this post was submitted on 04 Aug 2024
31 points (100.0% liked)

Technology

37702 readers
460 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

I need to change ISPs and need to find a new email provider. This time I want to move to my own domain which I purchased through Namecheap and I do not want to use another ISP's email system nor do I want to use Google, or Microsoft since I am Linux (and Android too) based. I would like this to be US based or at least have a strong US presence so obvious choices like Proton Mail, Mailfence, and Mailbox.org are out. I would prefer it interoperate well with FOSS software too, I use Thunderbird and K-9 Mail for example. Also so want them to be trustworthy, have good security, and have good OpSec with respect to their their servers and service.

After looking I find three I am considering and they are quite different:

  • Fastmail. Long history. No PGP support but they do have their own domains one can use also.
  • Namecheap Private Email. Uses Ox App Suite, may support PGP, and quite new. I think you have to have your own domain (not sure).
  • Forward Email (forwardemail.net). A forwarder with IMAP support. You supply the webmail if you want webmail, but otherwise it should work fine with IMAP and normal clients.

So questions:

  • Any thoughts and experience, pros and cons with the above 3.
  • Other better ideas.

So thoughts? Thanks.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 17 points 3 months ago (1 children)

Why is US based one of your requirements?

[–] [email protected] 3 points 3 months ago (1 children)

I believe in being as local as one can. One cannot always assume that those global data links will be up the way the world is going. Also if you think email security is bad in the US then how is it better to ship data half way around the world. Makes no sense to me. The US is not suppose to spy on US citizens in the US but every thing that passes a border is up for grabs as far as I know.

[–] [email protected] 12 points 3 months ago (2 children)

The US is not suppose to spy on US citizens in the US

And yet ...

[–] [email protected] 4 points 3 months ago

And there is still the 14 eyes agreement

[–] [email protected] 2 points 3 months ago (1 children)

Nicely put. I seem to remember some government type trying to say it was not spying to record your data and mine it as long as a human did not access it. Kind of a similar thing Google says about Gmail.

Wasn't it the CIA directory that lied under oath then later said it was the least dishonest thing he could say. He got away with that too.

[–] Ilandar 2 points 3 months ago (1 children)

You can also look at the Patriot Act as another example of the US Government proving it is completely untrustworthy when it comes to the privacy of its citizens.

load more comments (1 replies)
[–] [email protected] 8 points 3 months ago* (last edited 3 months ago)

Fastmail has one feature many others lack (which is hard to research unless you want/need it and have go down the rabbit hole) - scope limited login tokens for specific uses. Specifically, you can set up one for "read only IMAP" (to archive emails using scripts etc.), "SMTP only" (to send emails from scripts like backup reports etc.) and so forth. Many, if not most, other providers either don't have it, or if they do it's very limited like one token only with no scope control. $0.02 hth

[–] [email protected] 5 points 3 months ago (3 children)

I think you should reconsider Proton. It seems to tick all of your boxes except US-based. However, I know they have US-based VPN servers, so I expect they have US-based email servers as well. It’s worth asking their support team about.

[–] [email protected] 5 points 3 months ago (1 children)

It doesn't interoperate well with FOSS software like K9 and Thunderbird.

[–] [email protected] 2 points 3 months ago (1 children)

It does work fine with Thunderbird but you need their bridge app.

load more comments (1 replies)
[–] [email protected] 3 points 3 months ago

I'm not really into the idea of moving everything to a baby Google, even if they're currently good about privacy. They just added an AI tool to email and a crypto wallet, which could be either awful or great signs depending on your perspective.

[–] [email protected] 2 points 3 months ago

As you might guess Proton or Mailfence are my top picks if they were in the US. Regarding Proton, unless I am missing something I would need the Ultimate plan side I need more then one account and domain hosting. That is very expensive.

[–] [email protected] 5 points 3 months ago (1 children)

https://purelymail.com/ is brilliant, have been using it for 4 years and am using it with thunderbird and k9.

[–] [email protected] 2 points 3 months ago (1 children)

I was wondering about these guys. Seems too small to early stage. It says Beta. Feels like a one person operation though maybe I am wrong. Also web traffic is really low though maybe it is because they do not use trackers.

Happy to here any insights.

[–] [email protected] 3 points 3 months ago (2 children)

It is a one person operation but it is very stable, I have not had any issues during the 4 years. I had some questions when I signed up and they were answered quickly (within few hours). The 'Beta' sign has been there always, in my opinion it doesn't mean anything. The is a news page, https://news.purelymail.com/ and there are about 5 'items' (mostly some disturbances) per year since 2020. There is a 'free trial' so you have nothing to lose :)

[–] [email protected] 2 points 3 months ago

Unfortunately all the volume-based email providers I know (Purely, MXroute, Migadu) are one or two-person operations. Doesn't stop them from being excellent, of course.

I wish the volume-based pricing model was more popular but unfortunately very few people know about it, and is course the large providers prefer to charge by account or add all kinds of artificial limitations because they make much more money that way. Having multiple mailboxes for the same domain costs the provider nothing and yet you get charged per mailbox.

[–] [email protected] 1 points 3 months ago
[–] [email protected] 5 points 3 months ago* (last edited 3 months ago) (1 children)

I'm a recent fastmail user:

Pros: First off, they put me on a 30 day trial, so had a full 30 days to try out; I would suggest trying their trial as one of your first things.

I do love that I can make so many aliases for different email things.

I do love I can add an API key to my bitwarden account to auto-generate email masks for things: https://bitwarden.com/blog/use-bitwarden-to-generate-email-aliases-with-fastmail/

Offer's a reasonably priced family plan for up to 6 users (50 GB per user - after using Gmail from day one, including non-email storage, my Gmail is only up to 35 GB), and they have annual plan options which give you a discount over monthly for a better deal.

Has a calendar feature, and notes, for which I am putting stuff I used to text to myself, or message to my wife on discord.

Use multiple of my own domains (purchases elsewhere), and just set the nameservers to FastMail, and they handle setting up everything for modern email like DKIM, DMARC, and stuff. Though you are not obligated to purchase a domain, they have many you can choose from. They allow you to use a ton of custom domains (where as some other providers allow like 3, 10, or 30, depending on your plan).

They have an import feature from your old mail accounts. I did not try it, as I decided to start fresh. I'm trying to move away from gmail incase they lock me out someday, but my account is in good standing, and I have access to everything there as storage; just proactively moving all my important accounts over to my own domains.

I'll put this at the end as it is a pro or con depending on your outlook: I trust FastMail to not use my data like google, and am okay with our business relationship. Because of this, I am okay with my data not being so hard locked down that FastMail is able to restore access/help users getting locked out of their accounts. For a true End-to-End encrypted option, I question if that recovery would be possible (which can be a good thing, if your purpose is protecting your data, even from warrants/court orders/subpoenas); they may have recovery keys, but what if you lost those?

Con: Found out after my trial ended, that when I email my work, my emails go to Quarantine. Our work uses Microsoft Outlook, and they have a quarantine feature that keeps stuff from hitting even the spam folder; my work has phishing set to 'aggressive', which is what is quarantining my emails. Once i passed one email through quarantine, i'm recieiving them fine now. Also if the user adds the email to their contacts list.

After looking around, this appears to be an ongoing issue with microsoft from fastmail emails. You cant email email the recipient to inform them of the quarantined email, because all emails are quarantined. Not a deal breaker, as it's microsoft's doing, not FastMail, but still annoying, especially if you have to tell them to add you as a contact first. May get better after your domain builds some reputation with their servers, I don't really know yet. More of a reason for me to avoid recommending Microsoft as an email provider; quarantine is great for protecting users, but unless you have an IT person regularly checking and approving quarantined emails, it is so easy to miss legitimate emails from clients. I've also seen an email from my gmail account in the quarantine system, so it can catch up even big email providers.

A lot of people recommend https://tuta.com/ as a more privacy conscious option, and if I did decide to leave FastMail, they are probably what I would switch to. They do have a free email. Tuta also has family options, which can be more generous storage wise depending on your plan, but their family option appears to just be pay the full price of your plan for each user to add them to your family plan, and Tuta (at least from their pricing page), only has monthly as an option, no discounts for commitments.

For fastmail, I pay $132/year ($11/month equivalent - actually $14/month if on a monthly plan) for 50 GB for 6 users (300 GB total), For Tuta it appears to be €3/user/month for 20GB, or €8/user/month for 500 GB (so for 2 users, you are either paying €6 or €16). Ultimately I found FastMail to be a better choice for me. If you switch to business, they do have a €6/user/month option for 50 GB /user, which would be €12/month, so comparable to FastMail's family plan if you only have 2 users, but less comparable if you need more than 2 users. Due to tuta's pricing structure, you could just get each user the plan they need (not sure if that requires separate accounts, or if can be done on a family plan, which does have domain sharing implications, but maybe everyone wants their own domains).

My recommendation would be to make a FastMail trial, make a free tuta account, and try both for a month, then make your decision.

[–] [email protected] 1 points 3 months ago (6 children)

Yes... email filtering is a huge problem. Do you know if the issue was with your domain or whether it happens with Fastmail's standard domains also?

Regarding Tuta... not IMAP/SMTP and not US, so no for me. Otherwise I agree.

[–] [email protected] 1 points 3 months ago* (last edited 3 months ago) (1 children)

I only learned about quarantine the other day. Specifically I think it was me sending short messages that make sense when emailing yourself, like a photo with no body text, or just "test".

Going through there, found my Gmail, my personal domain, and my @fastmail domain all going there until I approved one of them.

I had my personal domain on a lifetime mxroute account before this, but wasn't using it. Made the move to fastmail to seriously move away from Google. I have my purchase ebooks backed up there, and they could close my account someday because of it, even if it's a personal backup of purchased items and not sharing with others.

Also making a wasabi account and using rclone to sync my library, so can move away on that front too. though Wasabi has a perfectly usable web interface. i have my reasons for choosing them over backblaze.

[–] [email protected] 1 points 3 months ago (1 children)

You mentioned mxroute. Someone else mentioned. Do you have any thoughts about them. You mentioned your moving to Fastmail instead.

[–] [email protected] 1 points 3 months ago

I specifically found their lifetime plan reasonable to park a more professional sounding email address long-term to attach to resumes and the like, but not enough storage on that plan as my primary email.

I honestly don't have much experience with it, I just set it up to have to use with my domains, without having to pay a monthly fee.

Unfortunately, I have no input on their other plans

[–] [email protected] 1 points 3 months ago (1 children)

I didn't know about the tuta IMAP thing. Makes sense, unless they open it up for development from third party providers, but that is unlikely to ever happen. I can definitely see that as being a deal-breaker, and why I'll probably stick with fastmail

[–] [email protected] 1 points 3 months ago

Thing about IMAP and other open protocols is that it probably lowers security and it certainly increases attack surface. So there are downsides. On the other hand ultimate security is not my biggest need. More interested in compatibility. I like the Proton, Mailfence, and Mailbox.org direction to be compatible and also support PGP with WKD so they can interoperate.

load more comments (4 replies)
[–] [email protected] 4 points 3 months ago (3 children)

@furrowsofar

Run your own goddamn email server. Don't trust these big fat companies.

[–] [email protected] 20 points 3 months ago* (last edited 3 months ago)

I would advise against this.

I am all about running things yourself, run most stuff myself, but email is just a nightmare these days with all the anti-spam stuff out there.

Go ask at [email protected]. They'll tell you the same thing. Lots of hassle, lots of potential pitfalls.

[–] [email protected] 4 points 3 months ago (3 children)

Email in itself is an outdated protocol. Even if you're selfhosting it, and have the best opsec practices; if the other person uses gmail then you're fucked anyway.

[–] [email protected] 2 points 3 months ago* (last edited 3 months ago) (1 children)

Not having mandatory security is a legit issue, but there isn't a drop-in replacement that does, not in 2024. You're gonna need widespread support, support for file transfer, federated operation, resistance to abuse, client software on many platforms, etc.

And email security is way down the list of things that I'd be concerned about. At least with email, you've got PGP-based security. If you're worried about other people's mail providers attacking mail you send them, that's getting into "do you trust certificate authorities to grant certificates" territory, because most secure protocols are dependent upon trusting that.

Like, XMPP with OTR is maybe a real option for messaging, but that's not email.

EDIT: Not to mention that XMPP doesn't mandate security either.

[–] [email protected] 1 points 3 months ago

Security is getting better on the transport side.

[–] [email protected] 1 points 3 months ago

@Estebiu

Then again, it's useful to filter out the gmail zombies.

[–] [email protected] 4 points 3 months ago

Thanks. Like the sentiment. Yes I can do this but my wife cannot. So this option is out. It needs to be a solution that she can maintain alone if something happens to me. This concern gets a lot more real as one gets older.

[–] [email protected] 3 points 3 months ago

Since others are mentioning non-US based, I would like to recommend Migadu.

[–] [email protected] 3 points 3 months ago* (last edited 3 months ago)

Big question is: who’s storing the email, you or them? Your mail clients handle POP3 and IMAP as well as SMIME and GPG so the server doesn’t have to have any special features itself.

Since you want something your wife can manage, stay away from the forwarders. Whatever you choose, check Spamhaus and SURBL to see if the provider has a history of getting on their lists.

Make sure you select one that can stay in business providing email service, so you don’t have to worry about the company collapsing/being bought out/pushing ads/selling PII/bundling mail with some more lucrative service.

[–] [email protected] 2 points 3 months ago (1 children)

Pay for hosting through Namecheap (lowest tier price) and use your domain there through cPanel in your hosting interface. Don't use their email only offering, it's more expensive. All you need to do is set up the domain and email addresses. You don't need to actually host a website. They have a web interface, but I use a client (Thunderbird).

[–] [email protected] 1 points 3 months ago (1 children)

Interesting. So to confirm, your saying in the hosting panel I can configure it and they have SMTP, IMAP, and Webmail servers that they maintain I can use? No need to setup a VPS for it?

[–] [email protected] 1 points 3 months ago (1 children)

Correct. This is web-hosting email. I personally only use POP3, but it has it all. This is a sample help link. https://www.namecheap.com/support/knowledgebase/article.aspx/271/2186/cpanel-email-account-setup-in-thunderbird/ And this is the general FAQ https://www.namecheap.com/support/knowledgebase/subcategory/31/cpanel-email-faqs/

Just a FYI, if you are sending too much email, or doing mailing lists you will get dinged. High volumes need more expensive accounts. The FAQ has more info. I would suggest the Stellar or Stellar Plus for Shared Hosting. I have an older discontinued plan that gives me a few more email addresses, but otherwise it's the same rebranded.

The cost for a year of Hosting $44.88 plus your Domain renewal ($15-22) a year depending on your TLD is cheaper than most providers that do email only. I personally always recommend Namesilo for domain registrations.

[–] [email protected] 1 points 3 months ago (3 children)

This is really helpful. Especially the FAQ. Few questions:

  • Web Mail SSL Certs with Roundcube? One of the articles said something about TLS connection issues.

  • spam filtering... is that included or configurable?

  • SPF, DKIM, ... is that included or configurable.

  • CalDAVand WebDAV address book and calendar sync. Possible? Not a deal breaker as we currently replicate another way through our lan Nextcloud server.

  • Their SMTP server reputation? Any issues?

For what it is worth I use POP3 with my existing provider. Like not keeping my mail there. Our pattern is to just pull not delete on our phones and pull and delete on our workstations. Feels Like we need to move to IMAP though so we do not have to review our mail twice. Also feels like we have to push SPAM filtering upstream. Thunderbird has great filtering but K9 Mail does not.

Thanks.

load more comments (3 replies)
[–] [email protected] 2 points 3 months ago (1 children)

I like Zoho mail, decent prices for a lot of features

[–] [email protected] 1 points 3 months ago

I looked at them. From me that feels like trading a US software giant for an Indian one. So I would choose Google Workspace first. I agree though Zoho is interesting.

[–] [email protected] 2 points 3 months ago (1 children)

MXRoute is about a decade old and based in Texas. It's in that "unix philosophy" category of doing something well and stopping there so you won't get them advertising their new crypto wallet or AI software on you. It's mostly geared for more technical bring your own domain type of usage. If you're wanting to use it more as a forwarder and want to store the history locally (or if you don't email files) there's a "lifetime" plan available.

[–] [email protected] 1 points 3 months ago

Thanks. Interesting. I will take a look.

[–] [email protected] 1 points 3 months ago* (last edited 3 months ago)

Edit: just realized you said US based. Tuta is not US based so that might not work for you. Sorry about that.

Tutanota (now just Tuta) allows you to use your domain. I use it, it doesn't support external clients (Outlook, Thunderbird, etc.) but they do have Android, Linux, Windows (maybe Mac too) clients.

It's also cheap.

I've been using it for a few years now, it works for me.

You can get a free account to check it out first and if you like it just upgrade to get the personal domain usage and increased storage limit.

[–] [email protected] 1 points 3 months ago (1 children)

No PGP support

Why would the mail provider need to support it? I mean, if they provide some sort of webmail client, maybe it doesn't do PGP, but I sure wouldn't be giving them my PGP keys anyway.

I haven't used any of them, but I don't think that you can go too far wrong here, since you have your own domain. Pick one, try it for non-critical stuff for a month or two, and if you don't like it, switch. As long as you own the domain, you're not locked in. If you do like it, then just start migrating.

The main differentiating factors I can think of are (a) service reliability, (b) risk that someone breaks in and dumps client mail, but it's hard for me to evaluate the risk of that at a given place. And (c) how likely it is that other parties spam-block mail from them.

I'd look for TLS support for SMTP and IMAP; that may be the norm these days. The TLS situation for mail is a little unusual compared to most protocols, where on a new connection, some servers initially use the non-encrypted version and then upgrade via STARTTLS.

If you intend to leave your mail on their server rather than just using it as a temporary holding point until you fetch it, you might look into what their storage provided is.

I'd also see what the maximum size of any individual email that they permit is.

[–] [email protected] 2 points 3 months ago

I could be handy to read you mail on the web client. Depends on how secret you want your PGP key, how much you trust your provider. I would argue that in most cases it would be better for the provider to manage the keys then to have no one use PGP which is what we mostly have now.

[–] [email protected] 1 points 3 months ago

https://www.hey.com/ has a lot of features, though you have to subscribe to it for $100 per year. Family plan is $180 per year for four members.

load more comments
view more: next ›