Learn more about FryeMail.me

Overtime I have become increasingly aware of the criticality of privacy and security online. A foundational step in becoming more secure is understanding where your important information is. For me, although not incredibly sensitive, it was my inbox. It was the funnel of all my online activity (e.g. banking, shopping, social sites, etc.). Although nothing different than what is in millions of others inboxes, I began to realize how big of an insight into my life my inbox was. This quickly begged the question, do I trust the email provider I'm currently with not to be misusing the insight they are gaining from my funnel of data over years of use, whether for advertising, social graphing, etc.. Around this same time, I became aware of some of the privacy focused resources listed below and specifically PrivacyTools.io. There are countless resources for increasing privacy online that require balancing between privacy/security and convenience.

I've documented some of the resources I've come across and in some cases, employed. I'd encourage you to conduct your own research on these topics to make an informed decision. The below are my personal opinion.

Several privacy focused resources:

A few noteable articles to consider:

Benefits of using your own email domain to front an email provider

Note, although there are excellent options for hosting your own email, I am not suggesting that. If you go that route, you are responsible for your own security, spam filtering, availability, and backups - I prefer to defer this to a trusted provider that has an economy of scale to do this and do it in a reliable and cost-efficient manner. Instead, I'm suggesting owning your own domain (e.g., fryemail.me) and then connecting it with an Email provider such as the ones above.

Control

Enables you to own and control your email address agnostic of provider - what happens if the provider ceases to operate or inadvertently blocks your account (e.g., false positive account abuse or spam sending)? Owning the domain name enables you to simply change the Mail Exchange (MX) Records with your domain registrar Domain Name System (DNS) to point to a new provider and within minutes (or possibly 1-3 hours) any new emails will be available with your new provider. Important to note, this doesn't replace backing up your previous emails as these won't be pulled over, only new emails after the switch will be available. This, however, is a huge help if your blocked or your provider has ceased operation and need to recover passwords and usernames for other sites that use that email address.

Portability

Empowers you to have portability - Similar to the matrix above, owning my own domain empowers me with the portability to change email providers as my requirements and needs change without having to revisit dozens of sites and change my email address.

Flexibility

Avoids conflict of usernames - Having your own domain means whatever you want to put in front of the "@" is guaranteed to be available; whereas you are subject to username availability of the provider (e.g., john@gmail.com is most likely taken, but john@yourdomain.com isn't).

Unlock aliases and possibilities - most providers enable multiple usernames or aliases at your own domain (some are limited, others are more generous). This could allow you to have shopping@yourdomain.com for shopping related emails or newsletters@yourdomain.com for newsletters.

Scalability

Host multiple email providers - be able to give out the same email with small variance based on use. For example you could have yourname@yourdomain.com for primary correspondence with MX Records for one provider and also have yourname@secure.yourdomain.com ("secure" being a subdomain that could be substituted with any valid character) that has MX records pointing to another provider. This could be leveraged to have a standard mailbox most items come to but have a "secure" one that points to a more security focused provider such ProtonMail or Tutanota for more sensitive communications.

Mobirise

My opinion of a few popular privacy and security focused providers (as of Jan 2021):

Provider Privacy Focused Offers Encryption Calendar SupportAccept & Receive Calendar InvitesContact SupportContact Sync Beyond Native AppIMAP* (+ CalDAV & CardDAV)Mobile App 

Customer Domain Support		 Comments
ProtonMailYesYes - Leader in this category.

Offer both End-To-End Encryption and zero-knowledge encryption.		YesYesYesNoIMAP via ProtonMail BridgeYesYesExcellent privacy and end-to-end encryption. Promptly encrypts plain text emails upon receipt. However, does not have Calendar support beyond web and cannot sync contacts outside of website and mobile application (e.g., cannot sync with Desktop mail application nor Mobile device).

Additionally, cannot invite nor accept calendar invites.

Can Import and Export Email via IMAP + their built-in options if you ever switch the service.
TutanotaYesYes - Leader in this category.

Offer both End-To-End Encryption and zero-knowledge encryption.		YesYesYesNoNo - Native Desktop App and mobile apps (all include email, contact, and calendar)YesYesSimilar ravings of privacy and security as ProtonMail.

Can send and receive calendar invites with a paid subscription. Similar to ProtonMail, contacts cannot be synced beyond their web and native applications.

Import service for importing email but must manually select each email and select export to export email if you ever opt to depart the service. This may be a non-issue for some. For others, this may make switching providers time consuming and high level of effort.
Mailbox.orgYesYes - but requires user opt-in and managing PGP Keys or using Mailvelope via web browser. YesYesYesYesYesNoYesOverall attractive service, but there are numerous negative anecdotes of issues with customer service and high rate of false positives of accounts being locked or blocked from sending due to anti-spamming algorithms.

User interface for Webmail leaves a lot to be desired and increases.
Mailfence

Yes

Yes - but requires user opt-in and managing PGP Keys or using Mailvelope via web browser. YesYesYesYesYesNoYesMailfence was very promising and struck the right balance of security, privacy, and convenience. However, similar to Mailbox.org there are negative anecdotes on issues with customer support, it lacks a native mobile app, and reportedly has issues with planned and unplanned outages (one recent example).
FastMailYesNo- but always an option of using Mailvelope via web browser or using PGP via a client such as Thunderbird to encrypt end-to-end.YesYesYesYesYesYesYesExcellent collective of features and functions. Built-in zero-knowledge encryption and end-to-end encryption is really the only item left out.

Robust instructions and documentation, including automated method for setting up CalDAV and CardDAV on mobile. Generous number of aliases (e.g., you want to sign up for a newsletter but not use your actual address as to avoid potential Spam later on). As well as option to do catch-all with your customer domain (e.g., any value @yourdomain.com can reach your inbox).

* Note IMAP, CalDAV, and CardDAV are the primary ways we consume these services via native popular applications.

All providers above offer encryption in transit with Transport Layer Security (TLS) and Encryption at Rest. However, be careful of providers that offer "Secure" services as some providers such as Kolab Now have a solid portfolio of services and features, but do not encrypt data at rest (e.g. the storage the data is on is not encrypted, at all). Instead, their data center is secured with fences, guards, and various access control measures - this is increasingly a standard practice and should be looked for as a default not a benefit.

Some honorable mentioned routinely included in discussions of private/secure email providers below; these unfortunately didn't meet my personal criteria for migrating away from Gmail.

My personal criteria, partially captured in the above matrix, majority related to the following:

  • Privacy respecting service. 
  • Minimum encryption at of data in transit and at rest.
  • Paid option (most paid services, mean you yourself aren't the product).
  • Custom Domain supported (e.g., bringing yourdomain.com so you can have you@yourdomain.com).
  • Ease of import and export (portability, I don't want lock-in).
  • Calendar and contact capability - for ease of use and to not create duplication of contacts between multiple providers.
  • Option of native mobile app (not that I'll use it necessarily, but the option).
  • IMAP, CalDAV, and CardDAV support - this enables use of most desktop and native Mobile Apps (e.g. Mozilla Thunderbird, Microsoft Outlook (desktop), iOS Mail/Calendar/Contact apps, etc.). Including the ability to synchronize mail, contacts, and calendars across devices.
  • Appearing and usable webmail site; doesn't need to be the greatest looking thing but have desired functionality.
  • Provider be respecting of law, privacy, and obligation to users.
  • Reside in a "non-shady" locality.
  • Have positive anecdotes and track records in various forums (e.g. proprivacy.com, privacytools.io, nordvpn.com blog, and various reddit subs (some mentioned above)).
  • Public documentation is complete and has "polish" (e.g., two providers above either lacked complete documentation for certain configurations or weren't presented in a professional way).
  • Finally, ultimately creating accounts at each and exploring the various user interfaces.

What are other ways to recover some privacy?

  • Web Browser: Some of these are more Firefox focused based on Mozilla's track record of respecting user privacy, but all of these extensions are also available for Chrome, Brave, Edge, and majority Safari. Reference resources such as: How to use Firefox's tools to protect your privacy while browsing. Consider using extensions such as: HTTPS Everywhere, UBlock Origin. MalwareBytes Browser Guard, Disconnect, and VirusTotal. 
  • Ad Blocking (and Malware/Ransomware):- If you are more tech savvy, consider exploring employing an instance of PiHole on your network to block most ads, malware, ransomware, unwanted telemetry/analytics, and other tracking prevalent on the internet. Excellent how-to for installing and configuring PiHole on a Raspberry Pi Zero (~$34).
  • File Storage:  If more technically inclined, consider hosting your own NextCloud instance for cloud storage and collaboration (e.g. in place of Google Drive). If less technically inclined, consider selecting your Cloud Storage provider based on there security and privacy posture.

    I personally run my own NextCloud instance, but still use a large Cloud Storage providers services (which is baked into an annual subscription I'm paying anyways). In my case, I freely use the service, but employ the use of encrypted zip files and containers for more sensitive documents (e.g., tax documents, two factor recovery codes, explanation of benefits, etc.). This is a very easy and streamlined way to add some additional protection from scanning, prying eyes (of your service provider), and potential compromise (obviously always a risk; if item is that sensitive consider storing it offline). Some methods of doing this:  7-Zip (Zip file creation and management tool), Microsoft BitLocker File Container (available if you have Windows 10 Pro), VeraCrypt (open source file and disk encryption), software/providers such as boxcryptor and cryptomator

    Conduct your own search and evaluating options available at sites such as PrivactyTools.io > Encryption Tools.

©2021 - 2024 FryeMail.me. Site Created with Amazon Web Services (AWS) Simple Storage Service (S3), CloudFront, Certificate Manager, and Route 53. Checkout this post if you are interested in your own static website. Opinions and typos are my own; conduct your own research and assessment before employing any of the approaches or services discussed above.

AI Website Creator