Thunderbird Pro and Thundermail announced

I didn’t even knew Thunderbird would have a paid version.
I think that most people know it for its FOSS privacy-focused email client, not sure Mozilla can become the next greatest client. They might be too late for that war.

Mostly because everybody moved to web-based or company-owned dedicated mobile apps.
This is at least how it is for me, I gave up on trying to find a decent email client years ago and Thunderbird was too bad for too long…

As for the price, they do provide:

• email
• calendar
• send

Given that it’s FOSS and potentially decent, might not be that over-priced especially if targeted towards enterprises. Doesn’t look too expensive in comparison to enterprise competitors.

image552×283 55.1 KB

Given the logo I assume this runs on Stalwart?

Seriously! Pretty much any othre provider looks to be a better value…

Yes I believe that was confirmed in a previous announcement, but I don’t see an explicit mention of it here.

iewl seems they also use Zoom and make the same mistake proton made.

image579×237 31 KB

Do they use it, or are they offering compatibility with a tool customers are likely to demand? There is a gigantic difference between the two.

I thought there was going to be a free tier?

Probably not in an early beta

at the beginning, we plan to offer these services for free to consistent community contributors. Other users will have to pay for access. Once we have a strong enough user base that the services appear to be sustainable, we will open up free tiers with limitations, such as less storage or the like - depending on the service. You see this with other providers, some of it is practical as email addressing and file sharing are also prone to abuse when there are free tiers.

I hope this can become an alternative to Mailbox.org. I don’t mind the higher price if it can offer a privacy-forward but still standards-compatible email experience with well-implemented, up-to-date features.

I have to say, .pro is an odd choice of TLD for something as critical as email.

I can’t understand the privacy philosophy of Thunderbird. So, should I cancel Proton and Tuta, install Gmail or Yahoo, and then use the Thunderbird service as cover? Sorry.

Just notice that thunderbird android beta 19.0b2 introduced a new screen on adding account screen to also add, and register new to thundermail. The flow seems to be close to working, with picking address, adding password, adding recovery email etc. Only its still just a placeholder since it doesn’t actually allow account creation yet, last screen will throw error about thundermail are still on invite only closed beta. The actual link it forward to is https://auth.tb.pro

Economies of scale likely mean they need to charge more to offer the same level of service as proton, which some people may be willing to pay due to the thunderbirbird / mozilla name.

I was somewhat excited to see this thread, but it doesn’t seem like it will be a good option for those of us without mozilla brand loyalty. I’ve got my own stalwart server set up working with thunderbird already; I’m sure not going to pay currently $72 per year to use theirs. I’m expecting them to follow this trend where there’s no basic option, like a 1 email address 10GB storage option, and either you are free(loader) or are paying $60-$120 per year.

Whatever gets people off gmail is good in the end, but I don’t think this will have benefit over tuta / proton or even mailbox.org or posteo for those of us who trust those companies equally.

I’m afraid you might be right about this. Still, a third viable option after Proton and Tuta would be a good thing. I just don’t know how private and secure it is in comparison with the competition.

Isn’t this privacy washing?

Patriot Act doesn’t care about server location. It is the company location (San Francisco) that matters. They are obligated to hand out all data by law, if requested.

In which ways do you think Mailbox.org should be improved? Just curious, since I liked it quite a bit prior to settling on Posteo.

I’m still failing to understand what added value team Thunderbird is trying to offer. I love Thunderbird as a mail client that allows me to handle both private and work accounts, but it puzzles me what made them believe people needed a new email service. Are they trying to be the new Proton? If so, I’m not so sure their goal will be met. I do wish them all the best, and perhaps I’m underestimating the demand.

they are still in private beta i think. it adds you to the waitlist currently. Their pricing would be interesting to see.

I just don’t know how private and secure it is in comparison with the competition.

I don’t know either, but, assuming they’re really using stalwart, but I can say a little bit about stalwart.

Stalwart has three parts, the database that can be stored in different types of database files, an admin panel that can be used by the admin to configure stalwart or by the user to configure their account, and jmap and imap.

The admin panel gives admins very limited information about users’ data. You cannot see their password, their emails, etc through the admin panel. It does allow the admin to set up encryption at rest to protect the database. The default setup is intelligent about preventintg misuse and will do things like banning ‘excessive’ port scanners

The user, meanwhile, can upload their own pub PGP key file to encrypt their email bodies. This causes the emails to immediately be encrypted as they come in. The admin cannot decrypt this. It has the usual problems of PGP like impairing email searches, message titles not being encrypted, the recipient needing your pub key if you also want to also send encrypted emails, etc. The user can also set up an app password and choose the permissions for this password, like allowing imap only.

The only two factor supported by stalwart is TOTP. There is no FIDO2, something proton supports. However there is also no web client. Since thundermail will have a JMAP web client, that means they added one. Therefore the web client could support stuff like end to end encryption, FIDO2, etc. I would guess we also cannot access the stalwart user admin panel in the way I described in the last paragraph, but any feature I mentioned could hypothetically be part of the web version, as all we need for those features is a UI for access.

This is all why forum staff were happy to see them using stalwart. The security will come down to the implementation, but stalwart is a solid base. It’s also an open source project with an enterprise option, kind of like bitwarden, so we don’t have to worry about that base software becoming out of date or not maintained.