Lack of POP/IMAP is a big, major con. You're forced to use their web or native interfaces. They don't make this super obvious outside of an FAQ on their site. I signed up and then found out. I wonder how much churn that causes them.
This is the grand problem with email. At least two standards exist: PGP & SMIME
But... those aren’t particularly friendly and thus aren’t widely used. The main usability issue is a fundamental one, namely that management of crypto keys is hard.
Hearing that Protonmail requires their own client suggests to me that they’ve given up on the standards due to usability issues, and have instead adopted a managed key model like Apple’s iMessage.
iMessage is end-to-end encrypted, but Apple manages keys on your behalf. It’s not a bad compromise between privacy and usability depending on your threat model.
But, at this point I’m deeply suspicious of anything that isn’t standards based or that locks me into a particular vendor’s software. I’m therefore skeptical that we’ll satisfactorily solve email privacy for a majority of people in my lifetime.
EDIT: Thunderbird would work with Fastmail for encryption using PGP or SMIME (at least I think Thunderbird supports SMIME). Protonmail wouldn’t work, I’d guess.
> Thunderbird would work with Fastmail for encryption using PGP or SMIME (at least I think Thunderbird supports SMIME).
Thunderbird supports SMIME natively, just like most of email clients. But of course there are some usability issues, like you need to enable encryption each time per email, or require it for all emails, there is no middle ground like "encrypt if I have keys, do not encrypt otherwise".
