I need to change ISPs and need to find a new email provider. This time I want to move to my own domain which I purchased through Namecheap and I do not want to use another ISP’s email system nor do I want to use Google, or Microsoft since I am Linux (and Android too) based. I would like this to be US based or at least have a strong US presence so obvious choices like Proton Mail, Mailfence, and Mailbox.org are out. I would prefer it interoperate well with FOSS software too, I use Thunderbird and K-9 Mail for example. Also so want them to be trustworthy, have good security, and have good OpSec with respect to their their servers and service.

After looking I find three I am considering and they are quite different:

  • Fastmail. Long history. No PGP support but they do have their own domains one can use also.
  • Namecheap Private Email. Uses Ox App Suite, may support PGP, and quite new. I think you have to have your own domain (not sure).
  • Forward Email (forwardemail.net). A forwarder with IMAP support. You supply the webmail if you want webmail, but otherwise it should work fine with IMAP and normal clients.

So questions:

  • Any thoughts and experience, pros and cons with the above 3.
  • Other better ideas.

So thoughts? Thanks.

  • Estebiu@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    4
    ·
    4 months ago

    Email in itself is an outdated protocol. Even if you’re selfhosting it, and have the best opsec practices; if the other person uses gmail then you’re fucked anyway.

    • tal
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      4 months ago

      Not having mandatory security is a legit issue, but there isn’t a drop-in replacement that does, not in 2024. You’re gonna need widespread support, support for file transfer, federated operation, resistance to abuse, client software on many platforms, etc.

      And email security is way down the list of things that I’d be concerned about. At least with email, you’ve got PGP-based security. If you’re worried about other people’s mail providers attacking mail you send them, that’s getting into “do you trust certificate authorities to grant certificates” territory, because most secure protocols are dependent upon trusting that.

      Like, XMPP with OTR is maybe a real option for messaging, but that’s not email.

      EDIT: Not to mention that XMPP doesn’t mandate security either.