users.

Ghostmail = Closing down.

Lavaboom = Gone.

Mutemail = Gone.

RiseUP! = Their server cluster was compromised a few years ago. (physical access by NSA? Speculation)

 

Startmail is excellent and secure but not cheap.

Tutanota is good, responsible and seemingly secure.

Fastmail is nice, cheap, not overly secure but good general box.

Countermail looks good. I used them for awhile.

4Secured Email is decent, I used them for a bit.

Neomailbox is nice but support is terrible.

Posteo.de no experience with them but I hear they are good.

Runbox is ok, but not super secure. You can have them 'block' backups of your data making it a little more secure (ticket for support)

Kolab, no experience but good reviews

Cryptoheaven, good service and good support.

Zoho, Snowden's dump showed NSA complained about not being able to hack Zoho.

Securenym, no idea, website is trash but it's come up in discussions.

Safe-Mail, no idea. Vague cheap website causes me concern.

Keptprivate, no idea. Based in US but claims no logging/cookies. (shrug)

Novo-Ordo, bad website. Never tried it due to vague specifics on website.

 

Anyone else have any newer ones to add?

[air_is_nice 3]

You're atleast missing the following email providers:

 

- scryptmail.com

- mailfence.com

- mailbox.org

[itguy2017 25]

You're atleast missing the following email providers:

 

- scryptmail.com

- mailfence.com

- mailbox.org

 

Thanks. Scryptmail looks interesting. Poor guy, it's like Sergei vs the Goliath. DDOS attacks, etc.

 

Interesting how he mentions not wanting to use third party DDOS protection so traffic isn't compromised. I personally believe Proton Mail was deliberately targeted specifically for the reason to get them to sign up with RADWARE. So they get hit with a huge DDOS, Radware steps in and offers a free/cheap 'solution'? Yeah. that's the work of the intelligence groups. So Proton Mail is proxied by RADWARE, which was founded by Unit8200. RADWARE also does malware/riskware through their RADYOO division. All of this really means we probably should re-evaluate any trust we have in Protonmail.

 

I've pretty much decided to stick with Fastmail, Tutanota, Startmail.

[OpenSourcerer 1359]

Somewhat old thread, figured I would comment..

 

This thread can never be old, we collect names and experience reports here.

 

To all readers, feel free to post more names, stories and news!

[me.moo@posteo.me 80]

Posteo, ever since @giganerd mentioned it ages ago

+ gmail - brill spam filter!

[itguy2017 25]

 

Posteo, ever since @giganerd mentioned it ages ago

+ gmail - brill spam filter!

Thanks. I am checking out Posteo as an alternative to my 'junk' email account at Fastmail. However, one thing that concerns me, they actually limit password strength. Fastmail does not.

 

For example my Fastmail Password may look like this: *Bu^Vy7QmR?cF@gCa${cshHrvgL@2Nw#~-VL{tdjKc}{}Tpp{j  (50 char)  Posteo makes me remove most of the symbols and constrain it to letters and numbers, with only the prime symbols (!@#$%^&*).  This seems like a strange security limitation to me as the ease of brute force type compromises is far less when only prime symbols/letters/numbers are permitted. Maybe something to consider?

[OpenSourcerer 1359]

This seems like a strange security limitation to me as the ease of brute force type compromises is far less when only prime symbols/letters/numbers are permitted. Maybe something to consider?

 

Doesn't matter much, the password is stored hashed and salted. A brute force attack would take years against a hash. This should be standard but sadly is not.

[pr1v 36]

I also use Posteo even before giganerd posted about them, but I miss a non-javascript option in the webmail too.

[BetterCallSaulVPN 0]

protonmail for all my more confidential stuff (gmail for my normie stuff  , but tbh I should probably move elsewhere). Protonmail is based in switzerland and thus subject to swiss privacy laws which are pretty   and it has an interesting system where it needs a password to open your account, then you need a separate "mailbox" password that all the messages are encrypted under. So basically, there's two passwords ppl need to know to read your messages which sounds pretty secure.

I haven't done a huge amount of research on email stuff, so if anyone knows anything bad about protonmail lmk.

[BetterCallSaulVPN 0]

Posteo is not an option for me.

On their website they are talking about using "green energy".

 

But most  of the time when people talk about "green energy", they really mean wind energy, which isn't green at all since:

a. It's killing birds,

b. Damaging people's health with infrasound

c. Completely ineffective

d. Trees and other plants are being destroyed in the process of building such power plants

e. And they look completely ugly. (not really a reason, but it's worth mentioning)

This is kind of silly imo.

An increase of focus on green tech=innovation=all these problems get solved.

Definitely less harmful to birds, humans, trees than fossil fuels, that's for damn sure.

If you care about the environment go vegan. Livestock emissions = 51% of ghg emission (Dr. Robert Goodland, Ph.D. Environmental Sciences and former lead environmental advisor for the world bank group, and Jeff Anhang, Research Officer and Environmental officer for the WBG. "Livestock and Climate Change", WorldWatch Group, 2009, http://www.worldwatch.org/files/pdf/Livestock%20and%20Climate%20Change.pdf)

[itguy2017 25]

protonmail for all my more confidential stuff (gmail for my normie stuff  , but tbh I should probably move elsewhere). Protonmail is based in switzerland and thus subject to swiss privacy laws which are pretty   and it has an interesting system where it needs a password to open your account, then you need a separate "mailbox" password that all the messages are encrypted under. So basically, there's two passwords ppl need to know to read your messages which sounds pretty secure.

I haven't done a huge amount of research on email stuff, so if anyone knows anything bad about protonmail lmk.

 

Proton is cool. Only 'possible' concern is Radware/Radyoos handles their DDOS and Radware was formed by a Unit8200 scrub. But that probably doesn't matter too much.

 

Tutanota has gotten publicity lately for telling the NSA to nacker-off.. The guy that stole the NSA hacking tools asked people to email him on Tutanota to buy the tools. NSA went to Tutanota, Tutanota told them to get bent and that even IF they wanted to hand anything over it would be heavily encrypted blobs of no use to them. So that's a pretty big victory.

 

I think for really secure email you are good with Proton, Tutanota, Countermail. For mid-level security I'd go with Posteo and/or Fastmail. For the 'trash bin' emails anything BUT Gmail/Yahoo/Hotmail, find any other free service with a great spam filter. One of the reasons I use Fastmail for my junk bin is their spam filter is like 100% effective. So I hand them $9 a year for a lite-account or whatever just to utilize their sick spam filter. I consider Fastmail to be my free account and prior to that used Yandex or Mail.com. I do not think I have ever had a Yahoo/Hotmail/Gmail account, at least not since the early 2000's... LOL

[OpenSourcerer 1359]

For mid-level security I'd go with Posteo

 

Woah, dude. This is your own opinion, I see that, but Posteo encrypts your CardDAV/CalDAV information with your AES-encrypted password and your whole mail account with your own PGP key and all this is just "mid-level" for you? Just because you can't use a few characters in your password?

[pr1v 36]

 

 

For mid-level security I'd go with Posteo

 

Woah, dude. This is your own opinion, I see that, but Posteo encrypts your CardDAV/CalDAV information with your AES-encrypted password and your whole mail account with your own PGP key and all this is just "mid-level" for you? Just because you can't use a few characters in your password?

 

 

Yes, and many many other security features

[go558a83nk 352]

 

For mid-level security I'd go with Posteo

 

Woah, dude. This is your own opinion, I see that, but Posteo encrypts your CardDAV/CalDAV information with your AES-encrypted password and your whole mail account with your own PGP key and all this is just "mid-level" for you? Just because you can't use a few characters in your password?

 

no kidding.  just make the password longer if concerned about the lack of some characters possible.

 

with 2 factor authentication I just don't see the problem.

[Kepler_452b 77]

Somewhat old thread, figured I would comment..

 

Protonmail = Unit8200, they proxy them for DOS/DDOS protection. Stay clear..

Hushmail = Immediately caves to govt. demands and has given up users.

Ghostmail = Closing down.

Lavaboom = Gone.

Mutemail = Gone.

RiseUP! = Their server cluster was compromised a few years ago. (physical access by NSA? Speculation)

 

Startmail is excellent and secure but not cheap.

Tutanota is good, responsible and seemingly secure.

Fastmail is nice, cheap, not overly secure but good general box.

Countermail looks good. I used them for awhile.

4Secured Email is decent, I used them for a bit.

Neomailbox is nice but support is terrible.

Posteo.de no experience with them but I hear they are good.

Runbox is ok, but not super secure. You can have them 'block' backups of your data making it a little more secure (ticket for support)

Kolab, no experience but good reviews

Cryptoheaven, good service and good support.

Zoho, Snowden's dump showed NSA complained about not being able to hack Zoho.

Securenym, no idea, website is trash but it's come up in discussions.

Safe-Mail, no idea. Vague cheap website causes me concern.

Keptprivate, no idea. Based in US but claims no logging/cookies. (shrug)

Novo-Ordo, bad website. Never tried it due to vague specifics on website.

 

Anyone else have any newer ones to add?

 

Thanks for that extensive list!  Disappointing that you don't think Protonmail can be trusted. I was planning to use them quite a bit. What do you think is the risk if they are proxied by Radware? Mail arriving encrypted can't be seen, only mail arriving cleartext, but that would be unreliable no matter the email provider.

[zhang888 1065]

Wrong, even mail arriving in cleartext cannot be seen by the transit providers, since between servers SMTP is

delivered over TLS. So when you send an unencrypted email i.e. from Gmail to Protonmail, there will be a TLS1.2

session between both SMTPs, and no provider will be able to read the content or the metadata.

[Kepler_452b 77]

Wrong, even mail arriving in cleartext cannot be seen by the transit providers, since between servers SMTP is

delivered over TLS. So when you send an unencrypted email i.e. from Gmail to Protonmail, there will be a TLS1.2

session between both SMTPs, and no provider will be able to read the content or the metadata.

 

OK, thanks for clarifying that. So do you think Protonmail is untrustable?

[zhang888 1065]

I think it's a good service with a good mission and clear people behind it.

Certainly better than any other free alternative. 

[itguy2017 25]

I think it's a good service with a good mission and clear people behind it.

Certainly better than any other free alternative. 

 

My gut tells me protonmail can be trusted. My head tells me Unit8200 doing the anti-DDOS is a bit concerning. I'd go with my gut and say they are fine.

 

I need to look into Posteo better when my fastmail trash-account expires next year.