Been a ProtonMail customer for years, still pretty dissatisfied. They've been promising U2F (a pretty standard security feature) for years, yet there is still no sign of it in this release. They've spent years obsessing over calendars for some reason instead of their core product. They also took a very long time to open source their IMAP bridge which caused me to further lose love for them.
PM also blatantly lie in their advertising. They cannot provide end-to-end encrypted mail because limitations in existing email protocols prevent it. All they can do is quickly wrap the contents of your mail in encryption once it has arrived.
With Apple now starting to offer unlimited email aliases to their premium users, I think ProtonMail will fall behind by only offering a handful.
The lack of U2F or YubiKey PGP support is sad and something they could allow.
But the lack of wide deployment of PGP is not their fault, surely they can't be blamed for that. It offers you the functionality and makes it quite trivial to use, assuming the recipient actually has a key. That's your contacts' job really.
True universal E2EE e-mail between people was something that Estonia tried by giving everyone access to S/MIME. Clients sucked and still suck in that aspect, it was rarely used because of that reason. The functionality no longer exists. Way ahead of its time I guess.
I was briefly a customer but after the first year I got very fed up with their billing model.
Most services offer either pre-paid subscriptions where you buy say a year upfront and it doesn't auto-renew and/or some auto-renewal where they charge your credit card at the end of the previous billing period. If you decide you don't want the service, you can, in the first case, simply not renew and in the second, you have to cancel but you're made quite aware that your credit card will be charged.
This is not the case however, with Protonmail.
With Protonmail, you can go through the whole checkout process without saving a credit card, which one would assume means the plan is prepaid, as it would be basically anywhere else on the internet.
But it's not possible to have a non-recurring payment on Protonmail. If they don't have a credit card on file, they'll put an "invoice" (what I not-so-fondly prefer to call a ransom) for the next billing period on your account, which they expect you to pay. If you don't pay, they block your _entire_ account.
If, for example, you buy a year of ProtonVPN to try it for a while and end up not liking it much but also don't think it necessary to explicitly cancel, at the end of the year you'll get an "invoice" for an entire year of ProtonVPN. If you try to ignore it, your Protonmail inbox will no longer be accessible. If you leave it for several months, you'll be forced to pay for them, even if your entire account was locked and services inaccessible for that time.
I've talked to support but they show zero sympathy.
The whole billing model feels like a malicious scam to me.
Fastmail user here -- likewise somewhat dissatisfied. A few points of comparison:
>U2F
Supported by FM desktop browser app, works well.
>unlimited email aliases
Yes, but the FM GUI does not scale. There's a linear list, access to it reached by picking through layers of UI salad down from the top view. List presentation is bulky; ordering by order of creation, only.
In case you haven't seen it, Fastmail supports subdomain addressing [0]. I use that to create ad hoc aliases for most services I sign up for and they don't clutter up the UI.
+1 FM - I use subdomain + wildcard alias + denylist any leaked alias instead of single aliases + allow list. This seems to works well enough for my use case (single user domain)
Because the beta experience is looking pretty good and the feature gaps are shrinking. It’s almost to the point where I would switch away from a DIY alternative for calendar, file sharing, etc.
All emails from ProtonMail to ProtonMail are end-to-end encrypted. For ProtonMail users who want to send end-to-end encrypted emails to non-ProtonMail users, we offer an Encrypt for Outside option. We also use zero-access encryption for data at rest that renders digital files inaccessible to the service provider.
ProtonMail relies on a subscription model, which means that users upgrade to get additional storage, more custom domains, priority support, etc. Because our users pay us to protect their privacy, our financial interests are perfectly aligned with theirs, and unlike adtech companies, we have no incentive to collect data on our users.
While there are certainly some areas in which ProtonMail can improve, how is E2E encryption via GPG 'incorrect'? Sure there is plain text metadata but other E2E encryption protocols have the same issue.
PM does not state that the E2EE they provide requires use of GPG. Like I said to others in the thread, it's lying by omission. It's made to sound like a 'it just works' feature when in reality 99% of your emails will never be E2EE secured because nobody uses GPG.
We provide privacy to everyone, which is why we offer a free plan. However, without paid features and paid services, the free version of ProtonMail would not be able to exist. Unlike adtech companies which spy on you and can hand your data to third parties (like advertisers), ProtonMail can't access your data and doesn't make money from ads. Therefore, paid features are necessary for us to put your privacy first while still offering a free plan.
With regards to IMAP, we offer Proton Bridge, which enables the integration of your ProtonMail account with email clients such as Outlook, Thunderbird and Apple Mail.
> end-to-end encrypted mail just works from a proton to a proton address.
This is no longer email, it's a proprietary messaging platform. They offer email to other email providers, and encrypted messaging to other protonmail users, and they bundle both message types into your email inbox.
Signal could bolt on an email transport to allow you to send and receive emails from Signal and that would be the same: communications within Signal would be encrypted, communications to external email servers would not be (any more "encrypted" than, say, gmail is).
Look at the landing page. It clearly advertises end-to-end encryption and claims PM cannot read your emails, which is false. It does not mention that E2EE is only available between PM users.
>Yes the whole infrastructure
Don't move the goalposts. You said the server. Their server is not open source.
How so? The storage is encrypted with a key they don't have. They can read all of the non-encrypted email traffic that passes through their servers, but that's true of any router in the path of nearly all email traffic as well.
They don't have the ability to decrypt the store of emails. This is valuable because most email hosting providers are one hack or subpoena away from being a massive info dump of all of their users.
What they're saying is they can't access your mail at rest, in your mailbox. I'm guessing they do spam and virus checks etc, which has to done decrypted and can be syphoned off to another store. I am suspicious of any mail service that makes the claims that they do based on how email works. Of course PGP is encrypted at point of origin, but that means that they can't be security checked, other than basic DNS auth checks. Less of an issue I grant you, but an issue none the less.
>Look at the landing page. It clearly advertises end-to-end encryption and claims PM cannot read your emails, which is false. It does not mention that E2EE is only available between PM users.
"GPG support" is "E2E support" though. Calling that false advertising is like calling "e-mail service" false advertising because it's actually "IMAP/SMTP service".
Yes, why so surprised? How else do they send and receive messages? Postfix scales extremely well and is used by most of the Fortune 500 in some capacity - either as edge servers, internal relays and as common-or-garden MTAs. The IMAP part is another server, at a guess something like Apache James or Oracle Communications Messaging Server, but possibly Cyrus (as Fastmail do) or Dovecot.
> They cannot provide end-to-end encrypted mail because limitations in existing email protocols prevent it. All they can do is quickly wrap the contents of your mail in encryption once it has arrived.
Based on my understanding, that claim is for people who use ProtonMail to email other ProtonMail users. In that situation, emails are indeed end-to-end encrypted, without you having to encrypt the email content yourself, first.
For those who don't know, if you plan to use a security model analogous to "one protonmail per account" please don't do this. I made maybe 1-3 new accounts every other week for 2-3 months and at random, Protonmail disabled all my accounts. This was not me making 2 accounts daily, there was no warning or really any indication that I was supposedly breaching their moronic "anti fraud" system.
I had to complain on their subreddit AND twitter for them to do anything about it and to this day I still receive notifications to backup emails that "I've received a new message in my protonmail account" but cannot actually access said protonmail account.
For now, I've just resorted to hosting email on namecheap and AWS, DO NOT consider protonmail as a "secure" stand in for gmail - it's flat out not worth it and their support is basically non-existent.
Tried ProtonMail a few years ago but couldn't find a reason to switch from Fastmail (which has been excellent IMO). The number one Fastmail feature for me their excellent support for Aliases, so I can run 5 different domains and multiple email addresses for each domain from a single interface. It didn't seem like Protonmail could do this as elegantly.
Yes. And ProtonMail could also, if they desire it (if that functionality isn't there already). Email is plaintext, if you don't want something to be read you need to encrypt it before it goes out the wire.
If you're saying they could change the functionality to reverse this or backdoor it then erm.. yes.. maybe.
I guess if you're not going to trust anyone (and personally I'd trust ProtonMail based on their honest blog posts, security responses and response to security blog posts criticising their work) then you'd want to self-host. But I'd argue at that point email isn't the solution you're looking for.
> Someone using a Gmail account sends an email to a ProtonMail account. When it arrives at ProtonMail, our servers can read that email because Gmail does not support end-to-end encryption. However, after receiving the email, we encrypt it immediately using the ProtonMail account owner’s public encryption key. Afterwards, we are no longer able to decrypt the message.
It's noted that they can potentially read it but they encrypt it right away. I'm not saying that they have the functionality to read it in that step, I'm saying they could add it if they chose to. It's their code, after all.
> I guess if you're not going to trust anyone (and personally I'd trust ProtonMail based on their honest blog posts, security responses and response to security blog posts criticising their work) then you'd want to self-host. But I'd argue at that point email isn't the solution you're looking for.
I think you're reading too much into my post. I'm saying that the potential exists for the provider to read the messages, simply because email is a plaintext protocol (outside of things like GPG and S/MIME which I insinuated but didn't actually mention). I do, however, agree with you that if you don't want to trust anyone than other solutions would be more beneficial.
I’ve been a Protonmail user for about a year. Previous to that I used GMail and Outlook.com.
My favorite thing about the new v4 interface is that it makes the settings mobile-friendly. My Filters (eg send all emails from x to Archive) can be easily updated from my phone. I couldn’t do that from Outlook or GMail.
PS to those holding off on Protonmail due to lack of support for catchall on your custom domains on the Pro plan, I recommend ForwardEmail.net. It’s free, privacy-focused and has worked perfectly for me.
I am a long time customer, but there are things that keep me from much using ProtonMail. My major pain point is lack of semantic understanding of e-mail content / calendar integration. When I get an email with a hotel or airline reservation, in my world, I want an automatically generated calendar entry. I try to limit my use of tech and devices to about four hours a day, but I want that time to be hyper productive.
I like ProtonVPN, no complaints about that.
I like their web interface in general, but having a combined email and calendar app for both iOS and iPadOS, with email/calendar auto calendar entries would be fantastic.
I mean, to provide semantic understanding of content, they need to read content, and the value proposition of ProtonMail is that it is E2E encrypted, i.e. they can't read your mail.
Thanks for your feedback. Proton Calendar is now available for all users, and as part of our work on calendar integrations, there is already functionality to add calendar invites (.ics files) sent to your email into your calendar with one click. However, further work will need to be done to make this even better.
It's amazing what they offer for free. But it is just a bit too amazing what it will cost to move my wife and 2 kids and our domains over. It's a shame, I do really want to pay them but I find it difficult to justify.
Or wait, now that I check again, it changed... I see that now I can have "1 - 5000 users *" for 6.25 eur/month? Is that real? A real inbox per user? Why is it only 6 users when I go to 24 eur/month? Do they mean aliases? I think they used to mean aliases... I'm confused now.
The Professional level is per user pricing and yes they are real user's. The Visionary plan is basically a discounted plan ($30/6 = $5/user vs $8/user) that has shared storage. At 4 people, the visionary plan sounds like the way to go.
Prices I see are a little bit different from what you are seeing but the pricing structure should be the same.
Oh yes so it’s 6.25 x the amount of users indeed. So that’s 25 a month for the family. It’s just a bit too much. I pays this per year now roughly with unlimited mailboxen. Sure, I’d pay more for ProtonMail, but not this much.
You could also consider buying a cheap, low-tier VPS somewhere and install Mailcow (https://github.com/mailcow/mailcow-dockerized). Takes around half an hour to set up, flawless, worry-free, fully-featured email stack on your own infrastructure. Comes in cheaper than ProtonMail, too.
Even if the VPS is $5 a month it’s way more than using Migadu[1] which has a $19 plan with “unlimited” domains and aliases. Not even mentioning the burden of configuring, upgrading, and maintaining mailcow.
End to end encryption in email is a myth (unless you actually go through the process of encrypting your messages with a PGP key—that can be done with any provider), all ProtonMail does is encrypt your email on receipt.
Sorry, that's what I meant. With a VPS you're in control of the retention policy. With a managed provider you basically have no idea. Encrypting on receipt mitigates this.
Which is why they include rspamd, an open source ML filter. Check out the repository, it’s really a nice solution. I’m not affiliated in any way other than being a happy user.
One thing I’ve heard in the past but I am not educated enough on the subject to understand, is that proton mail‘s privacy features only work if both sides of an email are encrypted, and since most people are not using proton mail, there isn’t a lot of value in it most of the time.
Is this true? Is this a service mainly for people who are emailing other people on similar services?
I don't use ProtonMail because I expect a secure chain of communication for all my correspondence. I use it because I want to avoid having my inbox in the hands of Google/Microsoft. But I'm only a casual user and maybe one day I'll be more serious about ProtonMail's privacy features.
I used fastmail for a bit but kept with gmail. I recently switched everything to protonmail. The key advantage of protonmail over fastmail is that protonmail doesn't have the private keys to your email storage.
What’s the usability or interface difference like between proton mail or fastmail, have you noticed any key differences in things like syncing or accessing with a mail client, etc.? Or just general features?
Protonmail now supports bridging (IMAP, SMTP, and POP3), but to get the benefit of an encrypted email store I exclusively use their clients (mobile and web app). It's not a perfect interface, but I don't have many complaints. The old web interface was annoying so I've been using the beta. It seemed well polished at the time so I'm happy to see that they consider it ready for their entire customer base.
I don't have experience with the protonmail's bridge, but so far I haven't experienced any outages or slow behavior.
I use a custom domain and I think protonmail and fastmail are feature parity in this area. Protonmail just offers fewer domains and addresses at a given tier.
Security is only as good as the weakest link. If you send an email to a non-ProtonMail address, then it is sent as normal emails are: no security but maybe some encryption in transit if you're lucky.
You can either get your recipient to get their own ProtonMail account (for free!), or use a protocol that was designed respecting security and privacy in the first place i.e. don't use any email service.
You can in theory get transparent pgp e2ee using two MUAs on separate PM accounts communicating with PM via PM Bridge. But it's simpler/easier to just use their web front end. No configuration/installation of MUA or Bridge required. At least this way you don't end up with a plaintext copy sitting in your MUA's outbox. In essence the encryption is applied one hop too late (by the Bridge) if you're concerned about the security of your client endpoint or filesystem.
They support OpenPGP in general so they interoperate as much as is practical.
Their open source software is used in other contexts as well. For example, their OpenPGP.js project is used by Mailvelope to add PGP to generic webmail.
Sure, if the person you send your message to receives his email on "leaky outdated OS with leaky outdated software" and refuses to use TLS. The chain is as strong as the weakest link in this case.
I've been a ProtonMail, and Beta ProtonMail user, for some time now. I do feel the Beta brought a lot of improvements, but for some reason they removed the VIM bindings halfway through the Beta and never reintroduced them. It's something that seems small, but really interrupts your flow when you can't use the j/k keys to scroll through your email on the web.
oh no... I've been holding off on the beta for precisely this reason. I'm a paid Protonmail user and I accept a lot of the tradeoffs of using it (no pop/imap, kind of a clunky client etc.), but this will definitely be the last straw. If I can't use another client & they break theirs, that will make me sad.
I got a ProtonMail account just weeks before the infamous hacking/ransom. The fact that they _paid the ransom_ made them a no-go for me, and I never started using the account.
Also, AIUI, the fact that their accounts are free makes the service attractive for spammers, so email sent via their mail servers tend to get marked as spam.
I have since moved from Gmail to Fastmail and like it quite a lot. Any reasons for why I should reevaluate?
Fastmail costs money, yes, but there are other free alternatives now like Tutanota, which I surmise has the same issue in regards to spam.
That was DDoS extortion, wasn't it? Probably cheaper and much faster than buying mitigation, I'd suspect they've improved in that aspect by now.
> Also, AIUI, the fact that their accounts are free makes the service attractive for spammers, so email sent via their mail servers tend to get marked as spam.
Yeah, it was DDoS. Attacks continued after they paid up, to no one's surprise.
When researching what email provider to choose a few years ago, I found a lot of tales about it being a haven for spammers and with the baggage all that entails, but maybe that was pure FUD? Difficult to tell in my position.
> I found a lot of tales about it being a haven for spammers and with the baggage all that entails, but maybe that was pure FUD?
There's simply so much more lower-hanging fruit for spamming. Why deal with the mess that is signing up and all that jazz? I'd say it's definitely a risk, like with all other providers, but not more so than with others.
Since 2015, we have built an entirely independent infrastructure that we run and operate ourselves, without relying on cloud providers. This has significantly reduced the risk of us being attacked via third parties.
With regards to abuse, we've invested heavily and improved the rigor of our anti-spam measures, which have been largely successful in combatting abuse.
One critical differentiator between ProtonMail and Fastmail is that we have zero access encryption, which means that we cannot read or access your inbox, providing a higher level of privacy.
If you are reading this protonmail, I would very much like to be able to have the emails within a thread sorted with the latest one on top, so that when I get many emails from a given emailer with the same subject, I do not end up at the bottom of the screen.
Thanks for the feedback. At the moment, emails in a thread are sorted with the latest one at the bottom. However, we'll share your feedback with the team to be considered.
Thank you. I know it is a little top-posty, but older email clients worked this way, and outlook.com still does. It makes more sense to me, for the same reason newer emails in the first column are at the top. Obviously this would need to be an option, as I'm sure there are people who prefer the current behavior.
Also, and I understand this is a reach, but if you could please ask you engineering team to rewrite the whole front end in htmx, that would be great. :)
The post is a little light on details: is this just a UI refresh? If so, it would be nice to hear what specifically was wrong with the old UI or in what ways the UI tangibly improves the process of writing, reading or managing emails.
UI refresh, SSO/persistent sessions, and because this crowd might care, the whole app was rewritten from scratch to transition from Angular v1 to React, which simply had to be done and retired an enormous amount of technical debt.
> Is there a secure mail server that I can self-host without reading a lot about how email works?
E-mail is generally very shitty to set-up, quite often because the software is just incredibly shit. It's easy to footgun in subtle ways.
Spam filters and spam filtering add an another layer of complexity that requires a reasonable amount of effort, building up reputation, flawless sending. Good luck if you ever end up on a blacklist.
I'm not saying it's impossible, some all-in-one product _might_ work and _might_ not be high-maintenance. Things like maddy sound very promising. But I'd be wary, especially when you don't know much about e-mail it's difficult to detect potential issues as well.
PM also blatantly lie in their advertising. They cannot provide end-to-end encrypted mail because limitations in existing email protocols prevent it. All they can do is quickly wrap the contents of your mail in encryption once it has arrived.
With Apple now starting to offer unlimited email aliases to their premium users, I think ProtonMail will fall behind by only offering a handful.