I spent the past month "de-Googling" my life after I saw a notice in my Gmail inbox that it was 20 years old. I took a step back and realized just how invested into the Google ecosystem I was. Gmail, Calendar, Docs, Drive, Maps, Keep, Photos, YouTube, FitBit, Android. Basically my entire digital life. My goal was more diversifying than security/privacy, but security/privacy is a really nice bonus.
I ended up going with Proton because they had a good solution for mail, calendar, and drive which I was looking to replace. I set up my custom domain to point to it and have my Gmail forwarding to it - any time I get an email to the old Gmail address I go change it on the website or delete the account altogether.
For Google Docs / Keep, I switched over to Obsidian and pay for the sync there. It's a great replacement for my main use case of Docs / Keep which is just a dumping ground for ideas.
For Google Photos, I now self-host Immich in Hetzner on a VPS with a 1TB storage box mounted via SSHFS. I use Tailscale to connect to it. It took a few days to use Google Takeout + immich-go to upload all the photos (~300GB of data) but it's working really well now. Only costs $10/mo for the VPS and 1TB of storage.
Android I think I'll be stuck on - I have a Pixel 8 Pro that technically supports Graphene but there are too many trade-offs there. Next time I need a new phone I'll take a serious look at Fairphone but I think the Pixel 8 Pro should last a few more years.
My FitBit Versa is really old and starting to die - I ordered one of the new Pebble watches and am patiently waiting for it to ship!
YouTube I'm stuck on because that's where the content is. I have yet to find a suitable replacement for Google Maps - OpenStreetMap is still really hard to use and gives bad directions.
>Proton
Using proton as well, but if you're stuck on the free tier you can't use any 3rd party email clients.
>YouTube
Using Google takeout for Youtube will give you a .csv of your subscriptions and playlists (just be sure to un-check getting a download of your videos). From there you can get the rss feeds and use RSSguard as a subscription viewer/media player, this site was a big help in figuring things out https://charlesthomas.dev/blog/converting-my-youtube-subscri....
(From that link, about adding new subscriptions)
>The only real trick is that most YouTube channels use a vanity URL and it’s more complicated to get the channel ID in those instances.
Go to the channel's videos page ( https://youtube.com/.../videos ) -> right-click -> View page source -> search for "rssUrl" . It'll look like https://www.youtube.com/feeds/videos.xml?channel_id=UC...
Bonus: Replace the "?channel_id=UC..." with "?playlist_id=UULF..." to get a feed without shorts and livestreams.
I love Proton but the idea of subscribing and committing to renew annually is a turn off. There's probably be a huge market behind the psychology of this.
They should offer a lifetime option for the core service and monetize the add-ons and new features.
That's exactly the reason why so many people prefer giving up their data, their privacy, their freedom.
Personally I'm happy to pay proton a few bucks a month to not have to give up those things.
I'm not criticizing those that do, just that given my financial situation the trade off is simply not worth it.
Hushmail was great for me, until I couldn't reclaim my inbox after the subscription expired (but there's no free option).
Other services deprecate or get weird. Hopefully Proton keeps going in the good direction.
Paying for a service that you use on an ongoing basis and that is very important (like email) is probably the best possible choice, since it aligns what you're paying for and what the company is working on. In the model you suggest the core service will atrophy slowly because the money is in the add-ons. This is why I'm happy to pay annually for my Fastmail account.
I like mapy.com as a Google Maps replacement. It's essentially a very good OSM renderer, with a great website and app, including offline access, routing, and real-time traffic. Also very good bike/hike routing, if that's your jam.
But there's no substitute for GMap's POI database.
I second mapy. I've replaced Google maps with this one ~5 years ago and never looked back. You can download specific maps for a country and within that specific federal states to reduce space consumed. I use it mostly for biking and hiking - you can plan tours with scaling duration/kilometers which is nice for a region you are unfamiliar with. Like parent wrote, offline access, routing, RT traffic. Can recommend.
For a mobile and offline-friendly solution, organicmaps.app is brilliant!
> supports Graphene but there are too many trade-offs there
What are the tradeoffs? I have been following GrapheneOS for a while, and it doesn't seem like there are many tradeoffs.
> OpenStreetMap is still really hard to use and gives bad directions.
OpenStreetMap is a database, and most commercial services that are not Google use it. E.g. Uber or Lyft.
You just need to find an app that you like. CoMaps is nice, OSMAnd has a lot of feature but the UX is harder. And of course you can contribute to OSM and make it even better than it is! You'll see it's a great community!
I use https://brouter.de/brouter-web on my laptop. Someone told me that you can use brouter as the nav engine for Osmand and thus greatly improve speed and accuracy for navigation, but I have not yet tried this.
And I recently installed GMaps WV from Fdroid as a wrapper for Google Maps. It gives current traffic information but I don't really know if it is even close to gmaps.
Can you use GrapheneOS with your bank app? With a digital wallet for NFC cards? With Uber or Lyft? (Asking seriously, not rhetorically.)
My understanding from looking into this two years ago is that it's hit or miss for banks (depending on if they opt into device attestation stuff), no for NFC / Google Wallet, and yes for Uber / Lyft.
Apparently the common workaround for the Google Wallet stuff is to pair a GrapheneOS phone with a stock Android smartwatch.
Edit: Here's some additional information on banking apps: https://privsec.dev/posts/android/banking-applications-compa...
Apparently the common recommendation these days is to use Curve Pay as a virtual card provider on GrapheneOS, which can then route to arbitrary underlying cards. And evidently Google Wallet does work for things that aren't payment cards (airline tickets, transit passes, etc.) on GrapheneOS.
I've been running GrapheneOS for over a year and have had zero issues with 3 different banks, and all credit cards. I'm sure there are issues with some banks, but I've never seen them. I don't use Google Wallet, and never wanted to so if that's a consideration...
I use Graphene but with Google play store app. Here in Europe my banking apps and 2fa apps (SecureGo) work flawlessly. NFC cards work with PassAndroid and FOSSwallet, both from Fdroid. I've had issues installing rather new games via the play store, but most often it takes a couple of tries or a waiting period to work in the end.
My friend uses a pretty hardened (as per him; I didn't indulge him when he wanted to give me the gory details) Graphene setup on his few years old Pixel.
Bank apps - as per him none work. Uber (no Lyft here; other taxi apps) work flawless. Payment apps, he said is a coin toss. On his phone even WhatsApp doesn't work. He anyway prefers Signal (which prob. nobody else uses in his circle except maybe me who has it installed on a secondary phone) or plain SMS. Basically most of the "normal" apps that add integrity checks don't work but he is fine with that.
Re: the bank apps: that really depends on the bank and the country. I live in a eu-west country and there are afaik no apps that do not run on Graphene (which did suprise me I must admit).
Whatsapp can work if you use sandboxed Google Play (I still use a Google account, I just don't want gplay to have effectively root on my device).
Depending on the level of integrity check your app might just work. Gory details: https://grapheneos.org/articles/attestation-compatibility-gu...
And like others said: no contactless payment, but I dont use that personally anyway.
Yes, these would be my concerns as well. In the past, I would install custom ROMs. Then I stopped doing that and would only root my device. But of late, way, way too many apps refuse to work if rooted (apps that used to be fine with it before).
Now I just accept life as it is.
Contactless payments is the the big one that doesn't work and probably won't. You can do in app payments via Google pay though
Many banking apps work fine though not all.
Luckily my German bank (Volksbank) has its own NFC app on Android. Much maligned years ago when it was announced (why can't they just let me use Google Pay??), I at least have come to the conclusion that it has granted me a freedom that Google does not.
I use it with my bank app ymmv
This is a question that I rarely see answered but would love to know as well.
Someone showed me OSMAnd recently while we were hiking. I installed it as soon as I got home. Great for hiking.
Then last week I used it for navigation (on a phone with no SIM card).
Absolutely. Terrible.
Worst navigation app I've seen. Told me to make a turn at an intersection that did not allow turns. Then at another intersection, it told me to "Turn left", but the display clearly showed it going straight. I'm guessing that the straight road probably is angled 1 degree or something at the intersection and the app was viewing that as a turn.
This is a really interesting feedback. I've used OSMand for maybe five years, and never had issues like you're describing. I've always felt that the search was absolutely awful, so I used Google Maps for that and then put the points of interest into my map. Nevertheless, I find the display particularly dense and confusing to configure, and so I also have been using Organic Maps lately, which may provide a simplified experience that's a bit more polished.
I wonder if there was some issue with the map data in the area you were driving in that led to the issues you experienced. I've used OSMand in Belize, Mexico, California, Connecticut, New York, New Hampshire, Vermont, and Maine and had a good experience, especially with the offline maps.
I get similar navigation issues with Google maps. I still use Google maps for driving because the live traffic is important to me, but other posts on here mention other apps with live traffic so I'll give them a try.
For an open source Android app for OpenStreetMap data, I like Organic Maps, and it normally works great with locally-cached maps. I've had better luck with it than with Google Maps or Apple Maps on phones.
(Though, I should mention that twice in the last year I've had Organic Maps become hopelessly confused about where I was, and where I should go. Both times, it had gotten a good GPS location, but then got confused while being out for an extended period of time, like maybe it was dead-reckoning only after that initial lock.)
Regarding Organic Maps: I would recommend keeping tabs on what is happening there since this year. They seem to be having significant governance issues.
https://community.openstreetmap.org/t/organic-maps-open-lett...
Short story: forget Organic Maps, use successor CoMaps or competitor OsmAnd.
I was vaguely aware of this drama but hadn't looked into it. After reading through your link, I've switched over to Comaps. I don't like lack of transparency in community driven projects. Appreciate the flag!
+1 for organic maps. Have used it hiking and travelling all over the world. Never had any issues with it.
Not had any GPS problems other than that time I was in an area where it was being jammed. Bloody Russians.
I found myself in a similar situation and also started de-googling, which is much nicer and liberating than I was fearing.
I did the exact same thing with Immich (what a great software, by the way!).
And in case it helps:
Instead of always relying on google maps, I now mostly use CoMaps (https://www.comaps.app/). Way better than using directly OpenStreetMap. And for my Pixel 7, I switched to LineageOS with gapps (https://lineageos.org/) and I'm not missing anything and am very happy with it.
Also, I'm trying now Nextcloud (https://nextcloud.com/), with a setup similar to Immich, and now I do believe there is life beyond google, and it's a better life.
Why did you switch to LineageOS and not Graphene with your pixel 7?
Convenience. It will be maintained for much longer. And I'm used to it by now.
Does Immich read real file names of photos from iOS Photos metadata? I don't even know whether Apple preserves it and exposes to other apps?
I used Ente and I learned all the files I had "added/uploaded" to iCloud photos had lost their real names (that I had painstakingly given them over the years/decades) when ente exported to those photos back on my laptop via their desktop app and were these long random uuid strings kinda names. That was my yikes moment and I was glad I had still kept my photos outside of iCloud and Ente. And it is not even Ente's fault. Apple does this skullbuggery.
Are there PAYG hosted instanes of Immich?
Do you mean skulduggery or was that a deliberate 'bone apple tea'?
> OpenStreetMap is still really hard to use and gives bad directions.
https://www.magicearth.com/ works well for car navigation with OSM data, and https://cycle.travel/ is the best way to navigate on a bike, also with OSM data.
In which country do you live, if I might ask?
Was about to mention magic earth, but of course someone else has recommended it already. Was talking with a coworker about degoogling and they brought up this. Surprisingly works good enough where I live.
I am very interested in moving my photos and data to a self-hosted solution but am a little anxious about backups.
Do you simply trust hetzner to not lose the data on your 1TB storage box?
(I am aware that I am currently trusting google and dropbox to do just that.)
Set up your Hetzner boxes in a European location so that they are in the same network zone. Activate automatic snapshots and Hetzner does 7 snapshots (a full image of your box) a day. The snapshot is never saved at the same location as the server running your box, but at one of the other locations in the same network zone.
It is still viable to self-host everything from photos to mail yourself and sync to cloud/storage services as disaster recovery. It helps if you have an infrastructure background but anyone can set this up. Never trust just one service; no company is too big to fail and durability is always best effort, even if that effort is very good. Mail is the most annoying service to self-host, not because it's technically difficult but because deliverability is a long-term reputation function that easily deteriorates from misconfiguration or neglect. Nevertheless I've been my own MX and storage provider since the early '90s and it's too late to change my ways now, you just have to keep up with the gold standard as it varies.
The biggest hazard, especially if the whole family uses your stuff, is key-person risk, since infrastructure requires maintenance. The second biggest is being out of your depth in securing it.
My only regret in all my years of self-hosting was that time I returned a portable /24 to APNIC. Still stings even if it was the right thing to do, civically speaking.
I retain gmail & hotmail accounts for deliverability checks and as signup swamps.
To be fair if both google and dropbox can't take care of 1TB of data, who can?
My solution against photo anxiety is to actually look at them and decide to physically print the best ones every year. More likely to be used as gifts or just fun to look through them in a photo album, nobody is going to sit next to you on a phone or computer but bring out an old photo album and everyone is on it.
I do professional wedding photography as a side business.
Yes, please print your photos! I love it when my clients print their photos, and I print my favorites as well. There's still something magical about a real, physical photo vs. digital.
I have vast archives of digital photos and you know what? I barely look at them, but I have prints up all over my walls, in my wallet, etc and I enjoy them all the time.
Back it up to S3 glacier, or to Backblaze. The cost of it is pretty low, much lower than a VPS / bare metal box + 1 TB cost for the photo app hosting.
Technically I have no big doubts about S3 Glacier.
But what happens if you don't use that stuff for a long time. You are in hospital when the bill needs to get paid. Your credit card gets stolen and the number needs to changed. Whatever personal crisis that you are not able to take care of life as usual for some weeks. They will just delete your data before you are back in business.
Does anyone know how long it takes, how many warning mails will come? I have very little data in AWS, but I more or less constantly feeling it might happen to me. Maybe not because of such big crisis, but just the simple fact that my bank will reject the automatic payment requiring a PSD2 second factor and I miss the email...
It takes a couple of months for an unpaid AWS account to get it suspended. Then you have 30 days to reactivate it. Then you have 90 days before the data are actually wiped from the Glacier. You have half a year, or maybe more, to get your backup data.
The price of Glacier Deep Archive is roughly $1/mo per terabyte. (I struggled to produce 500 GB of photos in 15 years.) Set up a dedicated AWS account, put $50 on it, set up a yearly auto-payment of $10, and you're likely safe for several years of nonpayment.
Retrieval is not free though, something like $20-40 for retrieval from tape, and about $90 for a terabyte of egress traffic. Okay for the rare occasion of a full restore.
Backblaze B2 is $6/mo per terabyte, and they only give you 44 days of grace period before deletion for nonpayment. But the traffic is free either way, up to 3x the amount stored per month. They are good for frequent full backups, and for doing full restores periodically.
Yeah I stopped paying for my AWS domain, and they kept sending me new invoice every month for 2 years. (last month I paid all ~24 invoices and deleted the domain).
On android I degoogled almost everything by using Fossify apps. Only gmail and maps remain for obvious reasons. My photos are now synced with Syncthing through my wireguard vpn. Calendar/Notes have local backups that are also synced. The simple camera I use (fossify too) works with physical directories instead of meta directories that I hate.
I've taken steps to degoogle too, but like you I've rather stuck on Android because over the years I've ossified a set of tools I like (KeepassDX and Syncthing are really important, and Firefox on Android is actually damn good).
GrapheneOS lets you use Play Store apps
Which you need to buy a Pixel to be able to use, Pixel being Google's phones. Bit of a Catch-22 there. I guess you could buy one used.
It's quite possible to use Android without a Google account.
You should set up a local machine for Immich. I’ve got it running locally, with the photos on spinning rust and thumbs and db on NVME. It’s mind blowing how fast it is. Scroll to three years ago, lift the mouse button, and every thumb loads in a quarter second. Data intensive stuff is when you notice that the server is in the next room. It’ll pay for itself in a couple years. Treat yourself. :)
I started degoogling 4 years ago.
I'm still using docs, sheets, drive and maps.
Most of it because my clients use it. But drive and maps out of convenience. Don't know if there even exist something with a similar feature set as maps.
I probably could move my stuff to proto drive but the docs and sheets integration is vital for me.
Mapy.com (previously Mapy.cz) has global coverage too. App too, and imho its cartography is good.
I degoogled and deappled and ended up with a Sonim flip phone. It’s like, Android 11 without Google services but I don’t mind the lack of security because there’s basically no personal data on it.
I’m amazed at the feature parity of immich, it works great. Jellyfin for media and Pydio for Dropbox/drive functionality, email via infomaniak 12$ a year.
Haha almost identical experience but self hosting immich with off site backups. Wild how difficult it is to change your email with certain websites! Several months later still fighting with various sites.
I have an iphone so I use Apple maps and an icloud based obsidian vault, and that is all that is tied to Apple which feels fine for now.
There is CoMaps on iOS that is open source and is based on OpenStreetMap. Highly recommended.
I am also in the process of doing the same with Gmail to Proton. The process isn't really that painful and kind of fun, actually. Anytime I get an email on Gmail, I go and update it to point to my Proton email.
Note that they mention using a custom domain. I strongly encourage you to do this (sounds like you don't), because then you don't depend on the mail provider. After Gmail, I started using my own domain and changed provider every year (Proton, Fastmail, and I landed on Migadu).
The key is that if you have your domain, you can swap the provider and nobody has to know about it.
How do you de-google yourself properly when every 3rd website stops working entirely unless you whitelist some google stuff in your content blocker?
1) "De-googling" doesn't need to be a binary, all-in or all-out situation. Any reduction in reliance of Google (or any single point of failure) is good. Diversifying the big stuff (mail, storage, etc.) is a great start. About last on the list is worrying about the occasional allowance for gstatic.com or whatever.
2) While I occasionally need to allow some scripts from google, it's absolutely nowhere near 1/3rd of sites.
I've de-Googled myself and this idea does not match my reality.
I've largely de-Googled myself, but not my family. The only Gmail I have is from a few old accounts that hardly ever email me anymore; I've been on Apple's email, calendar, photos, etc. for years, and use Kagi for search. Nor do I feel any pull back toward Google. The biggest involvement I have is for the correspondents I have who are still using Gmail; every time I email them, my stuff ends up in Google's system.
It is almost always blocking first party JavaScript and XHRs that causes breakages. I have rarely had to enable Google anything in uMatrix to get a site to work (more often it is Cloudflare), and it is only if the site insists on reCAPTCHA.
Switch to an iPhone.
Apple's software and services (sync, drive, photo backup etc) are so inferior, especially compared with Google's (technically speaking), you'd be anyway forced to use third party (often cross platform) solutions. No risk of going deep into Apple's ecosystem ;-)
Having used both Google and Apple for notes, calendar, docs, cloud back up (general files) and photos I have come to believe Google has the better tech but Apple has the better product. It fascinates me how Google just can’t design a simple and intuitive UI for its products, which are by all means technically superior.
I'm a happy icloud photos user. Other sync is not so good, but icloud photos works fine.
How many photos do you have in iCloud?
I have 40k. Works fine.
Apple limits other apps from performing actual syncing without being in the foreground. That’s a lockin feature.
iCloud stuff is generally fine, except for iCloud Drive which is atrocious.
What’s the point though? So you don’t come across as a Google shill?
Not the author, but it's nice to support alternatives.
I’ve been a Fastmail user for years, having left Gmail. It works great and have nothing be but praise for them. I use my own domain with them so if I decide to leave it’s not an issue worrying about updating people with my new email.
Fastmail is kind of a weird service. If you stop paying they release your email for someone else to take over. Pretty unacceptable this day and age.
The trick is in never ever touching the username@paid-main-provider.tld to give out to anyone. It's just for logging in.
My mailbox.org username is literally three random short Engish dict words concatnated by underscores (e.g jet_sit_gill@mailbox.org) just to ensure I'd never share that email with anyone. I only use my domain's email addresses. This way there's ZERO lock, zero fear of them giving my email to someone else and staying with the domain provider for a day longer than I have to.
For email addresses on others' domains here
- icloud.com came with the devices (I honestly have not thought about what happens to these if I have zero Apple device at one point in future :D)
- tutanota(barely ever used; just to support them I paid until they removed the 12/year plan)
- protonmail, and sdf.org (ARPA)
All of these at least let me hold on to the email address even with little resources when I stop paying or have an unpaid a/c. So little risk of email goign to someone else. And I never use these for anything important anyway.
For temp emails - duck.com, HideMyEmail (stopped using this one for new accounts though).
This does not appear correct. I lost my original account in 2013 and the handle is extremely unique, and I just tried to reregister it, and it won't allow it. ("Sorry, [redacted]@fastmail.fm has already been taken.")
Are you sure you didn't confuse domains? My original handle is on fastmail.fm, but it will let me register that on fastmail.com.
I really wish all mail providers made it easy and seamless to bring your own domain (or register and manage one in the background for you, without you having to care for the details). Obviously giving a service-tied email domain to users is a great lock-in strategy. But it's worrying that so many people have a big part of their online identity tied to Google.
(You can even sign up for a Google Account without GMail, using a third-party domain. And this is distinct from Google Workspace, or whatever they're calling it today. You get a normal, regular, personal Google Account, just without GMail and using your own non-gmail.com address.)
Fastmail makes it super easy to bring your own domains. As many as you want even on their cheapest plan.
Yes, I use Google (that's rare; when I 'must' must) with a icloud.com temp hidemyemail address created Google a/c.
This would be easily solved for customers who care about it by allowing you to pay a one-off fee to reserve the name for ~100 years.
Or they could just absorb that.
Any idea why it works that way? Have they offered an explanation?
I'm a Fastmail customer but I've never noticed this because I use my own domain.
With Fastmail, creating an email alias is free, and quick -- I have dozens myself. There's good reason FM would not want these to be tied up forever.
Could the above report have lost the distinction between original, paid-for Fastmail address, and user-created free aliases to it?
When you move to a new house the old address becomes available for mail eventually.
Email is used a single factor (either because of magic links or forgot password flows), so the impact is much larger than getting your snail mail sent to someone else.
Also, whoever takes your old residence is probably not malicious (they just want the house because they want a house), but whoever takes your email address is much more likely to be malicious (as the acquisition cost is low and it scales).
I don't think that's true. Some years ago I did a free trial with them (did not pay anything). More recently I decided to actually sign up (for a paid account) and the email address I used for the free trial years ago was not available. I eventually got that username only after contacting support and giving them the date on which I started that free trial, to prove it was me.
Definitely not acceptable, sounds like not good thinking. Consumer protections might exist in the US for this.
I use Fastmail with my own domain. I am not sure of the logic that says paying $60/year for email is fine, but $8/year for a domain is a bridge too far.
Do that, it's a non-issue, though I do agree with you that it shouldn't be a thing (or at least have like a multiple year embargo on the address).
Using domain for identification carries a similar risk though? If for whatever reason you stop renting the domain somebody else can rent your identification. You are not locked into an email provider but you are locked into a rented domain and the whole domain marketplace rules, by extension. At least with most email providers your email address is not supposed to be resold (likely with fastmail too judging by the responses).
Am I missing something?
> Do that, it's a non-issue
I think the issue is why use an email provider that has designed such a glaring security hole into their system? Does it not raise questions about their judgment in other matters that are less visible to the user?
First, it’s not been established that they do have that security hole. Someone upthread said the email address they used during a fastmail trial was no longer available when they tried to sign up later because they didn’t want to give out the address again.
Second, and I don’t know how much weight this carries - but I personally know some of the people on the Fastmail team. They’re some of the most thoughtful, steady engineers I’ve ever met. Every time I’ve criticised something about Fastmail to my friends there, it turns out they’ve had the same discussion internally and immediately tell me about a bunch of arguments I hadn’t thought of which explain their final product choices. I wish much more of my software was made at companies like that. They have excellent judgement. They’re absolutely the right kind of people to host a long lived email service.
You can find several discussions of this practice online, including people commenting that they receive email for previous holders of those ids.
The commenter above may have never deleted the alias to release it for reuse.
Reusing email addresses is pretty universally considered terrible practice. So you may want to discuss it with your friends there.
Domain names work the same way -- once you stop paying for it, someone else can buy and use it.
Do you have the same problem with domain names? If so, how would you propose to fix it?
That's incredibly dishonest reasoning. Are you seriously telling me that unless people have a solution for fixing DNS, commercial email should be free to hand out used email addresses? Seriously?
Isn't it more like fixing whois than fixing DNS? It's the name registration part while "fixing DNS" seems like it carries a lot of additional baggage that doesn't map to the "service username" space.
Sure.
Now that you've said what you wanted to say about how dishonest the question is, would you like to either answer it or explain why the analogy fails to hold?
Are you the type of person who thinks it's okay to dump garbage on your neighbor's lawn because governments haven't been successful at stopping pollution? Because that's the extract same rhetoric you're using.
It's OK that you don't want to answer the question.
It's okay that you can't comprehend a straightforward answer.
It is easier to change MX records for your personal domain.
At one point in the late 90s the U.S. Post Office was going to host email. Sadly, it didn’t happen.
You don't have reserved/registered post bags (with a identifier at a certain post office) in your country? Or not available to individual users?
How's that different from any other provider?
At the very least it's weird when you consider their privacy focused marketing and the fact that it costs them like nothing to delete the data but mark that email taken.
Most prevent your username/email from being reused but restrict access or storage. From what I've seen, the delay often ranges from 30 days to years (but not guaranteed).
This way - many different providers either lock that username away and throw the key (even you can't get it again; some give you the key instead of throwing away but no space in their home until you pay again) and some just graciously offer a free plan with that address whith little or barely any resources (which is actually great and very generious of them). Which ones? Google around and you shall find.
Any provider with a free tier doesn’t have the issue so that covers a lot of them
That is 100% unacceptable.
not if you use your own domain they don't.
So does mailbox do from OP. Just after some time, depending on which package you had. Eg after your light package expired, the address is free for reregistration after 90 days.
I find it "meh" as well.
I was really happy with Fastmail as well. Before that I used ProtonMail, which was annoying because it forced me to install their bridge and use their encryption stuff.
After Fastmail I went to Migadu, and it's absolutely great. I have never seen support requests getting answers that quickly :-).
I don’t see masked email feature in Migadu, is there one? Useful for burner services
I use identities for this:
https://migadu.com/guides/identities/
I can send as the address, and emails arrive in my normal mailbox. I also use them for giving self-hosted services their own address/password to email me.
How's migadu's email ip reputation? Also do you have to create these identities in that admin panel to use or you can use it on the go like duck.com or Apple's hide my email?
Not sure on the reputation, but I personally haven't had any issues emailing people using gmail or microsoft. They have a good DNS Diagnostics page that checks all your domains DKIM/SPF/DMARC settings.
I've been using identities created in the admin panel, but they do have subdomain addresses where everything to *@user.domain goes to user@domain, and you can configure a 'Catchall' address (and of course 'plus addresses'). I haven't used either though.
Like you, I am a happy long-term user of Fastmail. In addition to the excellent mail and calendar service, their tech support is top-notch: fast and generally providing the correct answer in their first communication.
How dod you that? I am paying them thousands per year and support is neither good nor fast.
And my requests are usually well written as we deal with emails a lot and understand how it works (if you pardon my slight bragging)
I'm in the process of switching from Gmail to FastMail. They were the only ones who met one of my requirements: Receive all email for all my domains and deliver it to one inbox with labels.
I really like that they offer a Gmail migration, including an initial import and _ongoing Inbox sync_. It only syncs the Inbox though, not spam (which is sometimes legit, especially with Gmail) or mail that gets immediately archived by a rule.
I created an alternate domain so I could try them out and perform the switch after a significant evaluation period. Since they have advanced options for figuring out which address to reply to an email with and how, it works seamlessly with gmail and with the catch-all for domains.
I could go on and on. The only thing I miss from Gmail is custom notification sounds. I don't like my email notifications having the default OS sound. Oh and you can't migrate stars/icons for emails. I wish I could do that and convert them to labels, but not a big deal.
> can't migrate stars/icons for emails.
(1) Create s label for starred emails, eg "Star-struck". A Unicode star would do if you like it literal.
(2) In gmail, search for "is:starred", mark all on the page, then "mark all matching emails".
(3) Drop the "Star-struck" tag on them. Now you can migrate it as a normal tag.
I am a person who doesn't have any brand loyalty. If there's something else that's better or has the same features at the same cost, I will go for it. That being said, Fastmail has been great. Besides the unlimited domains and masked email features, I never had an issue with my emails ending up in someone else's spam folder. This is crucial to me not to lose a client or a job, or even government communications. Some might argue about security/privacy, but emails are never meant to be that medium for secure communications. Even with PGP you would still leak metadata, so if you are after security, don't use email. Other than that, I will be after reliability and ease of use features.
In particular, encrypted email provides privacy but not anonymity. You need some sort of onion routing system for that. Back in the day people would set up such routing systems for email.
It turns out that most people don't really need anonymity. That is why most systems these days don't bother the user with all the associated hassle. Briar and Session come to mind as contemporary examples of such things.
That’s the thing, you never left Gmail, since most recipients use it. You have to play by Google’s rules for deliverability across all mail providers. It cannot be “left.”
Is there a way to use Fastmail such that you run a receive email server but use Fastmail to send?
I don't mind running an email server for receive. I despise all the hoops you have to jump through for send deliverability.
Something to be aware of if you're considering mailbox.org:
https://userforum-en.mailbox.org/topic/anti-spoofing-for-cus...
Another thing is that they appear to have some spam scanning on outbound emails and when they detect something suspicious they simply drop the email silently, and nobody will ever know about it.
Oh, thank you. I recently considered moving from posteo.de to mailbox.org, but I think I won't anymore regarding such an issue took so long to even be considered as a problem and as I understand is still not solved.
Oh, thank you. I didn't know that. Anyway, I'm not using a custom domain on mailbox, I use my custom mail domain with another service.
Unfortunately this is common in many smtp servers and is configuration dependent: After you authenticate as usera@example.com you can send emails as userb@example.com.
> This was a tough decision, having used Gmail since 2007/2008. However, I had to draw the line and stop giving Google my data for free. > > The problem with email is that everything is transmitted in plain text.
Interestingly, one of my biggest problems with Gmail is that they don't allow actual plaintext. I used to routinely collaborate with developers who were vision-impaired, and the official Gmail phone app wouldn't let me send them plaintext email. Instead, it was some sort of HTML thing. Unfortunately, we sometimes sent code snippets to each other over email, and though admittedly it looked more or less fine, Gmail changed the underlying representation enough that my collaborators' screen readers would mess up on the parsing.
This led to me leaving Gmail on my phone, which led ultimately to me leaving Gmail entirely.
Use another email client, such as Apple Mail if you’re on an iPhone. I believe it defaults to plaintext.
I think you use the term "plain text" differently from the author of the post. I think they refer to the fact that there is no end to end encryption. Google has access to the clear text of all messages and can index/analyze them.
The article does call out plain text email without formatting or attachments. Plain text typically refers to visual formatting, while clear text refers to lack of encryption.
That sounds like a problem with the Gmail webmail client -- I don't think Gmail does that when used over IMAP with an external client?
the web client can send plain text, it's only the mobile client that doesn't have an option to do so
Oh, OK, that's good to know. Regardless the point is that it's a client issue.
I have been using mailbox.org for a few years and no complaints. I don't think the web UI is amazing but I use it via Thunderbird so it doesn't affect me.
If you use your own email client and your own domain name, you don't really need to worry about UI with email providers at all (as long as your provider supports those features). And your own domain name makes it easy to move around in future if you need to.
I don't really have any plans to move away from mailbox.org, though I just saw the post about Thunderbird offering an email service in the future. That might actually prompt me to move as I'd like to support the makers of a FOSS email client I've been happily using for years.
It doesn't sound like they do on-disk encryption like ProtonMail. Is that right?
You mean e2e? on-disk encryption (ie. "encryption at rest") is basically used by everyone, including gmail and outlook.
You can tell how well I've researched this ;) but yes.
Indeed. The HTTPS connection is enecrypted, and they TRY to use TLS first when delivering mail, but it will fall back to cleartext easily if the other end doesn't support TLS.
Mailbox doesn’t support it, but on mailbox you can use your IMAP app with Proton not.
And on mailbox you can easily send and receive PGP encrypted mail on mailbox.org. They provide a page for key import, allowing you to send encrypted emails like regular mail when needed.
It’s your choice, if you always want to use proton mail app everywhere you can use proton.
I've set the bridge as background Daemon so I barely know it's there.
I use IMAP with Proton. Thunderbird is my main mail client. You just need to install the bridge.
Yes but only if you install the bridge as I wrote in my blog post, and on iOS iPadOS? You can’t use Apple Mail app.
Don’t do it! We are just switching back from mailbox.org to Google.
- OXdrive is terrible and does not retain file backups like Dropbox or Google Drive. Nearly lost a lot of files when a co-worker deleted his duplicate OXdrive folder.
- NO 2-factor for the business tariff. Major red flag, especially for a company that claims privacy focus.
- Very low functionality software suite.
Etherpad - I cannot figure out a use case
OX office suite: Every cloud alternative is so much better.
Video conferencing: No single sign on across mailbox.org meaning you have to login again to setup a meeting.
Email client still has only a Folder philosophy- tags would be so much better.
All in all we had high spirits but were very disappointed by the pretty bad feature set. For private Email it might be fine.
Still would never recommend it after 8 month of use.
I started the get itchy about so much of my life sitting on Google about 5 years ago, so I decided to take the leap to Fastmail and haven’t looked back.
Didn’t need to do anything special for the migration. The in house importer they offer pulled over 80GB in a day and I was set from there.
Fastmail isn’t going to give you end to end encryption - but - I think just shedding a major Google service is a massive win privacy-wise.
I remember briefly looking into Proton but the search was awful.
I'm thinking of leaving Google workspace for fastmail, but worried a bit about giving future employees email addresses/access. I hate being tied to Google but it provides a decent suite of things, and unlike M365 they actually work.
> I started the get itchy about so much of my life sitting on Google
For me and my partner was enough when Google started collecting info about purchases/delivery orders on gmail and dumping it in some separated page without any consent nor notification.
We moved to Proton but once they changed branding and starting introducing additional services beside mailbox we knew they enter milking-out path. Their newest AI plaything was reason to leave.
This solves the "dependence on Gmail" problem (which is definitely a worthy problem to solve) but not the general "dependence on a particular mail provider" problem. The next step in this walk-down-the-risk-chain is self-hosting on a VPS, where you're now just dependent on your VPS provider, and the next step could be self-hosting on your own metal, where you're now just dependent on your ISP. Happy trails!
What bothered me about Gmail was that it was central to my life and if something were to happen and they locked my account they have zero support.
With that out of the way I feel perfectly happy with FM — no need to go further down the paranoia hole.
I'm on fastmail with an xyz.dev domain and keep a gmail for legacy purposes. Unfortunately some email validators will reject my short FM address.
Right. Everyone has to keep a Gmail address as backup because of all these edge cases. For one, some domains (like yours) are just rejected. I tried to register an account with a huge corporate SMTP provider recently but they've not updated their allowed gTLD in 10 years and their devs fought me for weeks telling me it was my domain that was wrong, not their system until they finally gave in.
And secondly, many sites, like Reddit, use a Gmail address as some sort of signal of quality. You can avoid a lot of new account bans on Reddit simply by registering with a Gmail instead of your own domain.
Backup your data. Email is data. It is easy enough to do and frees you from many problems. You restore from backup and go on with life.
Self-hosting seems a bit extreme. The first step is actually to have your own custom domain, so that you can change provider easily. Granted you still depend on a provider, but you are not locked in.
> self-hosting on your own metal, where you're now just dependent on your ISP
Your ISP, the hardware not failing, needing to do routine maintenance and (expensive!) upgrades, having room in your house, having consistent power to your servers, possible theft, natural disasters causing you to lose your home, etc.
There's a reason I use a VPS for hosting a lot of things haha. Mostly because I live in a small apartment and don't have room for a server rack.
It's more about diversifying at least that was my intention when I moved mail to a new provider.
Unfortunately, most big mail providers won’t accept email from your self-hosted mail server, even with DKIM, SPF, etc. So, diversifying is as good as it gets.
Has this been tested recently? I had no problem sending mail to my own Gmail account from my own server. Even without SPF (then I got a bunch of spam spoof bounces and realized I forgot SPF)
I've been self-hosting E-mail for a long time (which itself probably helps with reputation), and I very rarely have deliverability problems.
Which is why you should buy your own domain so you can easily move to another provider.
And backup your emails of course.
I wonder how many more people have lost access to their DNS than to their email account. When you lease a domain (you can't buy domains), you have to periodically renew your lease - this is much more likely to be a problem than typical mail accounts. And if you lose your domain, and someone buys it, they now get all of your email - a much worse situation than Google locking out of your account. And there is no chance to appeal - again much worse than even Google's terrible user help.
It’s not been a problem for me. The registrars I use are pretty vocal about expiring payment credentials, and if I were really worried they allow stacking multiple methods to fall back on, some of which have their own fallbacks (like PayPal). In theory paying for longer periods in one go could help, but ironically that might make it worse since you’re more likely to forget about a renewal happening 5 or 10 years from now than you are one that recurs every year.
I have zero data to justify my assumption...but i assume less people lose their domain vs folks who lose access to their email. That being said, fully agreed that managing one's domain name - especially the one tied to your mail email address - is so critically important to protect. Big brand domain name leasers, er, um, i mean registrars (BTW, agreed with you on only being able to *lease* domains) tend to offer extra account protection like multi-factor authentication, which should be the bare minimum that is used. At some point, if someone is managing LOTS of domain names, i get that it can be a burden...but for low number of domains (or even just 1 or 2 domains for a family), i think focusing on good security and keeping on payment aspects is not so tough...and helps immensely from getting negatively impacted.
I own a domain that I use as my primary email address, but it's a "premium" domain that costs quite a bit to lease every year. To me the main concern here is that my payment fails, I don't notice, the domain goes up for sale and somebody grabs it. Then they have access to everything.
So, I use my personal domain for all mail except anything that's "vital" like government websites, banking, paying rent, etc. for which I use my email provider's domain. And of course I'm registered with my domain registrar with a different email domain.
If you can afford it, renew the domain for 10 years into the future (which means having it paid for till 2035, for example). Every year, renew the domain for one more year so that it’s always paid for 10 years into the future. If payment fails or you’re busy with something else, you’d still have several years of no worrying (some caveats and risks may still apply depending on the TLD and registrar).
That's a good idea, I might see if I can do it. It was registered with Google Domains but got transferred over to Squarespace, idk if they offer long-term renewals.
I don't think long term renewals exist for premium domains.
You probably shouldn't use a premium domain unless you really need one. It's just a money grab by registrars and registries.
Hi @TranquilMarmot, first off, i think the recommendation from @AnonC on their long term approach to registering a domain name is absolutely brilliant! Do that!
Another recommendation you should consider is to find a domain that ends in one of the common top-level domains - like .COM, .NET, or .ORG - because for using with *vital government services* you would not believe how many good natured civil servants (or for that manner even customer service folks in private/commercial companies too!) have no idea that email addresses can end in something other than .com, .net, or .org...and if you try to give them an address that, say, ends in like .FR, or .CC, or .ME, etc...They will try to place a ".com" at the end of it! My experience shows that folks in the U.S. know far less about other TLDs...and are more likely to commit this error, but folks outside of U.S. are perfectly cool with all manner of different TLS. I have had a somesurname.CC domain name as the mailbox for all my family members for more than a decade...and they are all trained to be LOUD and explicit when they communicate to government workers and customer service folks. So, i should have just gotten an easier TLD, but ah well. Live and learn! :-)
EDIT: Forgot to add that choossing the more common .COM, .NET, or .ORG TLDs for a domain name *tends* to be cheaper than many premium domains names. Each registrar wil of course vary, but mostly these tend to be reasonably priced.
> but folks outside of U.S. are perfectly cool with all manner of different TLS.
Users in other countries are very likely to be more familiar with both their own local domain, and have probably also experienced websites from neighbouring countries, while your average American has never even seen a website with a .us domain (never even seen it used myself), and are a lot less likely to have needed to go to a .ca or .mx website.
That said, I'd expect to get a similar reaction from people in other countries if you said your email was firstname.lastname@mydomain.christmas, or whatever other funny top level domain.
> Users in other countries are very likely to be more familiar with both their own local domain, and have probably also experienced websites from neighbouring countries, while your average American has never even seen a website with a .us domain (never even seen it used myself), and are a lot less likely to have needed to go to a .ca or .mx website...
Yeah, agreed; that has been my experience as well. And in fact, i think that because folks outside U.S. are at least familiar with the TLDs of their neighboring countries, that fact at least helps them understand that there are more TLDs out there than simply their country's or only .com/.net/.org...its an awareness that they at least learn about...whereas folks in the U.s. might be - i don't know - maybe sheltered more in these things.
> ...That said, I'd expect to get a similar reaction from people in other countries if you said your email was firstname.lastname@mydomain.christmas, or whatever other funny top level domain...
True, there are just so many TLDs - well, outside the country code TLDs - now that it is hard to know what is real/valid or not. :-)
That hasn't been my experience in US. Login.gov, Social Security, Global Entry, etc. all work perfectly fine with Proton (@pm.me) domains. At least, so far.
To clarify my point, i mean that over the years, as i have engaged with *human beings* in situations that involve in real life/physical interaction (like standing in line at motrovehilces, getting passport photos at county clerk office, etc., it had been an interesting thing having to briefly explain to folks that .com, .net, and .org are not the only valid TLDs for email addresses....and where i most encountered that is gov. services as well as customer service reps.
To your point, agreed that *logins* for web site/apps and mobile apps are usually not an issue for my non- .com/.net/.org email addresses. In fact, for logins, gov services tend to be quite accomoddating and i don't ever think i had any issues there, and usually not a problem...But, years ago i *DID* encounter a couple of commercial/business/non-gov websites where they only expected .com/.net/.org email address...so it was a problem there on the non-gov website side of things...but even then, it thankfully was not very often, and nowadays its nearly a non-issue.
Again, my recommendation was just saying that for real, human interactions, if its possible, pick a common enough TLD to make life easier. ;-)
Yeah, I was using my own (used Pobox for SMTP in Gmail) — admittedly that made the transition easier.
There's no reason to self-host your e-mail server. As long as you own your domain, you can simply point the DNS to a different provider when you want to switch.
The big problem with Fastmail is that they’re a US-based host, so non-US citizens still get zero privacy.
Fastmail is australian.
Yes, but they host in the US.
I moved myself and my wife's business away from Google, but that hasn't been without it's issues. Even though we're using a globally recognised mail provider and have DKIM, SPF etc all set up perfectly, we get bounced or delayed by certain mail admins. There are also occasional delays and issues. One thing I'll say about Gmail is that it's extremely reliable.
What provider?
Running an online forum, I've encountered people using Atomic Mail, and that service has terrible reliability.
Namecheap's "private email" service.
that’s “globally recognised”? Run from them as fast as possible if you would any of your services to work
I like the idea of moving away from the big companies, and the privacy it brings, but security is a huge show stopper for me.
e.x. For self hosting photos, am I gonna do something dumb that exposes the NAS on my network? Immich is not encrypted at rest, so what if someone just breaks in and steals my NAS? I could try and set up whole disk encryption, but what if I’m an idiot and end up losing all my photos because I make a mistake?
Philosophically I applaud articles like this, but I find iCloud with Advanced Data Protection to be way less scary than dealing with the weakest link: me (as a sys admin).
mailbox.org recycles @mailbox.org addresses after a period. 90 days for the cheapest Light plan [1].
After that, someone else can register your old address.
If your subscription lapses, your email account is closed after 30 days, data is deleted after another 30 days [2].
[1]: https://kb.mailbox.org/en/private/account-article/when-is-a-...
[2]: https://kb.mailbox.org/en/private/payment-article/what-happe...
Gotta put in a plug for Migadu: https://www.migadu.com/pricing/
Happy customer over a couple of years.
I've been using Migadu for a low-moderate throughput inbox (within their micro tier limits) in the US and the IMAP4 performance is kinda awful sometimes. I'm not sure why :(
Ended up dropping migadu. Lots of things I liked like the configuration but it was fairly expensive for what you got. After 3 years of paying, I once went over my outbound quota and couldn't send email for the day.
Migadu is fantastic if you can live with their daily limits.
> The last two providers offered true end-to-end encryption
This is not quite right. The only offer e2ee if you send an email to someone on the same provider (e.g. ProtonMail to ProtonMail). If you write to someone using Gmail, it's not e2ee.
IMHO this kind of e2ee is interesting for companies (because every employee is on the same provider, and it's better to have the internal communications on ProtonMail than shared with Google on Gmail), but for a personal email it doesn't matter so much.
What's really important is to have a custom domain so that you are not stuck with one provider.
That's correct, I meant that you have to always use their app, whether to use e2ee or not. There is no IMAP.
Mailbox also offers e2ee via browser among the same mailbox users, but it also has IMAP and PGP.
Custom domains make it really simple to move around. I was able to move from Gmail to ProtonMail on a Sunday afternoon without anyone knowing that I'd made a change.
Something to note: Certain service providers (e.g. Twitch) will not allow you to sign up using an '@mailbox.org' email address. I do not know if this ban extends to custom domain addresses.
> The last two providers offered true end-to-end encryption
ProtonMail and Tutanota offer end-to-end encryption only when both the sender and recipient are using the same (i.e., ProtonMail->ProtonMail or Tutanota->Tutanota). If you’re emailing someone outside those or if you’re receiving emails from someone outside those, and you want encryption, you’d have to go to PGP (with its own complexities).
That's why I find their mandatory requirement of exposing their hosted emails only to their clients is such a bizarre take (if not pure bs).
I mean for god's sake just let me use IMAP/POP3.
You give me encryption at rest, safety and privacy in transit, and do not sell my data. You also offer to let me put up my GPG key on your admin portal so that I can easily read e2ee mails in your webmail.
Thank you, all that is very nice. Now get out of my way and do not try/pretend to be Signal and email at the same time.
For those looking to break free and are considering self-hosting, I can strongly recommend Stalwart. I'm surprised how almost no one seems to have heard of it, but it's amazing (and supports JMAP!)
I've wanted to self host but I've heard that there's high probability of getting blocked/marked as spam?
The mail service has several serious shortcomings: 1. Disposable addresses (with the prefix temp in the domain part of the email address) can be generated via the web interface. However, when I receive an email at such a disposable address and reply to it in the web interface, the From field does not show this disposable address used in the previous communication, but instead the standard email address of the mailbox account. This is extremely annoying, because this communication partner is only supposed to know the disposable address. 2. In addition to the limited number of disposable addresses provided by the mailbox service, it is also possible to generate countless email addresses in the form of +extensions to the standard local part of the email address itself. Here again, it is frustrating that these email+addresses cannot be selected as the sender in the mailbox web interface (in Thunderbird you can and in the iOS Mail app it only works after manually adding this extension email as an alias in the account settings of the iOS app).
Moreover, Mailbox.org restricts the creation of email extensions exclusively to the plus sign: with alice@mailbox.org you can generate alice+test@mailbox.org, which inbound will automatically be sorted into the inbox folder alice (case sensitive).
But Mailbox.org does not allow the creation of alice.test@mailbox.org, which would actually be accepted as a registration email address by significantly more online services, because many of them apply standard filter rules for valid email addresses that wrongly consider the plus sign invalid and therefore reject it.
I am self-hosting my email. It's a pain in the ass, but software like mox[1] help on keeping things easier. The most tedious part is to setup correctly SPF, DKIM and DMARC and ensure that your IP will be whitelisted.
I was looking recently and it seems there is something new that appears extremely easy to use on the surface: stalwart[0].
Not an endorsement as I haven’t actually tried it myself.
[0]: https://stalw.art/
> The problem with email is that everything is transmitted in plain text.
That's not a Gmail problem, and no reason to migrate. Some use cases just don't fit email, and for those, we have other, more fitting platforms.
> So, I went with mailbox.org that still offers integrated PGP encryption, and if you want, you can always use external PGP too (which I was already doing with Gmail).
Ok, so now you have two problems.
But we haven't started using regular expressions yet...!?
I was fortunate enough that my solution was to host my own mail server 20+ years ago and create a separate email address per relationship with a company, so I can tell the moment some 3rd party has been comprimised when I receive spam on a specific address. My personal spam has been minimal over time.
If for example moc.elgoog@mydomain.com gets spam - I know they're compromised or have sold me out.
Yes gmail has had something similar using the + character, but most people don't know about/make use of this and still abdicate spam filtering to things they don't understand like bayesian algorithms which suffer from false positives. (Have you checked your spam folder for our very important message...?)
Email has never been secure and despite modern updates, I still don't consider it as such. Then again I don't have much to worry about, so I'm ambivalent most of the time. That said, special 'fuck you' shoutouts to Ticketek for being compromised and their general ineptitude and shitfuckery in so many ways... It took them 2 months to respond to an issue I raised with them only to ask whether it was still an issue... (yes, it still is).
Unfortunately I don't know if you could easily manage to convince majority email providers you're legitimite with a new domain in this day and age - I suspect its now a major hurdle to overcome as I've read often enough of mail bouncing because "we've never heard of you until now, so we don't trust you" - which makes communicating with the majority of the world via email almost impossible to build up the trust level you're considered legitimite and that's despite all this extra DMARC, DKIM, and SPF and SSL/TLS supposed safeguards which have appeared over time and I've had to comply with.
Security as an afterthought means its still probably never going to be secure. I've always considered email the equivalent of transmitting plaintext and have always treated it as such. This has led to some pretty difficult situations where I don't email important stuff to a 3rd party just because they expect it and everyone else does it.
Google '+' addresses aren't really safe anymore as thieves and some spammers will be sophisticated enough to strip them. You also run into broken validators that reject '+'. Much better to have on-demand wildcards with a custom domain in any format you wish.
It can be summarized that the romanticized ideal of Email is long gone, if it ever existed. Today email is a way for others, mostly automations, to send you notifications.
Once you realize this, the "just keep whatever I have right now" is often the best solution.
Just don't send lots and lots of email. I haven't had a problem yet. But I mostly use my server to receive.
Speaking of which, receiving is free. There are no spam checks when other providers send email to yours. So feel free to only use Gmail when you need to send an email out to a big provider. It's still a 95% win.
> That's not a Gmail problem, and no reason to migrate.
It is a problem with Gmail, because they're helping themselves into your email, as was explained by the author in the sentence immediately after the one you quoted:
> Technically, Google can store every message you receive and know everything, and U.S. agencies can request access to that data
(If it's a problem) it is a problem with every Email provider. It is part of the design.
Yes but at least for the TOS, mailbox doesn’t do it, and I’m more relaxed also because I’m paying for the email (they don’t need to sell my data to other services) and the server are hosted in Europe and GDPR compliance.
> because they're helping themselves into your email
What, specifically do you mean by this?
Moving your mailbox to something else doesn't stop gmail reading your mail every time you respond to someone who has their mail stored on Google. You'd have to ask for gmail's MX to be blocked perhaps.
Sadly I don't see a way around it unless you use PGP and the secret key is kept client side.
Anyone considering a move should also look at NameCrane/CraneMail by the crew behind BuyVM. Solid service, incredibly reasonable prices, great community/discord. They are always looking to improve, extremely proactive and reactive to customer feedback and issues. No builtin PGP, but I believe that is out of their control as they use SmarterMail on the backend.
I would run away from any service that forces me to use discord fr support.
Take it easy. It's not their official support channel. They have tickets like everyone else, with the added bonus that you can nudge them in their chat. You can take advantage of it or not, no forcing involved. The discord is more about community than a support channel. In fact they will usually ask you to open a ticket if you haven't already for direct support issues that don't look to be a general/shared issue.
Curious who is looking for "community" when it comes to their email hosting provider. The word "community" gets tossed around so much it's basically meaningless - but I mean, even in the loosest definition of it why would you want to interact with random people who simply use the same provider you do... like would you want a Discord server for your local gas station chain or power company?
Tech nerds. vps nerds. Hosting nerds. if that's not you, then yeah probably not
I hadn’t heard of this and looked for it. How is Cranemail so cheap? I’m really surprised but also concerned that one can get 100 GB of space with unlimited mailboxes and aliases (with just a sending limit) for $10 a year (which gets even cheaper when paying for multiple years or lifetime).
Not sure, but you could ask @Francisco here [1]. He might respond. He’s been around a very long time— certainly not fly by night, as I can understand thinking that at the price value.
Same question as above, do they have masked emails feature? Also, if you go the demo email they have, settings-connectivity, you can literally see all other people’s IP who are logged in there, concerning.
Is masking essentially email aliasing? If so yes they have aliases. re: about the IPs, yes that doesn't sound great for a shared system, something to probably bring up to them
I've been pretty happy with Mailbox.org. The web interface isn't great compared to Gmail, but I prefer Thunderbird anyway for normal usage. They used to have a weird 2FA setup, but they've since switched to the same kind everybody else use, thankfully.
Microsoft's been a bit annoying, since some emails I've sent to @hotmail.com domains go to spam, but at least they do arrive and aren't just bounced, as I've heard from some horror stories. Sending to @gmail.com accounts seems to work perfectly though. I don't send a lot of outgoing mail from my personal account anyway, so it doesn't really matter in the end. Some mails seem to take longer to arrive, but I had that problem on Gmail too, so I don't think there's anything actually wrong per se.
And I will be leaving Mailbox.org for Runbox, or Purelymail, or Fastmail. I have a few more months' credit remaining on Mailbox, besides I am yet to try the trials.
(This is for the author and anyone else) If you are looking for responsive (or even barely responsive) and responsible support responses whenever you need it, weigh your options very carefully about which mail host you want to move to. You might need it once or twice a year, but that might be crucial.
Edit: And if you can help it, and have your own domain, never use a mail host's domain-based email address (no matter how catchy and short that is) because it will be a headache switching away from it if you want to change your host.
Fastmail's base plan is excessive for me (60GB of storage) and costs twice as much as Mailbox, plus it's not an EU service.
It is for me as well. It's an obscene plan. They should have plans for us normal humans :)
But having burnt my fingers couple of times I need to be with a provider who has some sort of "real" and responsive support (and accountable) and that costs money so there's that. For me EU is not a condition, neither is e2ee (as long as it's E at Rest), but I understand it might be for others. I hope mailbox is good for you and unless you need some support it will good. There were no outages or any general things breaking during my usage of many years.
Good luck.
Have you considered Migadu? I don't have shares there, just a very happy customer :-).
I did. Their 20 out/day (soft limit) had me concerned. While many weeks I might send less than 7 emails I still feel uncomfortable with those limits.
It’s funny, the very first thing you see when visiting mailbox.org is their heavy push of the "German quality" mantra, like it's 1999.
After living seven years in Germany, I can confidently say that when it comes to anything digital, “quality” is the last word I would use.
I certainly wouldn’t trust this company with my data.
They're counting on customers to have forgotten all about that little matter involving WireCard?
One thing I'd recommend is getting your own domain for email (looks like mailbox.org allows custom domains with some plans). You never know what will happen to your email provider in the future, so having the freedom to move your domain to a different provider is valuable.
It comes with responsibility too.
Renewing your domain, keeping your registrar account safe, keeping your DNS records safe etc
Some people prefer a domain registrar that allows 10 year renewals so pick carefully as not all do
It does and I’ve been hoping to see more discussion around best registrars from a domain security perspective. I looked into CSC (cscglobal.com) since it’s what a lot of big companies use, but it’s crazy expensive ($5K+/yr). Even worse, their contract is wild: no guarantee of registration/renewal, all fees non-refundable, they can hike prices anytime, liability capped at $5K, DNS is “as-is” with only credits for outages, and they can unmask WHOIS privacy at will. Basically you pay enterprise prices while they disclaim almost all responsibility.
This. This 100%. I hosted my own email for a good few years and decided to migrate it to icloud using the custom domain. A few mins of copying IMAP over and waiting for the DNS to propagate and it was like nothing happened!
Yes, thanks. I already have my custom email domain, but this mailbox address is for everyday use, while I use my personal domain for private matters.
> To send encrypted emails, you just select “Use PGP encrypted” when composing a new message, after importing your private key, of course.
I love the concept of PGP and how well it seems to be integrated. I also don't know a single person who uses it or a provider/software capable of decrypting it. I think that's the biggest issue with PGP. Short of asking someone directly, you don't know if they'd be able to receive a PGP encrypted email, so you wont send one.
If you own your own domain as many are suggesting, it's super easy to share your key. Simply publish it and share the link in your email signature.
The whole point of PGP is to actually communicate (out of band) with the party you want to sent mail to and receive his public key.
It's no big deal if you really need to send a private message.
Yes it’s very easy to use on mailbox, well I use pgp encryption with some friend and on Kraken (the crypto exchange)
Anyone using a half-Gmail / half-personal IMAP server to handle the reality that keeping 20+ years or email in Gmail will bump into the storage quota? I'm around 99.5% usage and just slowly deleting ancient emails with large attachments to make it another month.
Dovecot in my homelab seem doable to have an IMAP server to transfer the Gmail based emails to and maintain them indefinitely but would this be a maintenance headache? I've never operated it before and am curious.
I’ve got Dovecot running in a Docker container on my Raspberry Pi. Moved everything over using Thunderbird. If you use mbox format, once done, you can turn the files read-only and Dovecot will still work. And you can throw a Solr server into the mix to get fast mail searches.
I also ran into the Google storage quota after 20+ years of gmail + drive + photos. I ended up paying for Google One at $4/mo just to make it long enough to move all of data somewhere else.
Zoho Mail is very good, priced well, and available in multiple zones- EU/US/etc.
Same here. I’m on Zoho’s Mail Lite plan with my own domain. 19 CAD/year for 10 GB and 30 aliases. Couldn’t be happier.
Same here! Quite low prices, has been stable, and i use my personal domain (for my family)...and can't complain.
Came here to say this. I moved my family (and our family domain) into Zoho and love it. It also has better features than Google in many areas. (coughre-ordering filterscough)
I would like to host my photos in Immich as mentioned here in the thread. I currently have my photos in the Apple Cloud. Does anyone have any tips on how I can download the photos in original quality without a Mac?
Immich has an iPhone app that should be able to pull photos from your photo library (and thus iCloud Photos) and upload them to Immich, but it might take a while compared to uploading from a Mac.
Congrats for the move. "Away from Gmail" is by itself a happy title.
The report is also very good and that should be a service every other mail service could provide to people who want to move away from G'rab'mail.
Another curiosity is that you use the same password I use for everything: xxx
Simple to remember and nobody will ever figure that out! Wink! :)
> Let me start by saying: I use email in a very basic way. I send and receive a lot of messages (at least 50 a day), but they’re plain text/html emails with no attachments or fancy features.
Why not shift to properly encrypted chat apps without all that single permanent pgp key nonsense that doesn't fit on a page?
The problem with changing email provider due to privacy concerns, is that most of your emails will still end up inside Google's or Microsoft's servers.
I considered self-hosting my own email, as I already have a domain name. But this has always put me off. The reason I would still consider self-hosting is to have readily available email address for side projects, like if I want to receive email notifications from services.
But for privacy, you unfortunately don't gain much, as most of the people/entities you're exchanging emails with are using Google or Microsoft emails.
Even when they don't, it doesn't matter. Email wasn't designed for privacy or security, and can't accommodate those. Lucky for us, we now have much better tools for those use cases, so we don't need to clumsily try and fail to ducktape those use cases to email.
I did the same thing some years ago. I chose purelymail[0] as the MX for my personal domain and would recommend. The only issue is that it's so cheap, and my credit lasts so long, I forget that it is in fact a paid service and that I do actually need to make a payment from time to time...
How do you like the RoundCube webmail UI?
https://porkbun.com/products/email is similarly priced
Curious to know which of the email providers offer bottom posting?
Genuinely asking after using Gmail and enterprise Outlook for more than 2 decades.
This has nothing to do with the provider and everything with your client. They are only linked if you happen to use the web interface of your provider directly, but you don't have to.
I left a week ago and went for disroot.org . But this is only my backup email address. My main is via my web hoster and a custom domain.
I’m going back to Gmail from mailbox. The spam protection from mailbox is very poor.
Been there since many years.
But there are the filter lists! You can customize the spam filters. Anyway maybe I’ll find these issue in the future, for now it’s all fgood with spam (I don’t see any spam email)
I'm going to plug fastmail. Rationale:
(1) tech support that actually reads your messages and replies with a solution demonstrating comprehension of the message that you wrote. Amazing. I've emailed them twice and gotten a great response both times.
(2) it is the best UI I've seen outside gmail;
(3) They have continued actively developing their UI, with nice updates released perhaps in the last 6 weeks.
(4) keyboard shortcuts that work
(5) Instead of inbox 0, I practice inbox 50k and it handles it fine.
(6) I just had a decade-anniversary there and I've never regretted it.
(1) tech support that actually reads your messages and replies with a solution demonstrating comprehension of the message that you wrote. Amazing. I've emailed them twice and gotten a great response both times.
Tech support forwarded an inquiry I was asking about an IMAP command in my MUA which led to an actual engineer that said my MUA was using an outdated/deprecated part of the IMAP protocol and provided the RFC for the new way of doing things, which then lead to a patch in said MUA. Very few companies offer this calibre of support, the only other one I can think of is Tarsnap.
(2) it is the best UI I've seen outside gmail
I think it's a much better UI overall than gmail; at least I found with gmail you had to manually paginate things, I can easily do a search in FM that might have 10000 emails over 20 years and I can usually jump to a specific month/year very quickly via scroll and then from there a specific day.
(5) Instead of inbox 0, I practice inbox 50k and it handles it fine.
Similar, 37k in my Inbox, nay issue. I have probably 200k overall across different folders. But I know I'm outsourcing a service, so I do full infrequent backups via IMAP.
Here's my (7):
Fastmail has the only web interface I've come across that handles (catch-all) aliases correctly and knows how to respond with the correct one every single time. Maybe roundcube/squirrelmail can do this, but roundcube/squirrelmail overall is not very good.
I think I'm over 20 years using Fastmail now? It just works. I've never had a single ounce of trouble with them. Their support is great. There are few products in life that I would recommend without question, and Fastmail is one of those. If only every company was this good.
> (2) it is the best UI I've seen outside gmail;
I'd say it's better (maybe gmail has features it doesn't, but fastmail does everything I need and loads much much faster than gmail)
Also a happy fastmail customer for the last several years.
Came here to say this. I've been with Fastmail a similar length of time and it just keeps getting better.
I went the hard mode and migrated all my personal emails (3 domains) to mxroute. Haven't been using Gmail since 2015ish.
Another happy mailbox.org user here who dumped gmail since a little over 4 years now. I'd highly recommend them to anyone who prefers more control on the client app they can use to access emails, calendars etc. Their web interface may not be the best/fastest, but their video conferencing web app is really good. I rarely use their office suite, but good to know it exists.
I use both mailbox and gmail. For people that are considering switching, some websites don't accept the mailbox domain, so be ready for that. Otherwise the service works great.
In over 6 years of using Mailbox, I only remember one website that rejected the domain. It's a government website and they only started rejecting "invalid" (non-duopoly) domains sometime this year.
I do occasionally get emails that take longer to arrive into my inbox (between 5 minutes up to 1 hour), but the emails always arrive eventually. Or maybe I haven't noticed...
Do you remember which websites rejected your Mailbox address?
I've been on mailbox for 6 years and I think the only issue I've had with rejections has been the email confirmation from some Discourse-based forums. But after I contacted the hosts and was added manually, the forums' emails made it through with no issue
I've never encountered this issue so far, and I've already changed my email on almost all commercial services. But thanks for reporting! I'll use Gmail with forwarding if I encounter this issue
If others can do, I wonder why can’t Google provide encryption at rest with keys managed by users? May be for small a fee?
Large Corporations think very slow.
Currently the are distracted by AI gimmicks.
> starting at €2.50/month (paid annually)
> I had no issues with paying the equivalent of two coffees a month
Where can you get coffee for €1.25?!
In Italy =] the price is about 1.30 to 1.40€. And I’m in northern Italy, in the south you can find it for ~1€.
wow, amazing. I feel like it was a pretty similar price (.90?) when I visited in 2006.
Italy I think
How do you deal with emails bouncing or going to spam? I have been looking to move away from Gmail but last I read it was the only reliable option out there.
You should be fine on the big providers. There's a weird horseshoe situation where anti-Google doomposting looks a lot like pro-Google FUD that I think leads people to believe only Google and maybe Microsoft are capable of sending mail any more.
Something like mailbox.org should be fine. Even a carefully-chosen VPS running your own email server should be fine (works for me, no delivery problems in ~2 years)
Tell me you haven't run a large email server without telling me.
There's a reason even large corporates that can easily afford the resources to run email their email themselves decide against it.
There are a handful of good providers, not just Google and Microsoft, but the two hyperscalers do have very good offerings, so of course they have a lot of the market.
You're right, I run a small email server. I told you.
> but the catch is that to use their end-to-end encryption you’re forced to use their apps (or, on macOS, run a background “bridge”).
> That’s a no go for me, because I love Apple’s Mail app on macOS and iOS, it just works perfectly for my needs, and I don’t want to give that up.
Well, you can indeed use Apple Mail by running the Bridge. Not sure I understand the point here.
On macOS you have to add another service in background and i don’t like it, on iOS and iPadOS you have to use their app and I want to use Mail by Apple.
Can I add multiple domains and thus addresses (forwards) to a single Proton or Mailbox.org account? That’s a game changer as I’m paying the Google Workspace per fee per domain currently.
I thought protonmail was the go-to for de-googling.
what about https://0.email
this is just a wrapper around gmail
How do I get my family to move off of Gmail?
I keep telling them that Google spies on you, but they don’t care because it is free and it works.
How reliable are these providers and what are the chances these providers emails would bounce or go to spam when sending an email?
If they don't care, why should you?
They found a deal that seems to be ok for them. To get them to change providers, you need to suggest one that would be a better value, and to be honest, I don't think you can find one.
I did it by moving to the Proton ecosystem: Proton Mail, Proton Calendar, and Proton Pass, with the added bonus of Proton VPN.
As much as I don't necessarily like it, I think we have to put a price on our privacy and personal data. And for me, paying for the Proton family plan seems like a good trade-off, at least for now. So far, I haven't got any emails to bounce when using the @pm.me or @proton.me email addresses, except once (I forgot which web site).
If they don't care there is no problem for them to solve. Stop sending mail to them and bounce mails from gmail.
Maybe because when normal people hear you say "Google spies on you" they think you are a crank. Perhaps try to reduce it to a statement that conveys valid information.
how is this different from using PGP with Gmail?
As far as I know, Gmail doesn’t allow saving PGP keys or using them to write new emails, whereas mailbox.org integrates the entire PGP service and to send an email, even from iOS where PGP apps are "ugly," you just need to do it from the web interface.
Anyway I wrote the details in the post.
Edit: I have to mention that I generated my PGP keys locally and then imported to Mailbox.Org
Do gmail prevents you from using a regular MTA these days?
Note that when you let a provider do PGP for you, you're not safe from that provider. It's one of the big problems with PGP: you can have usability or security but not both.
You're doing it without Gmail.
I moved my domain to ProtonMail at the start of the year and my only real challenge is shared calendars.
Does anyone have a suggested solution that allows multiple people to share and manage a calendars that isn't Google Calendar or locked to a particular platform (Apple).
I'd really like to just run my own Postfix, Dovecot, SpamAssassin stack, but it seems totally discouraged these days just on the basis of email sender reputation.
It's not as bad as some make it out to be. Check out Stalwart, as it is much easier for a newcomer to mail hosting to manage.
Thanks! I'll check it out.
Just do it. You're allowed to have more than one address. You can keep using Gmail for important things while you experiment with your own server.
Might as well, right?
I wish there was something like cell phone number porting for email addresses. I don’t know how it would work on the technical side or how you could secure something like that, but the idea of switching email providers is too daunting, so I stay with Gmail despite abandoning all my other Google accounts and services.
The closest would be having your own domain that’s linked to an email service provider (like mailbox.org or Google Workspace or several others). But to your point of switching email providers being daunting, first buy your own domain and then use that domain with an email provider of your choice. Then start chipping away at the emails you receive in your Gmail account and switch each of those senders to your new domain (and a new email address there). Do it a few at a time, give yourself a whole year to complete it and get going.
It’s even easier if you list out the most important senders in a checklist and move those first. But give yourself at least a few months time. It’s certainly possible.
Once you have your own domain, future migrations to another email provider would be a matter of moving the emails and updating DNS.
It exists: just port your domain name to a new registrar, and/or point your mx records to a new email provider.
Phone number is just a user number. Email addresses are a user name at a server name. A little harder to do if you're looking for something as ubiquitous as phone number porting.
The closest thing to a server name when it comes to phone numbers, would be the network it is on. For example, there is the public switched telephone network (PSTN), then there is the Defense Switched Network (DSN)
The problem is that I would still need to "port out" my email address manually to a new domain name. It's not an exaggeration to say that there are probably over a hundred places I would need to make that change.
What's the problem? Do it during a slow day when you're bored. Doesn't take a lot of time or effort. Keep the old e-mail around for any strays that you forgot.
Not as easy, but could do it in phases:
- set up new email address, hosted where you like
- https://support.google.com/mail/answer/10957?hl=en (forward your email)
- update your email address as many places as you can
It took me 20 years with Gmail to realise that I had screwed up by not starting with a custom domain.
When I finally changed, it was a lot easier than I thought. I just gradually migrated my accounts everywhere. I still have my old Gmail address, but I almost don't use it anymore.
Also (but I didn't try), couldn't you setup your own domain with Gmail? So that you still have everything in Gmail while you migrate all your accounts... but honestly for me it was really fine to deal with two email addresses for a while.
You kinda get that with your own domain. I think that's the best you are going to get
Isn't losing your domain a huge risk for any common user?
Well if you have any issue with Gmail, you're screwed. There is exactly zero support there.
With a custom domain, you can find a registrar where there are actual humans on the other side.
Unless you use some sketchy TLDs, I've not heard of that
I've seen plenty of stories of people who forget or are unable for whatever reason to renew their domain names on time.
You are usually warned by email a lot of times before it ever happens. Make sure you receive them on devices and an email address you actually pay attention to. I also put an entry in my calendar a month before every renewal.
The funny part is you need an email address already to register a domain, at least during a bootstrapping phase. I have several domains across 2 registrars with renewals at different time of the year.
Where I live, auto-renew is the default, and the annual fees automatically get debited from your credit card or bank account. The ToS of my registrar give a two-months grace period in case of payment issues. I haven't had to do anything manually in over 20 years to keep my domains.
You can pay for your domain upto 10 years in advance. It's a frontloaded cost, but if you can do that (or even just 5 years), you'll have a pretty good buffer if you just happen to be busy at whatever time of year you need to renew. This assumes you still check up on your renewal yearly, but you'd need to do that anyway if you pay yearly.
I don't understand the logic. I mean if you hate Google, or you specifically want to avoid Google having your data sure, but whichever email provider you choose will have at some point access to your plaintext email and they may choose to store it. There's no such thing as real end-to-end encrypted email unless the sender actively does so or you run the server yourself (and be online to do the TLS handshake when someone connects to your domain's MX address).
Another concern about anything social is that there are at least two sides in a conversation and whoever leaks the data to a third party will compromise privacy of all so it is really hard to prevent your email from getting to Gmail servers one way or another.
Can't agree more! I've analyzed my urges to migrate in the past decade or so and I've ended up staying with GMail for exactly these reasons.
If my wife and I both use Proton, or I correspond with a bank or company that doesn’t use a Google product, how would that possibly get into Google’s hands? You way oversimplified the possibilities here.