Is Tuta a good alternative to gmail?

I've been using it for a few months now. Works just fine, doesn't do anything fancy but it doesn't need to. Filter rule creation is pretty limited, and the desktop client doesn't play well with my VPN for some reason, but otherwise it works fine.

It's not Tuta but I adore Fastmail.

No BS. No gimmicks. Just privacy aware, protocol conformant E-mail at a reasonable price.

5€/month for email? 😵
- Services cost money to run. Either you pay for the product or you are the product.
  
  Make your choice, name your poison. No skin off my nose in any case :)
- Yeah. Email's actually quite unpleasant (not hard) to do well. Look sideways at anyone doing it free or super-cheap.

Yes.

What did proton do wrong? Legit question, I'm out of the loop.

Nothing. It's just FUD.

Here's an article about it: https://medium.com/@ovenplayer/does-proton-really-support-trump-a-deeper-analysis-and-surprising-findings-aed4fee4305e

Even if the CEO did support the orange turd, I would personally still be able to separate his personal opinion from what the non profit is doing.
- He explicitly supported the republican party in its current guise. That's enough for me to run. Fastmail is where I've temporarily landed - would prefer somewhere away from Aussie jurisdiction, but it felt like the least-shit.
- Great source, thanks :)
- That was informative, thanks.
  
  I agree with you, I would be extremely surprised if the Proton CEO supported Trump.. I would say very unlikely.

I've used Tuta for more than 4 years. It's a solid choice if you accept a couple few things:

they're a small company, doing their best to survive.
you have to use their client apps. They take security very seriously and assume all of their users do as well.
prices might go up every few years but I am still paying my original rate, for my original features.
the search function does work but is very slow.

But otherwise, I'm very happy and expect to stay with them for the forseeable. Good luck in your search.

I am very happy with Proton.

If you don’t want to run your own mail server then there will always be a trade off somewhere. That trade off could be high costs to pay a tech firm to run a private mail server for you, could be lack of features, could be privacy, could be a lot of things. Even with your own mail server there will be trade offs around security etc. depending upon your skillset.

Personally, I have a hybrid approach.

Business is on a mail server
Personal with sensitive data (health, bills, etc.) is on a mail server
Personal - subscriptions, newsletters, etc. is on Proton
Everything else is on Gmail

I also have other accounts (e.g. DDG, Apple Mail, for specific use cases, but I forward the content I receive there into Gmail.

I’ve had a look at Tuta and haven’t seen enough to convince me to move anything there. I’m not going to move my mail servers to a cloud provider, Gmail is there because the address is 20 years’ old and I can’t be bothered updating everywhere that it’s used, and Proton has been great for years, has grown well, and has a corporate mission that I agree with. DDG, Apple Mail etc. is what the internet sees of me - They generate unique email addresses and then I forward the content I want into Gmail, or sometimes Proton.

~~Tuta and~~ Posteo are both pretty excellent (posteo is cheaper, but has a few less options that might be a deal breaker if you need them, like custom domain support).

Disroot is a good free option, and they offer custom domains after a one time donation.

Mailbox is okay, though they are known to have a very odd 2fa, and will recycle your address if you ever stop paying, allowing others to claim it and potentially impersonate you.

Posteo is unique in that they'll never delete your account for inactivity, or even if you stop paying, where they'll let you access and read emails, but not let you send them until you pay again.

Edit: apparently Tuta is going downhill according to others here, which is unfortunate :(

Posteo's lack of custom domain support can be augemented by using Addy.io or other similar email proxy/forward services.
thanks for mentioning disroot, that seems much more like what i was looking for than tuta which i was originally going to try out.
- @[email protected]
  
  Disroot is good, I've used them b4.
  
  @[email protected] @[email protected]
Mailbox.org beta offers regular 2FA setup via authenticator. I've been using it for months and I'm yet to run into any issues.

In general, I've been with MBO for almost a year and I'm happy with the service. You basically get a complete replacement for the google suite which you can use via your app(s) of choice.
- Glad to hear they're improving the 2FA! I did forget about their office suite and file storage ability, which does set them apart from all except Proton.
Do they compare similarly in regards to privacy?
- From what I understand, Tuta may have a slight edge theoretically, but email itself is a pretty poor protocol when it comes to privacy.
  
  Tuta was forced by court order to implement a message logger for an individual, but AFAIK all of their previous messages were encrypted and could not be read by Tuta, and therefore the Government could only see new unencrypted messages coming in before they were encrypted.
  
  Disroot only recently implemented at-rest encryption, so that should be fairly solid now. Posteo also allows you to encrypt your inbox and calendar at rest.
  
  Even with that, consider all private email providers as mostly just to avoid surveillance capitalism (to prevent your data from being mined and sold), but with only marginal protection from state agents.

I’ve tried tuta before. It seems pretty okay, but it doesn’t support IMAP meaning you have to use their app, and (at least for me) it was SLOW.

I personally use disroot, but there’s loads of other options, like mailfence seems like a decent alternative. Just pick one that supports IMAP

I'm using Tuta and their app for a few years now. The app was slow indeed but it's good now, no problems so far. Lack of IMAP support is justified with security, they say. I personaly don't need IMAP as I'm completely satisfied with the app, which is available officially in f-droid btw.
- yk, fair enough. if you like it, that’s fine by me

In comparison to Gmail? Yes, but that's a very low bar to clear. You need to be aware that Tuta are currently enshittifying. The product is getting worse and the price increases. It's slow, but it's happening. I switched to disroot.org after 2 years of Tuta because I got fed up with it.

It is in my Scrolls of Grudge, and I quote:

Ads in web UI for paying user.
Made it hard to cancel payment.
Newsletter is just upselling.
Can't unsub from newsletter.

I am a paid user of Tuta and I have never seen any ads. Where did you see them and what kind of ads?
- _drkt provided no proof of Tuta's enshittification. There are no paid ads for third party products in any Tuta UI. Don't panic yet. Read all the comments here, maybe.
NOOOOOOO! Shit! Ah, for the love of cthulu ... damnit!

Sigh ... this just bummed me out. Thanks for the info.

I've used Tuta for years, paid account with multiple custom domains.

I prefer them for their principles, but their clients are extremely frustrating. Emails load very slowly and their email search is basically unusable.

I've resorted to downloading old emails and using other clients to import and search through them. I really wish they would improve their email search.

yep, the app is SLOW
Appreciate the honest insight. Thanks for sharing. :)
Thunderbird/Betterbird?
- I should re-iterate I download the emails to use in an offline client. Their service doesn't support third party clients to receive and send email.
  
  When I do taxes, I need to search thousands of emails for receipts and the tuta apps make this impossible. This is my workaround.
- Tuta does not allow you to use third party email clients like Thunderbird.

I've had a bug with the android app where sometimes notifications for emails just don't happen. I've received a new email notification, opened the app, and found that the notification was for an email received 5 hours ago, and I didn't get any notification for the email 3 days ago or the email 1 hour ago.

Despite this issue and several other minor issues, I still recommend Tuta. Mostly because I can't find anything better.

If you're on Android, by any chance, have you gone through all the battery optimization, background process killing, and startup settings? Some OEM's versions of Android are real bad in that way. Giving the app the right settings and permissions may decrease the number of delayed notifications like that.
- I am using Android until I can find an alternative. I've turned off all optimisations I can find. I haven't had the issue in a few weeks, but it did happen once since changing settings. I'm hoping that something random I did (like a phone restart) somehow fixed everything.
This happens to me as well. It's a bit annoying but I still prefer it over others.

I’m currently planning on switching to Tuta as well. They have been the most recommended replacement since the proton incident.

No single organization should be trusted. "Emails paint an intimate narrative of ourselves — the people we talk to, the books we read, the politics we practice. This information is powerful. When we lose control over it, it can do great harm to ourselves and our loved ones." https://ideas.ted.com/why-we-should-all-care-about-encryption-really/

What's the practical takeaway here? Just don't have an email basically
- What’s the practical takeaway here? Just don’t have an email basically
  
  @[email protected] The takeaway here is not "don't use email at all." You can employ OpenPGP, and encrypt your emails. Also, host your own keys. Perhaps don’t allow a single corporation to have your private key and access to your encrypted messages simultaneously.
- Take control of your data. Host your own email or use a provider that cares about your privacy.
  
  We talk about this so often in privacy communities because, although emails are particularly difficult to secure, they're so important. Swapping your email provider or hosting your own is so easy to say and so hard to do, but so worth doing. I would suggest taking some steps towards FLOSS/FOSS and other privacy-friendly options in other areas first to get used to the idea of change and some of the difficulties you'll handle in that realm

Tuta's product is snake oil.

A cryptosystem is incoherent if its implementation is distributed by the same entity which it purports to secure against.

If you don't care about their (nonstandard, incompatible, and snake oil) end-to-end encryption feature and just want a freemium email provider which (purports to) protect your privacy in other ways, the fact that their flagship feature is snake oil should still be a red flag.

Is there anything about Startmail (company that does Startpage.com) that is worth avoiding? I've never paid for mail but if it's solid and avoids Google I might.
- StartPage/StartMail is owned by an adtech company who's website boasts that they "develop & grow our suite of privacy-focused products, and deliver high-intent customers to our advertising partners" 🤔
  
  They have a whitepaper which actually does a good job explaining how end-to-end encryption in a web browser (as Tuta, Protonmail, and others do) can be circumvented by a malicious server:
  
  The malleability of the JavaScript runtime environment means that auditing the future security of a piece of JavaScript code is impossible: The server providing the JavaScript could easily place a backdoor in the code, or the code could be modified at runtime through another script. This requires users to place the same measure of trust in the server providing the JavaScript as they would need to do with server-side handling of cryptography.
  
  However (i am not making this up!) they hilariously use this analysis to justify having implemented server-side OpenPGP instead 🤡

I started using fastmail, best thing I decided to do in awhile

I don't know if tuta and posteo have some special privacy features, but if you're just looking for a non-gmail provider I've been very happy with fastmail. It's an Australian provider with a good track record afaik.

Would also highly recommend getting your own domain if you can, so your address doesn't belong to whichever provider you choose.

I'm in the US. I wonder if there's any drawback to using an Australian provider. Like, will it get flagged or something?
- If it's Australian, don't expect strong privacy. But then again, I wouldn't expect that from a US based email provider either.
  
  Source: am Australian.
- I don't think so. I'm in Sweden myself.

I don't have the know how to talk about safety and privacy, but here are some caveats.

I think you have to use their client and can't add your adress to 3rd party clients like thunderbird. Their client is however nice to work with.

If you forgot your password, the only way to change it is by using a key that is given to you after account creation. Keep it safe! Check for spelling errors If you lost the note or it's not in you passwordmanager or whatever you use, your account is not recoverable. Their support can't help you reset your pw.

Other than that they make email encryption pretty easy with a checkbox right under the recipient in the email editor.

Another handy feature are the aliases. (Payed feature) You can set up some email adresses for certain purposes, and filter their traffic into different inboxes quite easily. If one of them.get's compromised, deactivate and move in. Your master adress is probably still usable.

What I do not like is the fact that paying customers get support first.

I don't get why they don't just make it a paid service entirely. Seems odd that email providers like to do that.
- Offering a free tier lets people try the service, and encourages them to become a paid user if they run up against the limits of the free tier.

Yes, I use it and generally like it. Their app is a little buggy, but they have email support and accept bug reports on GitHub. This is helpful for finding out what other users are seeing. It's a small dev team with frequent releases

Do you know if there's a difference in the frequency of releases of the f-droid version and the play store version?

I recommend mailbox.org instead.

I have the feeling people actually need to have the urge from panic to have to migrate all their data.

No PGP support kinda kills it imho

no

Care to elaborate?
- chodi joined lemmy 55 minutes ago. Ignore their non-reply and block
- yes

Haven't read anything bad about Tuta so I guess it's fine. Other good ones are Proton, mailbox.org or posteo.de. Anything that's not by Google, Microsoft, and so on.