And what do you actually use? I know the answer is probably self-hosting but maybe there are other solutions for a decent privacy.
https://www.privacyguides.org/en/email/
Normal email is unencrypted when it’s on the wire in transit. (Nowadays they use SSL between servers, but it’s totally readable by every server in your pathway. Which isn’t much better ). The best you can hope for email is to encrypt it and store it at rest once it arrives at the server. If you self host the server you could have one way encryption enabled. If you don’t want to self host the privacy guide options are pretty good.
Don’t have any conversations via email if you can avoid it. Prefer end-to-end encrypted platforms like signal instead
I own a custom domain and actually use Tutanota as my host. Self hosting is a nightmare and easy to fuck up, which leads to your emails getting sent to spam or just not receiving. I use custom domain support in Tutanota that costs me $12/yr (2 custom domains) and my domain is $15/yr. Since custom domains stick out like a sore thumb, if I need privacy then I will use AnonAddy to forward to my email with an anonymous forwarder.
Like 99.9% of my emails aren’t encrypted but that’s not the point. Tutanota removes a lot of the privacy leaks via metadata and has privacy protection measures by default like disabling images from automatically loading. Also it’s calendar/contacts/email all rolled into one and everything is e2ee. Not to mention, unlike ProtonMail, they have their own push service that works on DeGoogled Android and can be installed from fdroid.
Same story here. I self hosted my email with a Linode for a year and a half and it fucking sucked. Gmail almost always filters inbound email from what they deem as untrustworthy IP addresses (which is pretty much any mail server other than the big players), and even if you never plan on mailing Gmail addresses your server’s IP will show up on some “critical spam” blacklist somewhere simply because you’re running a mail server, which basically spells doom for mail deliverability.
You also need to diligently harden your mail server because bots indiscriminately try to find loopholes in mail server configs all the time, and once they do they start spamming their poor victims through your server. It’s a fool’s errand that varies wildly based on what distro you installed, which mail/postfix/dovecot/fail2bam/dkim/spf etc configuration you have, and a lot of the time the information doesn’t actually exist on the Internet so you have to figure it all out yourself.
Ever since I switched to Tutanota + redirection with my domain I’ve never had any of these issues, and I’m never going to look back. It’s unfortunate, but the days of self hosting mail servers are over. It’s simply not worth the struggle and it just becomes an uphill battle in the end.
If you want to self host, I recommend mailcow. It is not that hard to install and if you follow the instructions you’ll have a working solution whose mails are not considered spam by every other sane server. Sadly, some operate with whitelists.
I have looked at it and its system requirements are just insane. No way it would run on my cheap 1 GB VPS. I use a script for setting everything up, but less because I want to (I was warned about complications) and more because I cannot afford a second subscription.
