Ask Lemmy
A Fediverse community for open-ended, thought provoking questions
Rules: (interactive)
1) Be nice and; have fun
Doxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them
2) All posts must end with a '?'
This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?
3) No spam
Please do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.
4) NSFW is okay, within reason
Just remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either [email protected] or [email protected].
NSFW comments should be restricted to posts tagged [NSFW].
5) This is not a support community.
It is not a place for 'how do I?', type questions.
If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email [email protected]. For other questions check our partnered communities list, or use the search function.
6) No US Politics.
Please don't post about current US Politics. If you need to do this, try [email protected] or [email protected]
Reminder: The terms of service apply here too.
Partnered Communities:
Logo design credit goes to: tubbadu
view the rest of the comments
So when it comes to encryption for digital data there are really two concerns:
Your options for encrypted email providers are limited:
I'm curious why you think so?
Proton's inboxes are encrypted, so that's (1) handled.
For (2), Proton-to-Proton emails are automatically encrypted. Proton-to-WKD-enabled-services are also automatically encrypted:
And finally, emails to non-secure services can be encrypted, but you must provide the decryption password to the receiver through some other method. These emails can also be configured to automatically delete after a set expiration time.
This is the most feature-complete encrypted email service that I'm aware of, it basically covers all cases that it is possible for Proton to cover on their own service, anything more would require cooperation from the other service(s). No email service could possibly force an inbound email to be encrypted in transit, the sending service has to do that, and that's really the only part that Proton doesn't have a feature for (because it's impossible). If encryption is your concern, I don't think there are any better options right now.
This is what I meant by "it largely wouldn't be encrypted mail." I'm looking for an email address to open a Pixelfed, Peertube and probably Mastodon and Loops account, among others. Trying to separate "content creation" from my personal accounts and email address. This account will likely be public-facing and will receive normal everyday email, from the various instances I sign up with plus maybe a viewer if anyone ever watches anything I make. The automatic encryption features of Protonmail don't seem that useful for this use case. Just need an email address that my bank hasn't heard of.
Hmm, I'm not sure what you expect... if an email service sends in the clear, the only place that can be fixed is at the service itself.
Having the inbox for these accounts encrypted would seem to be important though, so that you can maintain control of them.
I don't care if messages are encrypted at all in this case, the entire reason I mentioned encryption is to say "I don't need the feature this service is most known for."
Ah, I see, I misinterpreted your original post.
Well in any case, the email will probably be the recovery path for the accounts you set up ("I forgot my password"), so if you want to stay in control of them you should pick a service that encrypts the inbox.
You might also find subaddressing useful. For example, if you have [email protected] and you then use [email protected], and later that email subaddress gets exposed and you start getting spam specifically through it, then you know which account was exposed (the pixelfed one) and can attempt to address it individually. Basically the +alias lets you know the source(s) of incoming emails because you know where you've used that alias. Many services support this feature.
I think I see why you misinterpreted it, I made a typo. "Incorrect" came out as "I correct."
I would hope that all services store their data encrypted; a service that stores customer email in plaintext shouldn't have survived the Obama administration.
As for subaddressing, I'm aware of that idea but...surely so are bad actors. Surely it's just a quick bit of regex to remove any subaddresses from a list of email addresses you just compromised to cover your tracks.