Technology
This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.
Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.
Rules:
1: All Lemmy rules apply
2: Do not post low effort posts
3: NEVER post naziped*gore stuff
4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.
5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)
6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist
7: crypto related posts, unless essential, are disallowed
view the rest of the comments
One key aspect that you seem to be missing is that Proton encrypts every mail, including those sent by or sent to unencrypted providers using your pgp key before storing them on the server. This isn't a case scenario that can be handled without using a bridge. Thunderbird or any other mail client won't know how to handle that.
What you described only solves the end-to-end encryption portion of the problem Proton is trying to solve. Not zero access.
Yes, mail headers are unencrypted. They never claim otherwise and neither did I. If it were encrypted, it wouldn't be interoperable, which is something you want it to be as well right? I've always been talking about the mail content itself. Unencrypted mail headers don't make it "not zero access".
I feel like you're just not the target audience for Proton. I just use Proton because I'm fine with the web UI and Proton Unlimited is mostly good value for me. I do also pay for Purelymail as i have a few domains and they've been wonderful too.
Yes it can, and I explained how. Maybe you're the one not understanding how Proton actually encrypts emails sent by unencrypted providers/people...
In asymmetric cryptography the public key is used for encryption, then the related private key is used for decryption. This means the server just has to know your public key to be able to safely store incoming email from unencrypted providers. The Thunderbird that has your private key can decrypt the e-mails later on. This is exactly what Proton does but the decryption part is handled by the bridge.
There's guide here explaining this in detail and providing an implementation example with Dovecot. This can be also done when a message is received by the MTA (before it is filed / stored by Dovecot) like discribed in this guide for Exim here. The process should be the same for Postfix.