this post was submitted on 10 Sep 2023

42 points (100.0% liked)

Privacy

787 readers

1 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

What's the best approach to email today? (lemmy.ml)

submitted 1 year ago by danileonis@lemmy.ml to c/privacy@lemmy.ml

16 comments fedilink hide all child comments

And what do you actually use? I know the answer is probably self-hosting but maybe there are other solutions for a decent privacy.

top 16 comments

sorted by: hot top controversial new old

[–] jet@hackertalks.com 19 points 1 year ago* (last edited 1 year ago)

https://www.privacyguides.org/en/email/

Normal email is unencrypted when it's on the wire in transit. (Nowadays they use SSL between servers, but it's totally readable by every server in your pathway. Which isn't much better ). The best you can hope for email is to encrypt it and store it at rest once it arrives at the server. If you self host the server you could have one way encryption enabled. If you don't want to self host the privacy guide options are pretty good.

Don't have any conversations via email if you can avoid it. Prefer end-to-end encrypted platforms like signal instead

[–] mojo@lemm.ee 6 points 1 year ago* (last edited 1 year ago) (3 children)

I own a custom domain and actually use Tutanota as my host. Self hosting is a nightmare and easy to fuck up, which leads to your emails getting sent to spam or just not receiving. I use custom domain support in Tutanota that costs me $12/yr (2 custom domains) and my domain is $15/yr. Since custom domains stick out like a sore thumb, if I need privacy then I will use AnonAddy to forward to my email with an anonymous forwarder.

Like 99.9% of my emails aren't encrypted but that's not the point. Tutanota removes a lot of the privacy leaks via metadata and has privacy protection measures by default like disabling images from automatically loading. Also it's calendar/contacts/email all rolled into one and everything is e2ee. Not to mention, unlike ProtonMail, they have their own push service that works on DeGoogled Android and can be installed from fdroid.

[–] ares35@kbin.social 6 points 1 year ago

this is a very sensible alternative to actually going all-in on self-hosting mail, which is a total pain in the ass.

[–] umami_wasbi@lemmy.ml 2 points 1 year ago (1 children)

Oh wow. Maybe I will migrate to Tutanota from Proton then. That price, function, and dedication to privacy sounds quite attractive to me.

[–] mojo@lemm.ee 2 points 1 year ago

I'll just say though, the client is kind of rough and may be missing a lot of features you're used to.

load more comments (1 replies)

[–] drukqs@lemmy.ml 5 points 1 year ago

I use fastmail.com to generate e-mail aliases. Creation is rate limited, but they are virtually unlimited; I have 500+ and counting. Aliases are randomly generated as wordone.wordtwo1234@fastmail.com, so they aren't identifiable to your account.

[–] CAPSLOCKFTW@feddit.de 4 points 1 year ago (1 children)

If you want to self host, I recommend mailcow. It is not that hard to install and if you follow the instructions you'll have a working solution whose mails are not considered spam by every other sane server. Sadly, some operate with whitelists.

[–] EngineerGaming@feddit.nl 2 points 1 year ago (1 children)

I have looked at it and its system requirements are just insane. No way it would run on my cheap 1 GB VPS. I use a script for setting everything up, but less because I want to (I was warned about complications) and more because I cannot afford a second subscription.

[–] CAPSLOCKFTW@feddit.de 1 points 1 year ago

6GB of RAM is for up to 8 concurrent users.

[–] umami_wasbi@lemmy.ml 4 points 1 year ago* (last edited 1 year ago)

Anonaddy/Addy.io to create aliases, then PGP encrypt it before forwarding to my Google mailbox.

I also use Proton but considering ditching it in favor of Anonaddy.

[–] jet@hackertalks.com 3 points 1 year ago

People here seem to think that email alias providers are more secure then a custom domain. I would argue they are the same.

If someone is going through the trouble to find you, the alias provider will give up your payment information and your real email address.

A custom domain will give up your registered information.

If you want a truly anonymous email, don't have it funnel to your personal / main account.

[–] snowcatridge10 2 points 1 year ago (1 children)

self host. Don't trust random "privacy" companies

[–] mojo@lemm.ee 1 points 1 year ago

Elaborate

[–] appel@whiskers.bim.boats 2 points 1 year ago

Do not use proton, get yourself a domain and then use something like Migadu to host it for you on that domain. Then you can also use anonaddy to add anonymous addresses where needed.

[–] Oha@lemmy.ohaa.xyz 2 points 1 year ago

Tutanota with own catch all domain

[–] landordragen@lemmy.ml 1 points 1 year ago

I'm using Skiff Mail with two custom domains.