- Addy.io - email alias service. I use it. It's good. Not had any problems.
- Email - (assuming you're talking about email in general) Not recommended method of communication. Best to use encrypted email (Proton, Tuta) but even then email is still not ideal.
- SimpleLogin - another email alias service. Not used it. Seems to be as good as Addy. Used to be independent like Addy, now owned by Proton.
- Blitzmail - who?
- Librem - Hadn't heard they have a mail service. Only know them for the phones. I've heard the phones aren't great privacy/security wise. Doubt the mail service is different.
Email
RedHenry Honestly i'm going to go off a limb here and say none of these are probably great services
Believe it or not, I think gmail is one of the better services. No email service is going to be private/encrypted, that's not how email works.
If you really worry about your privacy, GPG or don't use email. Simple as
raccoondad I think gmail is one of the better services
In terms of what? User friendliness?
raccoondad I'd say for security, convenience and integration, yes GMail is really good. If you are into privacy, it's the worst nightmare. Google is reading all your mails and you usually can't avoid receiving unencrypted mails since the primary reason to even have one is probably to register an account somewhere.
Even if the mentioned services in OP would all screen my mails, they are still better for privacy because of compartmentalization. I don't like for Google to get all my sensitive data, and they already have a big share since I need to use Google Drive and Sandboxed Play Services for work.
RedHenry I recommend you buy a cheap subscription from Tutanota or ProtonMail, as they both have alias integration and are much more privacy friendly by default (and can be paid via XMR if that is important to you). I currently am on the Tuta Revolutionary tier. This would give you 15 aliases and infinite aliases if you have your own domain. Tuta notifications work without Sandboxed Play Services which is important to me, ProtonMail doesn't support that feature. Both are good services, pick the one that has the best feature set for you.
Proton all the way.
N1b "Google is reading all your mails and you usually can't avoid receiving unencrypted mails since the primary reason to even have one is probably to register an account somewhere."
every service processes your email in plaintext, there is no reason what so ever to not assume your mail service provider is reading your emails.
"Even if the mentioned services in OP would all screen my mails, they are still better for privacy", we have 0 clue what their security standards look like. I would say using untrustworthy mail services is worse for privacy than having a google account with linked internet accounts on it, assuming that's the use case.
Privacy and security are one of the same, you don't have one or the other.
It just so happens email is not private or secure, but some mail services handle it better than others.
- Edited
Yes, I had multiple masked emails on multiple email masking services (eg Firefox Relay, 33Mail, etc) which can get to be a hassle to keep track of (but, thanks be to KeepassXC! ✊). These days I use SimpleLogin as part of a Proton Unlimited subscription, which also allows you to set up custom sub-domains that could even include some part of your name, if you need to use a masked email address that is still not your actual one, for services that may need your real name (eg some booksellers are a bit squeamish about obviously-masked addresses). Just another useful option.
I once demonstrated the utility of this to a colleague when we were out at a restaurant in a city I was visiting which required you to use their QR code to order food to your table, including an email address and a charge card. Whip out the Pixel, fire up the SimpleLogin app, cook up a purpose-chosen masked email and use a masked credit card number, all done in 2 minutes, real email and real credit card info not given out. The unique email will also tell me if that establishment later sells the info on, since it is used nowhere else.
I also had a Tutanota email at one stage (they had a very good calendar before Proton did one), but for some reason they bumped me off it and it eventually timed out. Not much use having encrypted emails that you can't access any more, so I became wary of Tuta (sadly, because I really liked their stuff).
I've used anonaddy/addy.io since launch and highly recommend a paid account once you've realized the benefits of the free package alone.
I've used Tutanota similarly since inception but mostly just because I like the "tuta.io" domain. Many people experience some sort of mental break when you share such a foreign sounding email handle.
"So, I'm gonna repeat this back to you: at t-u-t-a?"
"Yes, ma'am."
"...ok, so then dot i-o dot com??"
"No, ma'am...just dot io. No dot com."
".............."
Both Tutanota and addy.io have very low-entry, paid plans...couple bucks per mo, IIRC. Tuta's basic plan allows for 5 or 6 aliases and a handful of available domains.
raccoondad It just so happens email is not private or secure, but some mail services handle it better than others.
For an example of doing it worse than others. Sadly he didn't name and shame. https://infosec.exchange/@briankrebs/111898308899679153
Each inbox -- whether for company customers or employees of those companies -- was viewable just by visiting a link with a web browser and clicking links. Everything was exposed in basically one big file index.
minxes0v Sounds like something id implement NGL, I tried running a mail server, did NOT end well...
ezlover Tuta's basic plan allows for 5 or 6 aliases and a handful of available domains.
Just to avoid confusion, you are referencing their old plans which you might be still on if you didn't cancel or upgrade. Their current paid plans allow for 15-30 aliases (unlimited if you use your own domain).
For me this was huge when they switched to unlimited, because before I could only use up to 100 aliases on a maxed out account at almost twice this price. But the new pricing is simplified and depending on your situation you might have to pay more for all the features you were using.
raccoondad great, but still not gonna switch to Gmail lol
10 days later
minxes0v Write-up for this incident. https://krebsonsecurity.com/2024/02/u-s-internet-leaked-years-of-internal-customer-emails/ Lesson being, sometimes it's better to go for bigger, more established providers, with the exception of Microsoft.
SimpleLogin works well.
raccoondad No email service is going to be private/encrypted, that's not how email works.
Actually, that IS how email works, unless the email servers you are using aren't enforcing encrypted connections. You write an email, it connects to your email server using port 465 or 587 (both are encrypted). Your email server then does a DNS lookup to find the MX record for the recipient and then connects to the recipient's email server using port 465 (again, encrypted) which then stores the email. The recipient then periodically connects to their server using port 993 (imap, again encrypted) to retrieve email.
The belief that email is not secure or encrypted is rooted in the bad old days of port 25. Nothing should be using port 25 unencrypted SMTP any longer.
- Edited
IK how email works, I ran my own mail server in the past
"it connects to your email server using port 465 or 587 (both are encrypted)"
I'm referring to on server encryption not transit encryption...
'The belief that email is not secure or encrypted is rooted in the bad old days of port 25.'
This is just misinformation and the evidence is pretty clear if I open up my mail servers settings and select 'reset user password' in the admin. Or just su into a unix user as root and run mail/mutt. Please do not spread misinformation
"Nothing should be using port 25 unencrypted SMTP any longer."
Yes I know this is the standard
Transit encryption is important. So is message encryption
Guess which one email does NOT have
Its insanely easy for any sysadmin to access mail content and Google does this all the time (PhotoDNA for example)
This is one of the main reasons GPG exists and why most GPG keys include an email....
Encrypting in transit doesn't mean email is an encrypted service, it means it's doing the bare minimum
- Edited
bookreader
Disclaimer: I’m not an e-mail specialist.
Actually, that IS how email works, unless the email servers you are using aren’t enforcing encrypted connections.
The thing is, most mail servers and services out there are not enforcing in-transit encryption.
Since, in terms of e-mail, the implication of mandatory encryption means that some messages will never be delivered, opportunistic encryption has been the most widely adopted method.
Full mandatory TLS or selective mandatory TLS only represent a small part of e-mail traffic, with the former being probably rare. Delivery reliability has been the choice of most; that’s why opportunistic TLS should be considered as the main reality of e-mail.
For instance, Gmail do opportunistic TLS by default; the mandatory TLS has to be chosen by the user.
https://support.google.com/a/answer/2520500
Gmail statistics are pretty clear: for the period 2023–2024(Feb), 9.1% of outbound e-mails were not encrypted. And those statistics are only pertaining to Gmail senders.
https://transparencyreport.google.com/safer-email/overview
Moreover, from what I understand, any mail transfer agent (MTA) can read e-mails. MTAs can receive with TLS and then transfer with TLS, but in between, TLS has no power. But since those hops are part of the transit in a sense, it’s difficult to argue to the end user that his messages were fully encrypted during transit.
Also, the mail header can be falsified by any relay; the consequence is that we can’t even trust the TLS mentions inside it.
It’s pretty difficult if not impossible to be sure that a given message has been fully encrypted during transit. And for many cases, you want to be sure before and not only after reception.
So, e-mail can be encrypted, or not. AFAIK, that’s a fact.
leafnose For instance, Gmail do opportunistic TLS by default; the mandatory TLS has to be chosen by the user.
Forget about using gmail as an example. Its up to YOU to set the encryption policies that result in the security that you need. Don't like the policies set by XYZ email server? Set up your own.
bookreader
I think that it’s pretty relevant to use Gmail with its soon 2 billion users as an example in order to describe e-mail reality.
But maybe we’re not talking about the same thing.
E-mail is a collective system; most of the time, it takes at least two people for an e-mail to be transmitted, a sender and a receiver.
With in-transit encryption, even when mandatory, it’s pretty difficult to ensure that the content of a given message will stay private and unaltered. At least, as far as I understand, that is the case with the hop-by-hop transport model used by e-mail.
What are you suggesting then? To control the whole route, each hop, and even the receiver infrastructure? In this case, we’re not talking about the collectiveness of e-mail…
Mandatory encryption has a cost. It is true that you could simply blindly use mandatory TLS, and accept that some e-mails will never be received. So, yes, from this perspective, e-mail would be more secure, but also more unreliable and totally impractical regarding deliverability.
But what’s the point then? It’s easy to be secure if you’re ready to accept many messages should be sent by other means than e-mail, and that you’ll never be aware of some messages meant to you.
The reality is that people, institutions, etc., who will send you e-mails, or ask you to send them, sometimes more or less pressingly, won’t set up their own mail server, according to your preferences, if it’s not already the case.
At this point, you’re describing something else, because e-mail is inextricable from its collective nature. It’s like saying snail mail is totally secure, as long as you choose your postman and control the sorting centre. At one point, you’ll have to trust intermediaries (e.g. MTAs).
E-mail is popular because most people do not have to dedicate themselves on the technical aspects; for most people, it just works.
Most people don’t manage their own mail server, and use opportunistic TLS for their daily correspondence, even on this forum; so what’s the conclusion? That most people have poor preferences, or that e-mail is not inherently secure?
And let’s not forget that there are other risks.
Sure, e-mail can be secure, up to a certain point, but acknowledging this is not the same as saying that e-mail being insecure is a mere belief. And by secure, I mean you should use PGP, most of the time.