Hi guys!
I’m looking for a Proton alternative. So far I’ve seen these two recommended. I was wondering what are the pros/cons of each? Seems Tutanota offers more bang for the buck in mailbox size etc, but I’m not sure. I’d also like to have a better integration with Android, because Proton’s email/calendar apps suck big time.
Thanks!
Posteo rocks.
This is accurate
Its simple as hell, out of the way. Its a no fuss email that seems to have all the features you’d want. It just works. Carbon neutral and all the good stuff we all like to boot.
Mailbox.org offers 2GB of space for their free tier, and Tuta is 1GB.
But I would just look at the recommendations on privacyguides.org. They break down what each service does well and what things you should know, like how Mailbox uses PGP and Tuta uses some other (valid) encryption method.
Didn’t know Mailbox had a free tier! Gotta check that out.
Edit: Mailbox still doesn’t have a free tier. It’s just a one month trial.
As far as I’m aware, there is a huge difference between these three in that Mailbox.org is not end-to-end encrypted. So if that is an important feature for your use case, that may disqualify them from your options.
However, mailbox can still be encrypted with pgp, and has some built in supports which make this easier.
One problem I had with proton/tuta is that you cannot use a third party app due to the encryption, which you can with mailbox. A problem I have with mailbox is that it does not support fido2 for login or 2fa, which could be a security concern.
Email is never “end to end encrypted” outside of layering something else on like PGP- which you could use with any email service.
Huge beginner here, but privacytools.io says Mailbox is encrypted? Is it the “end to end” part? How did you find out they’re not? https://www.privacytools.io/privacy-email
Mailbox encrypts the email at rest on their servers but with the encryption keys they own. Protonmail, in contrast, uses zero access encryption where they encrypt your data with your public key and they do not know or have access to your private key to be able to decrypt the data even if they wanted to.
Mailbox has a zero access encryption service called (I think) Guard that basically encrypts the email with PGP where they would no longer be able to decrypt your email. But it’s not enabled by default.
That’s true once it’s received, but it’s still processed by proton and now we know they are pro-nazi so who knows what they would do.
You can avoid this with pgp as stated (default for proton to proton messages), but I don’t think it’s worth considering the at rest encryption at proton anymore.
Take a look into Posteo if having a custom domain is something you can live without.
Posteo
Wow…This one seems to be a very good one as well. How come it’s not even mentioned in privacytools.io or privacyguides.org?
You also get SMTP with posteo, if that is important to you.
With that you mean it’s standard access IMAP/SMTP from any client you want, as opposed to Proton/Tutanota and their custom apps right? Yeah, I prefer a standard protocol and my own app.
I don’t know mailbox.org but tuta will try to upsell you, eventually. It’s going down the same path as Proton is so maybe stay away from it if you want to get away from Proton.
I’m sorry, english is not my first language but what do you mean by advising to stay away from Tuta?
“stay away” from something, means to avoid it, they are saying to not use it
Haha no I get that. The question is more like, why stay away from Tuta
Oh lol.
tuta will try to upsell you
“upsell” refers to a sales tactic, where a salesperson keeps trying to convince you to buy something more than you might need. Basically, you want to buy a $200 TV, and the sales person tells you: “Hey this $700 TV is much better, it has 8K High Definition, Premium Speakers… etc, etc…”
And then you say: “No thanks, I just want the $200 TV 😅”
But they keep repeating the $700 tv over and over and it gets annoying. That’s what the user is claiming that Tuta is doing.
I just got on Tuta and don’t want to do this every 3 years forever. Can you elaborate on Tuta upselling the customer? I just need reasonable encryption, basic mail service, and for my data not to be in the hands of psychopaths.
Every once in a while they’ll send you an email with special CSS styling so you can’t avoid seeing it and you can’t unsubscribe from it. They call it a newsletter. It’s advertising. It’s less news and more begging you to buy more of their stuff. Very occasionally they’ll bump new features onto a higher tier but still show that feature in your UI, with special CSS styling. God forbid if they try to upgrade your account but you deny because you’re happy with the features you have now and the amount you pay; they push harder and harder the longer you’re on a ‘legacy’ tier.
It happened to me. It’ll happen to you.
Tutanota for max security (no imap/pop3 support). Other services for using IMAP/POP3. But really, you shouldn’t be using email anyway if your goal is max security and privacy, simplex.chat is better for that.
Sigh…right. But people DO need email. For banks. For taxes. For governments, healthcare, and lots of other crap.
So yeah, I’m skipping the whole “encrypted mailbox no-knowledge”, since it’s both cumbersome and useless unless anyone around you ALSO uses it (otherwise, those super private emails can be way more easily intercepted during transit than in your inbox anyway).
I just want some attempt at privacy from some EU nation while keeping some decent interoperability.
Posteo
If you want a compatible, interoperable email service, then Mailbox. Tutanota is a propietary, centralised email system.
So any concern about mailbox.Org severs being in Berlin and Germany being apart of the 14eyes alliance?
Tutanota is also german, if I am not mistaken.
Tuta also doesn’t easily support pgp and has no plans to integrate it. “we encrypy our stuff for you, trust us bro”
This. You can’t use your client, not on your phone nor on your PC. Therefore Tutanota was never a viable option
