Started to move off Google’s services to proton:
You must log in or register to comment.
Thank u for using a transparent gif. It’s refreshing and delicious.
Wait till you try transparent pngs. It’ll be like it should have always been.
Aaaaaa I meant png this whole time. My life is ogre.
If you have Proton Premium point your domain to SimpleLogin and use it. Its included with Proton Premium. Its helped me root out 2 places so far that have sold my email address or were compromised and failed to disclosure.
i also use proton, but i just use a custom address with every unique vendor/account. i know almost immediately who sold my address. it also prevents hacked systems from matching addresses in other systems.
Yes that’s what SimpleLogin does and its part of the Proton umbrella. You can use your own custom domain or a SimpleLogin domain to create email addresses. It also enables you to send from the custom addresses so the end user never learns your true email address. SimpleLogin also has mobile apps so you can create addresses very easily.
Serious question, why SimpleLogin vs Proton aliases?
You cannot turn off the proton aliases, one of my aliases (those with +) got compromised and I’m still getting phishing emails on that one. You can create a rule for that mail but you cannot completely disable it. There is also Proton Pass which does the same as SimpleLogin and also stores Passwords. You should check it out as well.
You cannot turn off the proton aliases
What do you mean? Of course you can.
if youre running a full domain, you dont even need to manually create alias’ unless you need to reply/send as.
i’ve found i rarely need to do that, so you can literally just use an email address literally off the top of your head, have it all forwarded to a catch all and youre done. none of this extra service stuff. again, unless you require ‘send as/aliasing’.
I’ve caught a couple but they weren’t subtle about it at all. I got an email from Norton antivirus that referenced the seller directly. No shame.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters DNS Domain Name Service/System IMAP Internet Message Access Protocol for email SMTP Simple Mail Transfer Protocol
3 acronyms in this thread; the most compressed thread commented on today has 5 acronyms.
[Thread #396 for this sub, first seen 2nd Jan 2024, 10:25] [FAQ] [Full list] [Contact] [Source code]
I moved off to zoho
Much cheaper than proton and offers much more.
They’re not doing like proton and close basic stuff like IMAP and SMTP as a way to force you on the official apps
I especially love the feature where you can bounce emails based on domains, keywords or TLDs. My spam folder is finally empty. IMHO bounce back spam is much better, as the spammers get a response that the address is invalid and hopefully stop wasting their limited computing resources on that address.
Zoho is not open source, but proton is a “fake” open source that is mostly used for marketing: they opened only the UI, which communicates with a proprietary protocol to a proprietary server - useless. They also reject or ignore any pull request on GitHub.
They’re not doing like proton and close basic stuff like IMAP and SMTP as a way to force you on the official apps
The reason Proton cannot do IMAP/SMTP is that they cannot read your emails which is required for both. That’s a feature, not a bug.
PM works with any app as long as the app implements their custom protocol for which there are at least two FOSS implementations as a reference.
proton is a “fake” open source that is mostly used for marketing: they opened only the UI, which communicates with a proprietary protocol to a proprietary server - useless
While I’d also prefer their back-end to be OSS, it’s not nearly as critical as the clients.
As a user, it doesn’t make a difference. I’m paying for an opaque service either way.All the interesting stuff (E2EE, zero access storage) happen in the clients anyways. The BE is fairly uninteresting; it’s a mail server + zero-access encryption + Proton account handling. If you really wanted to build a mail service similar to Proton, you could build that yourself and probably would have to anyways.
i think instead the opposite. The backend is the real interesting part, and the only way that we can be sure that “they cannot read the emails” (they arrive in clear, saved with reversible encryption and they have a key for it - if you use their services to commit crimes they will collaborate with the law enforcement agencies like everyone else)
imap/smtp can be toggled with a warning, if that’s really their concern. As of now i have the feeling that’s instead blocked to keep users inside (no IMAP = no easy migration to somewhere else) or to limit usage (no SMTP = no sending mass email)
The backend is the real interesting part, and the only way that we can be sure that “they cannot read the emails”
While I’d still prefer it, OSS can’t really help with that because what’s really required here is remote attestation.
That is an unsolved problem to my knowledge; there is no way to know which software they’re actually running. Even if they published the source code, they could trivially apply a patch in their deployment that stores all incoming email somewhere and you’d be none the wiser.Even if they published source code and could somehow prove to you that they’re running a version derived from it, you would still not be safe from surveillance as one could simply MITM all connections. See i.e. https://notes.valdikss.org.ru/jabber.ru-mitm/.
That’s likely one of the reasons they do everything they can to make PGP accessible to every user.
imap/smtp can be toggled with a warning, if that’s really their concern
It’s plain and simply not how their service works. They’d have to build most of their service a second time but unencrypted.
It’s like asking Signal to build in support for IRC; it does not make sense for them to do that in any way without malicious intent needed.
no IMAP = no easy migration to somewhere else
You have IMAP access via the bridge. That’s what it’s for.
My experience with Proton has been really great so far. Constant steady improvements to their services and UI/UX, I wish I had switched to them sooner.
Not a good idea to use your own domain. Use Proton Pass with domains you share with all the other users.
Why do you think it’s not a good idea to use your own domain? I’ve been doing it for years with Tutanota, it’s great.
I already answered this question
What makes you think Proton is trustworthy?
I don’t trust anyone. You don’t have to trust them. That’s the point. Everything is open source and encrypted.
But aside from that they’ve been audited several times and they have a good reputation in the community.
