Thoughts on StartMail as a email service

Proto-Man · February 18, 2024, 5:08am

www.startmail.com i was curious why I have seen this email service located on associated sites but not on this site. What is the problem with this email. Sorry, I a newbie

jonah · February 18, 2024, 5:18am

github.com/privacyguides/privacyguides.org

Remove Startmail, as it's not zero-knowledge

main ← pr-remove_startmail

opened 03:34PM - 21 May 23 UTC

dngray

+0 -53

Changes proposed in this PR: As per the requirements of "Zero Knowledge" we s…houldn't really be listing Start Mail. - https://discuss.privacyguides.net/t/minimum-tls-requirements-for-email-providers/11830/18 Closes: https://github.com/privacyguides/privacyguides.org/issues/1433 Summary: - Uses 3072 ElGamal/DSA keys which are not default anywhere. No option for RSA, ed25519 etc. ElGamal hasn't been the default in [GnuPG since 2009](https://lists.gnupg.org/pipermail/gnupg-devel/2009-May/025079.html) - You cannot import your own PGP Keypair - Mail which is received while you're logged out, is encrypted with a separate keypair, and then when you log in, copied to a LUKS volume. That means all of your email is available to the server when you log in. It is only zero knowledge if you stay logged out. - [x] I have disclosed any relevant conflicts of interest in my post. - [x] I agree to grant Privacy Guides a perpetual, worldwide, non-exclusive, transferable, royalty-free, irrevocable license with the right to sublicense such rights through multiple tiers of sublicensees, to reproduce, modify, display, perform, relicense, and distribute my contribution as part of this project. - [x] I am the sole author of this work. - [x] I agree to the [Community Code of Conduct](https://www.privacyguides.org/en/code_of_conduct/).

github.com/privacyguides/privacyguides.org

StartMail: Add a warning explaining drawbacks of the User Vault

opened 03:03PM - 09 Jun 22 UTC

closed 11:40PM - 24 May 23 UTC

TrashPandaCodingGarbage

c:providers status:research required

Hello there, I am a happy StartMail user - however, their "user vault" has s…ome drawbacks, which should be mentioned on PG with a warning, to make users more conscious about the product. **Link affected:** https://www.privacyguides.org/email/#startmail **The issue:** Privacyguides decription of StartMail does not mention the fact that if you are logged in, LUKS container with your data is mounted and readable by StartMail. In short, when you are logged-out, your data is encrypted and not cannot be accessed. This changes with the moment you log into StartMail - LUKS container is decrypted - which store user emails, PGP keys (including private key, which is NOT additionally password-protected, like in Protonmail), recovery codes etc., which can be accessed by StartMail employee, or an unsolicited person if the StartMail servers have been compromised. **Outcome of the issue:** False expectations. **Solution:** Describe User Vault somewhere in the StartMail section.

Eugg · January 29, 2025, 1:07pm

You are currently using startmail or are you using another one. Which one?

Topic		Replies	Views
Privacy oriented email service suggestion other than Proton, Tuta, and Posteo Questions	16	1425	October 30, 2025
AliasVault: Open-Source E2EE Password & (Email) Alias Manager Project Showcase	115	9137	October 25, 2025
Recommended Temporary Email Service? Questions	67	2679	September 22, 2025
Re-evaluating private email - how many domains/addresses do you typically have? Questions	0	209	October 18, 2025
Best standard email (IMAP/SMTP) provider that is not terrible for privacy? General	27	3679	August 26, 2025

Thoughts on StartMail as a email service

Related topics