I think it is important to understand that email never will be very secure because the standard wasn’t made with modern threat models in mind, if you want to communicate privately and anonymously, you need modern protocols like signal, i also use proton but only because I hate Google, i don’t expect my emails are any more private than they have ever been. I use email only when it is required, I use signal for private communication, overlap is impossible
It’s useful to minimize data leaks too, since (especially when combined with simple login etc) you can avoid giving out your real address ever.
Some services don’t send verification letters to Proton and it’s site banned by the address in fucked-up authoritarian countries, both for having less control over what it is and easy registration. I want them to explore some multi-site hydra approach so they can’t get put out of the game that easily. Moving your emails here means you can’t rely on a hope it would work tomorrow.
Obligatory video from one of the greatest channels youtube has ever seen: By Default - There is no private email
Here is an alternative Piped link(s):
https://piped.video/iH626CXyNtE
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
I was looking at it too but went for https://mxroute.com/ because they offer a very minimalistic plan without up selling.
I also found some vaucher where I paid $45 for three years with 10GB mail, unlimited domains and email addresses.
Does mxroute support a multi-user setup, say one for each family member?
I’m currently looking at switching to a new provider and haven’t found the perfect replacement yet.
I’m not sure what you mean. I’m using it for my family but I’m setting up the Email addresses, so I don’t think every family member can be admin, no.
Id like to move to Proton, but goodness are there no good usernames left. I’d have to go the custom domain route which isn’t awful but it’s just more effort
Protons free service doesn’t offer mail forwarding. Free gmail does that. Which means that in many ways, protonmail will lock you in. Which is not great.
If you’re gonna switch to protonmail, at least use a custom domain. At least then, you can easily switch your provider, without having to change address.
Moving email seems like such a PITA, I don’t think I would move unless to self hosting.
My only criteria when switching email was to be able to use my own domain name. Now I almost don’t receive anything on my gmail and I can transparently switch provider. I think it was a relevant move, I won’t move to self hosting but I could ! :)
Move it to a custom domain and host it at Proton or Tuta. That way it’s a pain once, and then you don’t have to switch email addresses ever again.
Unless those companies get bought out down the road and trashed, and you need to move to a new one.
If you own your own domain, you just switch email providers and redirect your domain to them, and that’s it. No changing accounts everywhere, telling friends to change, etc.
Smart.
It certainly can be a bit involved. When I moved from Gmail address to my own personal domain I did it slowly over a few months.
I set my Gmail address to automatically forward to my new email address. Then I setup a quick filter which added a label on everything that had been forwarded. Once a week or so I would look at all the emails that had been forwarded and update them to my new email (or delete them if unwanted).
Did the same thing. Took about a year… Just do one site at a time.
Yes. I did it recently but the way I did it means moving all 300+ websites that I have logins for is now done in seconds.
I signed up for SimpleLogin and a custom domain. I then went around creating aliases for all these sites. Changing the sites is indeed the worst part. Still, this is the last time I ever do it. All my aliases were pointing to my Gmail account. Once I’d finished I settled on Proton. I just moved all my aliases to my Proton email address.
No one knows my Proton email address other than SimpleLogin.
I haven’t but can now ditch Gmail. I still keep the account for a number of reasons but none are for emails.
I’ve also been testing Tutamail. I can get aliases to go to multiple mailboxes. I have the ability to respond to the emails from either Tuta or Proton and the recipient is none the wiser of where my mailbox resides.
I’ll keep this all in mind. Thank you.
Self hosting email is even more of a pain.
Assuredly.
I always worry that it will get bought out by some asshole company and we’ll be even worse off than with Google (if that’s even possible).
It’s unlikely but not impossible. I’ve been using PM with a custom domain for about five years now, and never thought too hard about leaving.
In an ideal world, a company like ProtonMail would be cooperatively owned by the workers and paying users, sort of like a credit union.
Pragmatically, they’ve done fine stewardship of the service for the last decade or so they’ve been around. A big part of it is that their value proposition depends on stability and trust. But it could be better.
That’s the benefit of a custom domain, I suppose; you can always change he provider without changing your email.
Yup, I just signed up for Tuta with a custom domain. If they start sucking, I’ll move to Proton or something else.
You should be aware Tuta won’t let you use a third party client, automatically forward messages, or do a mass export of your email. It’s not impossible to move but they deliberately make it difficult. So does Proton in their own away.
They’ll say it’s about maintaining the security of your emails and such, but it’s just a vender lock in tactic.
Dang.
Some good news though:
- someone built a workaround for bulk export
- there’s a GitHub issue for it, which was recently updated to be on the “roadmap”
- something else from the roadmap was closed recently
Automatic forwarding isn’t an issue IMO since I can do that at the DNS level for custom domains. However, everyone on my plan at the same domain would need to switch at the same time.
But definitely something to take into account. Hopefully it’s just the immaturity of the product and will get resolved with time. Proton also didn’t have IMAP when it started, and it has a workable bridge now (so bulk export is an option that way). Proton also supports encrypted email forwarding now (encryption probably only applies to internal to Proton forwards), so hopefully Tuta follows suit.
Maybe I’ll switch to Proton instead, IDK. My emails aren’t that valuable to me long term, so I’d be fine downloading/forwarding the few I care about manually. My primary goal here is to get off Google, and I’m willing to jump through a few hoops to do so (and Tuta is pretty good and pretty inexpensive). But that may not be true for others.
Proton allows you to export as eml or mbox. Seems fine to me?
And they support automatic forwarding to external addresses, provided you’re on a premium plan, which you need to be for a custom domain.
You can switch MX records but not necessarily your mail storage. You need IMAP for that, and IMAP with Proton currently requires jumping through some hoops and it may be discontinued in the near future.
They’ve never given any guarantees regarding IMAP and they actually seem to consider it a negative so that remains a dubious point with me.
Problem is with the way email security is going now, it’s entirely possible in a few years, if your domain/provider isn’t an established one, it will get blocked by others.
I’ve had a few domain just straight up block some Tutamail emails.
But here’s the other issue: Proton and Tutanota are both not going to make it easy on you to move your mail.
I believe this is already the case; domain reputation is weighted pretty heavily by Gmail and others, so it will take some months before you’ve established enough rep. Following SPF/DMARC/DKIM is crucial, followed with time your domain has been registered and typical outbound volume from your domain.
I believe this is already the case; domain reputation is weighted pretty heavily by Gmail and others, so it will take some months before you’ve established enough rep. Following SPF/DMARC/DKIM is crucial, followed with time your domain has been registered and typical outbound volume from your domain.
I believe this is already the case; domain reputation is weighted pretty heavily by Gmail and others, so it will take some months before you’ve established enough rep. Following SPF/DMARC/DKIM is crucial, followed with time your domain has been registered.
Hi, this is Andy here, the Founder/CEO of Proton. As former scientists, we don’t do what we’re doing to make the most money (otherwise we wouldn’t have picked science as a profession). There’s no price which we would sell Proton to Google or Facebook. We also don’t need to because thanks to the strong support of the community, Proton has the resources to thrive and grow as an independent organization. Safeguarding this independence is how we ensure that over the long term, we can always put user interest above all else.
-Protonmail Founder, 2 years ago, for what it’s worth.
Google’s motto used to be “don’t be evil”
Companies can change.
Trust, but verify.
I want to see some assurance. I don’t know Switzerland’s laws, but if there’s a concept of a “social purpose company” or something with actual legal teeth, that would make me a bit more comfortable.
They’re certainly better than Google, and I like that their products are audited, but words from their founder don’t need much, especially if the founder decides to leave.
For anyone using a custom domain, or thinking about it, read this: https://dmarcly.com/blog/how-to-implement-dmarc-dkim-spf-to-stop-email-spoofing-phishing-the-definitive-guide
Without these records you’re a lot more likely to go to spam, or get rejected outright. If you have questions about it, ask here or DM me and I’ll be glad to help.
My email provider (Migadu) gave me all the DNS entries I needed when I signed up my domain to them.
I think they all do?
I don’t really understand the need for a guide TBH. If you can set your mx then you can do the rest, and your provider will tell you if it’s not done.
Recently I added a custom domain to my protonmail account and during the procedure it makes you do this steps (adding SPD, DKIM and DMARC) to pass all the steps. They tell you exactly what records you have to add, where to add them and what the content should be. These guys are great
Same with Tuta, which I did last weekend. Still evaluating the service for now before telling everyone to switch to my new custom domain (I’m forwarding everything from my old domain for now).
I tried Tuta when it was still called Tutanota, but it was rather cumbersome to use. The mobile and desktop app would work reasonably well, but searching through your emails was a pain.
It also wasn’t possible to use any email client on the pc. Proton also doesn’t offer IMAP access, but they do have a bridge you can install for that, enabling the use of almost any mail client.
Yeah, searching on Tuta sucks because it has to be done client-side since everything is encrypted on the server. With ProtonMail, the subject line is unencrypted, so it can search that without your key.
And I thought I’d care about email clients, but I honestly really don’t. They’re just so heavy and I don’t use email enough to need power user features.
I used Proton for a couple years and it was good, but decided on Tuta because Proton raised their prices and I honestly don’t need the rest of their stuff.
In that case it sounds like Tuta is the right choice for you. I just wanted to make sure you knew about the drawbacks. For me the search thing is what killed it, because I regularly search older emails.
Yup, it’s definitely appreciated.
And honestly, the only things that draw me to Tuta over Proton are:
- price - €3/month; family plan is €3/person; Proton is $4/month (reasonable), family is $24/month (kind of a lot)
- custom domains - Tuta supports 3 on lowest paid plan, Proton supports 1; I want at least 2 (family + personal project)
- Monero - I like the idea of digital cash, and this is the closest I’ve seen; I currently don’t have any, so not a deal breaker
So mostly cost. But there’s a lot of stuff I like about Proton:
- Simple Login
- VPN
- more polished experience
- bridge
I can host my own Simple Login, Mullvad VPN has more locations, and I don’t use email all that often anyway.
I’d switch to Proton if they:
- added more custom domains to Mail Plus
- had a Mail Plus family plan (ideally piecemeal like Tuta)
Monero is nice but not a deal breaker, and I’m okay with Proton being a little more expensive due to brand recognition.
Protonmail basically forced you trough this when adding a domain no?
At the end of the day. The main thing people should be aware of is that Cloud Storage is basically you keeping your data on someone else’s computer so you must assume as a rule of thumb that that data is vulnerable even if it is allegedly encrypted.
Now Proton has its own share of controversies which make its advertising of Privacy less trustworthy, at least in my eyes. I won’t go into details so feel free to do your own research, it will only take a couple web searches.
I personally also use Proton Mail for work but I always try to never communicate anything through it that I feel is risky in the context of my critical personal info.
Self Hosting is not the best solution when it comes to Mail Servers because of the whole domain trust issue yada yada as far as I am aware. (I don’t have the resources or the money to self host so I am going through someone else’s shared experience.) But it’s definitely the most concrete solution for privacy.
I value my privacy and have an extra $7 to blow every month.
Bleep boop, this summary has saved you 99.9%… just kidding i’m not a bot and have no idea what the article says ;-)
You’re pretty close, the thing you missed is, “Google is creepy.”
Everyone’s creepy uncle… to creep to fail… this wants to be a Weinstein joke, but not today :-(

Didn’t know google did shady things with our mail, but yea I shouldn’t be surprised
Welcome to Earth
I don’t understand why anyone is using gmail as their main mail account. I really don’t like the interface and using it with 3rd party apps like thunderbird, K9 mail or any other client just sucks
How? I’ve never had any issues using gmail with Thunderbird on desktop or FairEmail on Android. By comparison, Proton mail I could get working in Thunderbird with Proton’s mail bridge, but on Android I’d be stuck using their app.
Until the entire email protocol changes there are basically just no truly good options.
Because they make an account 20 years ago and it’s too much of a pita to change now
Also it’s probably the best email provider in the world, privacy aside
