I’m considering finally jumping off gmail. I’m not going to host my own email since I just don’t have the skill to secure that thing well enough myself. Any mail server I set up would become a botnest within hours. So that has me looking at third party stuff.
Proton has a mostly good reputation, though their CEO’s twitter post a while back praising the Trump regime makes me question if I should trust them with anything. I don’t know enough about the entire situation to know if its just internet drama or a real concern, but anything involving Trump is a huge red flag for me.
Tuta looks pretty nice but I’ve read there are concerns about it being in a country that’s part of the 14 eyes collaboration, so it might not matter what the organization wants if the government of the region they are in says fuck off and do what we tell you.
On the lower end of concerns, I am in the Apple ecosystem. (boo hiss I know). I like the clean and simple built in apps like email and calendar and how the notifications all work across my watch, phone, mac and homepods. I like how safari can just jump in and throw an email alias at things for me. I like how all my stuff is managed. But I also know Apple could piss me off at any moment and make wild sweeping changes I might not like, so relying on them too much could screw me over someday. I dont know, right now I really like their setup but portability does seem to matter more ultimately so this switch does seem like a better idea in the long run, even if I’m giving up features I may enjoy.
What are your opinions on the privacy email and calendar services in 2025? Should I even both with a cloud based calendar in the first place?
You must log in or register to comment.
Rent a mail-hotel, set up your own mail there. That’s easy, and you are in full control.
migadu.com still works greta for my private domain. $20/yr plus whatever the domain costs ($1.90 in my case)
I jumped over to runbox with my custom domain. It costs me ~10€ per year and I had no issues thus far. IMAP works great which hasn’t been the case with gmail so I’m very satisfied.
I think the whole Proton drama has been way overexaggerated. And he doesn’t have a majority share in Proton. I think Proton Mail and Drive are great. If you choose Proton or Tutanota, you won’t be able to use external email clients (Proton has support for some if you pay). If you want to be able to use an external email client, I would recommend mailbox.org.
Whichever service to decide to switch to I’d recommend not deleting your gmail, just let it rot, you never know if you need access to that email again.
I’ve been migrating to Soverin and like it thus far. I’ve only done email and my calendaring though.
It’s not free but it’s also not overly costly.
I’m using disroot.org as my email provider, with a custom domain to easily switch if needed, but so far it’s been great It’s free for a little storage and you can buy more, it’s a non profit based in Netherlands
There is also riseup.net as a non profit email provider, servers in the US I think
Whatever your choice, go for one that supports personalized domains – and buy your own.
That way it’ll be less of a hassle if you need to change provider later.Coming up with a decent domain name has been the challenge for me. You can’t really put on to your cv or so something like me@thebestmfofalltime.com. You can but that doesn’t sound very professional.
It can look professional when you aren’t posting a gmail address and the domain isn’t poopypants.net
Pick something neutral that isn’t your name. Try a band name generator. JupiterEvolition.net or IdealMachine.XYZ,.which sound better than herpderp common gutter trash Gmail.com
Having a custom domain means you get things like me@IdealMachine.XYZ and also chosen.one@… And bestcandidate@… Etc. So you can make something for professional stuff, and then chocolate.starfish@IdealMachine.xyz to be funny.
I recently started migrating my email and went with mailbox.org. I opted for it based on it having a good balance of ethical/environmental stances, support for custom email domain (so email doesn’t feel like vendor lock in in the future), and a business model focusing on paid service.
There were a lot of options but ultimately I just wanted something “good enough” rather than spending weeks on comparing. A part of that decision was realizing I didn’t care about getting something with the best possible privacy - email is predominantly an insecure medium and things with E2EE work only if the recipient is in the same ecosystem, which is rare. In practice I’m not going to trust anything sensitive to email regardless, so I might as well prioritize picking something that looks like a decent and stable balance.
Mailbox.org has calendar but I haven’t really played with it much. I’m realistically going to look in to look in to something self hosted since I will require more features than most email providers will offer, so I don’t want to tether the two services. That was a part of the reasoning for Mailbox.org over something with more services - I wanted email, not something trying to be the next ecosystem - that’s what I was trying to get away from!
Chiming in from a USA user. Their webmail and suite run slow in the USA. Once it loads the page initially though, it uses localstorage.
However, back when I used them less than a year ago, they had random periods where the websuite did not load.
Finally, they have a really bad 2fa implementation that is not documented and I had to search Reddit to figure out how to log in.
This may be helpful: https://www.privacyguides.org/en/email/#recommended-providers
Mailbox.org is widely recommended.
Can’t recommend them enough. You can have your entire inbox encrypted without them holding the private key, unlike Tuta and Proton; which also allows use of open protocols instead of proprietary apps
As they use imap, caldav and carddav for email, calendar and contacts you can use any app you want e.g. thunderbird.
Edit: They even have a moving service so you can move your existing emails from gmail to them.
already being an apple user maybe you can buy your own domain and tie it to apple’s mail service. when you want exit just connect the domain to something else.
I use Tuta combined with Addy.io, and it’s been great. I never hand out the main email at Tuta, and if I ever want to pack up and move, I just tell Addy to change where to forward email.
I don’t think you need to worry about Tuta. Iirc, all of the encryption/decryption happens on your device, so they can’t see the content of your inbox, even if they wanted to. Their free tier is enough for me, and I just make sure to clean out any unwanted emails so I don’t hit the 1GB limit.
Now, there’s the caveat that encrypted email needs to be able to work with unencrypted email, so somewhere along the way, it’s possible somebody could figure out who you are and what you’re talking about by intercepting traffic or the endpoint, but if you need that level of privacy, email shouldn’t be trusted anyway.
The biggest benefit of encrypted email is a judge can’t force the company to hand over your inbox (because it’s encrypted), and you don’t have to worry about the parent company or whoever data mining it. But even if it’s in a country that could order data collection, and you “aim to misbehave,” I think it’s moot, since you should know better than to use email for that purpose.
anonaddy and simplelogin seem to replicate what I already do with icloud+ hide my email feature, but they also seem to have the same problem. data flows through them meaning they can all keep copies and sell that data, train AI on it, etc. all it takes is a shitty corporate merger and that security feature becomes a risk. So it looks like I would want to find an email provider that already offers unlimited email aliases since that would reduce the number of people handling the data.
If you’re willing to pay for it, Mailbox.org would be my choice. No provider will give that feature away for free (which I’m sure you know). My threat model can tolerate an extra hand via Addy, so I don’t mind them being there.
But no matter who you choose, email just isn’t the best option for true privacy. There will always be some cleartext email somewhere in the process, even if only sometimes. And as somebody once said, “No company is going to break the law for you.”
If you need an extra level of privacy with email specifically, your best option is to self host. That way you control both the server and the database/storage.
I wont self host email. I just don’t have the skill to properly protect a public-facing server. I’m smart, but only enough to know I’m outgunned there. I’m not running some grand criminal enterprise. It’s more of a concern that I’ve been a bit lax in my online privacy and with the worldwide rise in fascism, I feel I need to resist (or at the very least, inconvenience) those who could do me harm.
Use either Tuta or ProtonMail (I use both) with SimpleLogin aliases 
I. like the idea of simplelogin as it seems to do what I’m already doing with icloud plus but it suffers the same problem. the messages are flowing through a third party before they get to me. why would I trust a third party?
I’ve been using purelymail.com, $10 a year gets me just what I need, which is as many independent addresses and inboxes as I would reasonably need under a parent account. It is what it says on the tin, so there aren’t any extras like file storage. Granted, there is a bus factor associated with Purelymail since it looks like a one-man operation for now.
I’m not qualified to speak on cloud-based calendars since I design and print my own.
The one thing that stood out about Purelymail to me was having not just aliases, but fully separate inboxes. But I’d also suggest checking out Tuta, Posteo, mailbox.org, and FastMail. I had also used Proton and was considering upgrading my plan. What kept me back was the web interface getting heavier by the year and having to install Bridge to use another client wasn’t my cup of tea. E2EE is certainly a good feature, but I’ve never found myself sending an email to another Proton user and therefore have never taken advantage of it.
