How much you paying for email hosting

Ympker

@emgh said:

@Ympker said:

@emgh said:

@Ympker said:
Outlook, GMX

My condolences

Thanks :P I guess Outlook is used by many people these days. 15GB mail limit as compared to 1GB from GMX is also nice. It's also not as annoying as GMX/Web.de . Like for many Germans, my first email provider was GMX (which is now up for sale, but was originally german provider). That's just a blast from the past, and while I have transferred most logins to gmail/outlook mails, I am sure there are at least a dozen I forgot that are still using GMX/Web.de hence why I kept it. Their web login has become tedious, though.

I’ve gotten way too comfortable, can’t stand anything but Gmail

I guess their use of data is really paying off in terms of spam filtering & categorization

It is. GMX spam filter is just horrible in comparison. Outlook is fine, but Gmail is the real MVP in terms of spam filtering imho.

fendix

@emgh said: Privacy however isn’t one of them

?? Germany is the way to go country in Europe in terms of privacy.

Arkas

I think from Nov 2023, MS Office 365 will no longer be supporting custom domains for emails on their non business and enterprise versions.

Mumbly

@emgh said:

@treesmokah said:

@Mumbly said:
mailbox.org 30eur/y

I am willing to compromise with budget vpses, but not with my main mail provider. Stable, security oriented long term solution here is important to me.

there was a drama regarding them. im trying to remember what it was, but in my conclusion - i have decided to never use their services.

Main page says privacy made in germany

Germany can produce a lot, cars, razors, metal, nazis and much more

Privacy however isn’t one of them

That's your guess - regarding mail provider, right?
I am not saying that protonmail, tutanota and mailbox.org are perfect in every aspect, but at least by reputation miles above any other privacy oriented mail provider most people use

I did not pick it by coincidence.
After doing my homework I tryed at least dozen mail providers. After that my short list was consisted with four providers (Runbox from .NO, Protonmail from .CH, Tutanota from .DE and Mailbox.org from .DE).
I picked mailbox.org because although in the same quality grop as protonmail I prefer all extra functionalities, jingles and bells mailbox.org offer + every potential upgrade in the future cost here much less than protonmail upgrades.
My second choice would be Tutanota.
World is not pefect and with thousands or millions of clients you have also this https://mailbox.org/en/post/transparency-report-2022 but they at least don't hide it.

Beside that it's not just privacy I picked one of those mail providers. It's long term continuity I can hope for.
I don't want to tinker, to migrate, to do anything mail related long term. I just want things to work in decades to come. And because of that I would never pick as example one man band here, where everything depend from one person no matter how good he is. Or how cheap service is. Like said I am willing to compromise with budget vpses, but not with my main mail provider.
2,5eur/monthly is nothing for peace in mind regarding my personal email needs.

Mumbly

@treesmokah said: there was a drama regarding them. im trying to remember what it was, but in my conclusion - i have decided to never use their services.

Yeah, I also heard rumours that their company owner don't like nazis, but I am not sure if that's somehow directly connected to the service this company offer.

P.S. I don't like nazis too, so no problem here.

A bit more about company:
https://mailbox.org/en/company#our-team
https://mailbox.org/en/company#our-history
https://mailbox.org/en/company#transparency-report

They seems active and take lead role in various initiatives like https://digitalcourage.de/en

treesmokah

@fendix said:

@emgh said: Privacy however isn’t one of them

?? Germany is the way to go country in Europe in terms of privacy.

lmao. germany is the biggest glowie spot in europe, cia and fbi has even their ppl on site there.

treesmokah

@Mumbly said: Yeah, I also heard that their company owner don't like nazis, but I am not sure if that's somehow directly connected to the service this company offer.

P.S. I don't like nazis too, so no problem here.

Can you define "nazi"?
Who do you consider a nazi?

Mumbly

@treesmokah said: Can you define "nazi"?

Ah, come on Joshua, you're the least person on this world worth to derail this thread for.

Arkas

No need to derail this thread with nazi posts.

treesmokah

@Mumbly said:

@treesmokah said: Can you define "nazi"?

Ah, come on Joshua, you're the least person on this world worth to derail this thread for.

lol, why do people think I'm Josh?
because I defend freedom of speech?

emgh

Damn I make a joke about nazis and there’s serious debate about who’s a nazi

If you try to start a serious debate when someone makes fun of nazis, well, i don’t even know, find a mirror, look at it, reflect

Mumbly

@emgh that was coincidence :P My response to your post was extensive explanation why I picked this provider and nothing more than that. I hoped that you will appreciate it :P

Anyway @treesmokah, if you have some worth to be mention dirt about mail provider of my choice I will gladly hear it (so lets google) as that's also my interest but anything more than that ... it's nice thread so lets keep it that way.

emgh

@fendix said:

@emgh said: Privacy however isn’t one of them

?? Germany is the way to go country in Europe in terms of privacy.

This is so off base it’s not even remotely true

Sweden has way better privancy laws (well, depending on who you ask, but way more bent towards integrity)

Also no EU country is THAT much different since they all follow EU regulation

And by definition is never that private

Not in a single EU country from what I know email providers don’t have to log IPs, they do

Proton also has given in to the Police and released this, because they had to

Dosen’t sound very private to me

emgh

@Mumbly said:
@emgh that was coincidence :P My response to your post was extensive explanation why I picked this provider and nothing more.

I didn’t mean you dw 😍😍

emgh

Also @Mumbly you’re correct about your assumption that I have no clue about the provider

I just based my argument on my personal opinion that no real privancy oriented email service, in my opinion, could be held where your details have to be logged and if requested sent to the police

Sure there’s less (no) targetted ads etc, but when it comes to what rules they have to follow it’s not much different compared to any other established company in the same jurisdiction

Obviously some providers might log more than required and ”help the police” more than required, but no one will by any means do less than required and quite frankly a lot is required

VPNs are much more free to do what they please since they’re not legally a ”interpersonal communication” service, emails though, are, and because of that, can’t be very private, in my personal view based soley on legality

Mumbly

@emgh said: Proton also has given in to the Police and released this, because they had to

Dosen’t sound very private to me

I don't think that they just gave it. As example from https://mailbox.org/en/post/transparency-report-2022 url above:

How we deal with requests

mailbox.org follows a standardised process when dealing with requests for information from official authorities. Each request will be comprehensively reviewed and assessed by our data protection officer and a lawyer, and then either processed or rejected accordingly. When a request gets rejected, the submitting authority may correct any errors and then resubmit for another review. Data will only be released by us if a related request is actually lawful and formally correct.

Or in case of proton mail.

Swiss law requires that a user be notified if an authority makes a request for their private data and such data is to be used in a criminal proceedings. However, in certain situations, notification can be delayed. The following are examples of such cases:

Where providing notice is temporarily prohibited by the Swiss legal process itself, by a Swiss court order, or applicable Swiss law
Where, based on information supplied by law enforcement, we, at our absolute discretion, believe that providing notice could create a risk of injury, death, or irreparable damage to an identifiable individual or group of individuals
As a general rule, though, targeted users will eventually be informed and afforded the opportunity to object to the data request, either to Proton or to the Swiss authorities.

and

We'll be unable to inform about or preserve data in relation to overly broad or vague requests. All requests must identify requested data with particularity and include the following:

The name of the issuing authority, name and badge or ID number of responsible agent, email address from a law enforcement domain, and direct contact phone number
The specific Proton account suspected of illegal activities (or link in case of Proton Drive)
A copy of the police report or court order (either foreign or domestic)
A copy of the MLAT or international assistance request (if available)
Any requests must be submitted by emailing [email protected].

What I am trying to say is that providers like protonmail, mailbox, tutanota... have at least lawyers to deal with those requests according to the law. That's more than we can hope from many other providers who don't have ability or will to counter this preasure and validate it according to the law.

Mumbly

@emgh said:
Also @Mumbly you’re correct about your assumption that I have no clue about the provider

Sure there’s less (no) targetted ads etc, but when it comes to what rules they have to follow it’s not much different compared to any other established company in the same jurisdiction

Obviously some providers might log more than required and ”help the police” more than required, but no one will by any means do less than required and quite frankly a lot is required

VPNs are much more free to do what they please since they’re not legally a ”interpersonal communication” service, emails though, are, and because of that, can’t be very private, in my personal view based soley on legality

I understand that and agree with this completely. I don't expect 100% immunity with any mail provider. The way how email service work that's impossible.
Whatever I picked, I picked it with reasonable expectations compared to the other mail providers.
Mail provide may not be able to protect me against legit .de gov request, but they may protect me at least against my .si employer civil case request (just as example).

emgh

@Mumbly my initial feel reading the Proton text, as a very cynical law student (obviously cynical), is that:

• They save logs
• They provide the logs when needed
• They might tell me
• They might tell me way later
• They might never tell me
• They’d like my money

Obviously it’s as you said better than Google though.

Mumbly

@emgh said: Obviously it’s as you said better than Google though.

And also better than any other who don't tell you all this ;-) Better than others who don't tell you clearly what they will do and won't do it for you.

Erisa

@emgh said:
@Mumbly my initial feel reading the Proton text, as a very cynical law student (obviously cynical), is that:

• They save logs
• They provide the logs when needed
• They might tell me
• They might tell me way later
• They might never tell me
• They’d like my money

Obviously it’s as you said better than Google though.

Least its just your logs, and not the actual mail.

Is that IP access logs mapping IP to time or anything more?

Mumbly

@Erisa said: Least its just your logs, and not the actual mail.

It can be also mail if .gov request is legit according to the law. From mailbox.org:

Data that authorities may be interested in

Contact data: This includes the name, address and phone number of the account holder, as well as details about their contract with us.
E-mail data: Access to all e-mails currently held in an account's mailbox.
Traffic data: The IP addresses associated with mail server logins when fetching, reading, or sending e-mails.
Telecommunications interception data: Obtained through the permanent surveillance of all ongoing e-mail communication of an account.

But like said my mail provider may not be able to protect me against legit .de gov request and in case of criminal activities I don't even expect that, but they may protect me at least against my .si employer civil case request (~as example).
But then again, there are other tools for enhanced privacy protection with those providers as example:

Erisa

@Mumbly said: It can be also mail if .gov request is legit accorting to the law. From mailbox.org:

Well, @emgh was talking about Proton, and I was continuing from that. Sorry for the confusion

emgh

@Erisa said:

@emgh said:
@Mumbly my initial feel reading the Proton text, as a very cynical law student (obviously cynical), is that:

• They save logs
• They provide the logs when needed
• They might tell me
• They might tell me way later
• They might never tell me
• They’d like my money

Obviously it’s as you said better than Google though.

Least its just your logs, and not the actual mail.

Is that IP access logs mapping IP to time or anything more?

Honestly I wouldn’t know

Reading this: https://web.archive.org/web/20190812201003/https://protonmail.com/blog/protonmail-threat-model/

I’d say the police usually gets IP details & metadata, which mostly seems to consist of subject lines

Skimmed it on my phone though in 15 seconds so there’s a 50 % chance I’m wrong

The blog post linked is a way better source in other words😁

Envida

@Ympker said:

@emgh said:

@Ympker said:
Outlook, GMX

My condolences

Thanks :P I guess Outlook is used by many people these days. 15GB mail limit as compared to 1GB from GMX is also nice. It's also not as annoying as GMX/Web.de . Like for many Germans, my first email provider was GMX (which is now up for sale, but was originally german provider). That's just a blast from the past, and while I have transferred most logins to gmail/outlook mails, I am sure there are at least a dozen I forgot that are still using GMX/Web.de hence why I kept it. Their web login has become tedious, though.

Microsoft are changing the way storage works in Outlook. Attachments, even existing ones, now count towards OneDrive storage - not Outlook storage. For standard free accounts that's 5GB. plain email storage is still 15GB though. Its catching quite a few people out. Just something to watch for.

https://www.theregister.com/2023/04/06/microsoft_outlook_onedrive_storage/?td=rt-3a

emgh

@Mumbly said:

@Erisa said: Least its just your logs, and not the actual mail.

It can be also mail if .gov request is legit according to the law. From mailbox.org:

Data that authorities may be interested in

Contact data: This includes the name, address and phone number of the account holder, as well as details about their contract with us.
E-mail data: Access to all e-mails currently held in an account's mailbox.
Traffic data: The IP addresses associated with mail server logins when fetching, reading, or sending e-mails.
Telecommunications interception data: Obtained through the permanent surveillance of all ongoing e-mail communication of an account.

But like said my mail provider may not be able to protect me against legit .de gov request and in case of criminal activities I don't even expect that, but they may protect me at least against my .si employer civil case request (~as example).
But then again, there are other tools for enhanced privacy protection with those providers as example:

Then the interesting question really is; is what you’re paying actually protecting you more? How easily compelled are Google, Microsoft and other large companies to give user details to ”randoms” without legal ground?

It’s not a retorical question, I really don’t know.

Mumbly

I don't think there's much difference among them in this aspect. If they need to hand the data according to the local law they will do it.
Main difference is imho. administstive part (they have legal department to validate and potentialy refuse those requests) and technical (they have implemented solutions like PGP for enhanced privacy protection), but at the end of the day no mail provider will protect you if you will crash your small plane into their tower.

Edit.
That's responde to the previous @Erisa post, not the one above.
I don't know what Google and Microsoft do in those cases.
And there's also question how easily compelled are mxroute and other smaller companies to give user details to ”randoms” without legal ground?

emgh

@Mumbly said:
I don't think there's much difference among them in this aspect. If they need to hand the data according to the local law they will do it.
Main difference is imho. administstive part (they have legal department to validate and potentialy refuse those requests) and technical (they have implemented solutions like PGP for enhanced privacy protection), but at the end of the day no mail provider will protect you if you will crash your small plane into their tower.

Can you define "a small plane"?
Who do you consider a tower?

Kindy

microsoft 365. 24usd/year

Mumbly

@emgh said: Can you define "a small plane"?
Who do you consider a tower?

That was related to the 11 september attack or whatever threatening to the national security one do.

emgh

@Mumbly said:

@emgh said: Can you define "a small plane"?
Who do you consider a tower?

That was related to the 11 september attack or whatever threatening to the national security one do.

Who’s security? How do you define national?

To be clear: /s