Hi there, I’ve been using Gmail since it was available via invitation in beta status. I’m not specifically concerned about the privacy violations, as important as that is. But I am concerned enough about Google’s increasing evil to consider moving away from it, because they have the power to cut off access to my email and by extension all of my subscriptions and online services if they arbitrarily decide that I’m in violation of some policy clause. The move would be a massive hassle, and I’m not sure if I should stay with the devil that I know, since I’m more concerned about sustainability and permanence than anything else.
I know that this forum is primarily focused on privacy-respecting services, but as I mentioned that’s not my primary concern. Most free email services whether they are private or not don’t offer IMAP access, which is another requirement. Most recommended email services are paid, but I hesitate to use them due to the unlikely but still possible chance that the perfect storm of digital disaster hits me: Credit card gets stolen or compromised and/or bank account temporarily inaccessible due to geo-IP restrictions, and no way to renew the payment for my email service. So I would strongly prefer a service that offers a free tier with IMAP access.
I’m considering migrating to GMX and/or Murena. GMX offers much more free storage and is a very established player in this field, whereas Murena is much newer but specifically focused on being the anti-Google. But I wonder about the short-term and long-term downsides about these services, and if migration would end up putting my email sustainability in greater jeopardy than with Gmail. Thanks in advance for your advice and opinions.
What I would do if I were you, personally, is start using an email aliasing service like SimpleLogin and point it to whatever free mailbox you want, maybe even just your current Gmail.
That way if your current mailbox disappears for whatever reason, you can just log in to the aliasing service and switch which mailbox your aliases point to, without having to go in and update every single account you own every single time you change email addresses.
Anyways, as far as free email providers go, I have no great solutions unfortunately. Maybe someone else will share something, but like you pointed out it’s not exactly our specialty here
People aren’t exactly thrilled with Murena around these parts, FWIW:
If keeping IMAP is your concern, then there may not be whole lot of reason to switch.
There is a bit of misinformation about when and where “Google” gets your data in regard to email. Their data doesn’t come from “reading your email” like a lot believe - in fact they clearly state that isn’t the case.
These ads are shown to you based on your online activity while you’re signed into Google, however we do not process email content to serve ads.
If you’re a webmail user however, that’s going to mean you are signed into Google with your primary browser and that means google analytics and searches can be easily tied to a specific Google account.
I don’t think there’s a whole lot of reason to switch to a smaller provider if you’re not looking at registering your own domain name. If you want to keep IMAP access (and I understand that as I value it too), providers like mailbox.org, migadu.com and disroot.org may be an option.
Mailbox.org does cost, as does Migadu. Disroot has a donation based model (and it’s really good if you can help them).
Keep in mind only mailbox.org has “zero knowledge” in that incoming email can be encrypted with a public PGP key. Disroot is looking at a similar setup with lacre.io that they plan to deploy in the future.
So far though the only thing that I’ve seen with support for searching an encrypted mailstore though is the search library notmuch.
Uff, I wish I had done this a long time ago before I signed up so many services and accounts with my current Gmail address… At this point it’s going to be a tedious manual process to switch the registered email address on so many accounts, and also notify potential business contacts of the change.
Also thanks to you for your excellent response! Actually I do have a disroot.org account, but I was sort of concerned about their sustainability being a not-for-profit volunteer service. The evil economics of big business are a much stronger motivation for Google to keep Gmail up and running.
Regarding Gmail reading my email or not, I basically was taking for granted that they do that. I admit that’s fairly disturbing, but in my case that’s not the biggest of my concerns. I’m more worried about them maybe cracking down on using ad blockers or even a wild error of their geo-IP detection systems going amuck and detecting my various accounts as compromised and locking me out of them.
That is a good concern to have. Obviously donations do help with that, but it’s never entirely visible to the outside world the health of the organization.
I would highly recommend for your known identity registering a domain you have control over. The MX (Mail Exchange) records can then be updated in the future if that email provider is no longer available. You can simply direct it to a new one.
I always think this is a good idea, so you don’t end up as CTemplar customers a while ago.
A cloaking service can also be used to cover the “unknown” identity. You can register additional domains to use with your “unknown” identity, in the places where cloaking services are not accepted.
I would state that anything tied to a credit card or physical address should go under the “known” identity. An account on this forum would be in the “unknown” identity category.
Yup, I’m in the same boat, but if you do switch then in theory it’s the last time you’ll ever have to do so, since it makes future mailbox switches so much easier
The other way to accomplish this portability without an aliasing service is with a custom domain, which is probably the most robust in terms of future-proofing since you own it yourself, but that’s more expensive. Cheaper than SimpleLogin’s paid plan, to be fair, but more expensive than their free one
Hmm, interesting. And how do the benefits stack up compared to this concern (in this case, regarding paying for the renewal of the domain during a personal digital disaster)?
The nice thing about a custom domain is that you can pay for them 10 years in advance. If you had the money now (probably roughly $100 for 10 years but it depends on the domain), getting a domain for 10 years from a registrar like Cloudfare and setting up their free email forwarding service could be a solid plan.
When I migrated away from my Google account I used imapfilter, to move those emails to my new mailbox. It ran on a 1hr cycle.
Fortunately I did use a password manager though, so I knew everywhere I had used my Gmail account, I too was one of the early users (2003) invited to the service.
I just now happened to find that 10 year option in a search result. Nice, that would significantly reduce the chance of digital disaster coinciding with the renewal window.
Hmm OK, so in that case I could still use a free email service that normally wouldn’t support custom MX records? And then if my email provider ever failed me I could update the email forwarding target to a different email provider and still get login codes from my bank and other subscriptions?
Cool, thank you. I was also thinking about setting up my Gmail to forward all messages to the new provider, and then I can gradually update the registered address as the notifications or access codes come in from the various services I use, or manually respond to personal emails from business contacts. Anything I’m missing here?
The reason I used imapfilter to do that and didn’t set up the forward, is because that still required opportunistic TLS between google and the main provider. This was before more more-stricter things like MTA-STS were widespread.
Additionally it modifies the header, of the email if you forward it.
Correct. However with this non-MX/forwarding setup you typically aren’t able to send emails from your custom domain, so that’s a disadvantage compared to providers that officially support custom domains, or actual aliasing providers (not mere forwarders) like SimpleLogin.
If you are considering having your own domain name (so that you’re independent of the mailbox provider), the cheapest option I know of is infomaniak.com, when you buy a domain from them they give you free email hosting (1 inbox but with aliases) that has IMAP and unlimited storage. They also claim to respect your privacy and not read your emails but they don’t have zero knowledge encryption.
If I register a domain for 10 years and pay upfront,
And I need/want to move to domain to a different registrar after 2 years
do I lose the extra 8 years that I paid in advance to tje previous registrar ?
I dont know, bit i am assuming I lose it.
I dont think i can transfer to a new company and not oay during those 8 years, for a oayment made to someone else. I dont think the orevious registrar had any rules to give me back my money when I leave early.
In that case, registring multiple year is a gamble that
the service still exist
does not suck.
** Keep their promise of upfront oayment without additional upcharge years later.
** privacy stay good
** features stay good, they implement dnssec and new extra stuff.
I ask because I did move registrar recently. The previous was probably not privacy friendly and has a reputation. Didn supoort dnssec too.I could not move to cloudflare because they do not support my tld.
I did move the nameservers to cloudflare as they do ha a lot more feature than my new registrar.
Do remember that they said that they don’t process content to serve ads, not that they don’t process content or only process content for security reasons. This means that they could (and probably does) process your email for other stuff (eg. AI training) without explicitly lying.
