Free email providers

72 replies [Last post]
talbers
Offline
Joined: 01/29/2017

Currently I'm using google's email service but I would like to move onto a provider that respected my freedom, but I do not know any alternatives, could you suggest some? The only requirement is that it has to be free (in cost) as I have no way of paying for it.

ivanB1975
Offline
Joined: 08/29/2017

Long time ago, I bought a raspberry pi for 35 dollars, and I installed on it citadel. At the same time for 50 dollars I bought my own domain name for 10 years and in a week I had my personal email set up on the pi. The best way to respect your freedom and pocket is to learn how to do things yourself :)

talbers
Offline
Joined: 01/29/2017

Yes, I had the same idea as I also wanted to have my own web page, the problem is, my internet really sucks (disconnects all the time) and I don't have an static IP either (I guess there are some alternatives to this point). Maybe it's time to talk with my internet provider ...

strypey
Offline
Joined: 05/14/2015

Hi Talbers, I hope the various responses to your query about freedom-respecting email providers were useful.

>> I also wanted to have my own web page, the problem is, my internet really sucks (disconnects all the time) and I don't have an static IP either (I guess there are some alternatives to this point). <<

You don't have to run the server on a box in your home to start learning how to self-host. There are various options for leasing server space for commercial datacentres.

If you're actually going to host private data on it, I would recommend leasing a full virtual server for production use. But if you just want a server to tinker and experiment with, it's usually cheaper to use a shared server, or a "cloud" host that only charges you for the resources you actually use. Many "open source" startups use AWS, but I suggest looking for more freedom-friendly hosts like Catalyst (https://catalystcloud.nz/), ideally one based in your own country, or somewhere nearby. Others on this forum may like to suggest other hosting options.

If you do want to experiment with running servers at home, I suggest trying a personal hosting distro like YUNOHost or FreedomBone (a fork of FreedomBox, that only includes free code software with no proprietary binary blobs). According to the FreedomBone documentation, a lack of a static IP can be resolved with DynamicDNS
https://freedombone.net/faq.html#orgf845f43

The intermittent internet connection is a tough problem to fix. Short of getting a better internet connection, I suggest starting your home hosting experiments with server packages that are designed to handle intermittent connections, such as PeerTube (a video-hosting server using BitTorrent/ WebTorrent), and Hubzilla (a federated blogging engine).

jxself
Offline
Joined: 09/13/2010

"The best way to respect your freedom and pocket is to learn how to do things yourself :)"

For sure. It's too bad that I can only upvote this once.

GrevenGull
Offline
Joined: 12/18/2017

One thing I don't understand about "buying" domain names is... who owns them in the first place?

Also.. what is raspberry pi? And citadel?

mason

I am a member!

I am a translator!

Offline
Joined: 07/07/2017

On 02/12, name at domain wrote:
> Long time ago, I bought a raspberry pi for 35 dollars, and I
> installed on it citadel. At the same time for 50 dollars I bought
> my own domain name for 10 years and in a week I had my personal
> email set up on the pi. The best way to respect your freedom and
> pocket is to learn how to do things yourself :)

I've considered doing this. I already have a domain name and a C.H.I.P. Have you managed to avoid getting blacklisted? I read here

https://mailinabox.email/guide.html

that this is a risk of using a server in your home.

s1lv3r
Offline
Joined: 10/29/2017

https://www.fsf.org/resources/webmail-systems you can find something here, sigaint is closed but the others are viable.
I think these two are the best you can find https://posteo.de (you have to pay a small fee for this one) or https://riseup.net/.
You can ask for an account on this site https://www.autistici.org/, autistici inventati is a famous site you probably already heard of it.
More info for your privacy here: https://prism-break.org/en/.
More email providers: https://prism-break.org/en/subcategories/gnu-linux-email-accounts/
Hope this is helpful!

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

I can only recommend two: riseup and cock.li (the latter has several domains if a mail with cocks does not fit your standards)

talbers
Offline
Joined: 01/29/2017

I checked riseup's site but I don't know how to get an invitation ticket :/

GrevenGull
Offline
Joined: 12/18/2017

I encourage the person who downvoted this comment to explain why said person downvoted.
I upvoted to somewhat spread the balance, but I would very much like to upvote again.

edit: typo

mason

I am a member!

I am a translator!

Offline
Joined: 07/07/2017

I've learned that the voting system is silly and up/down votes shouldn't be read into too much. The appropriate use of downvotes is to flag posts that are inappropriate. If you see a post that has been downvoted even though it does not violate community guidelines, you can do exactly as you did here and cancel it out.

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

>I don't use email, it is too dangerous

Why is email dangerous?

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

>a system with many potential attack vectors.

Care to elaborate?

Jodiendo
Offline
Joined: 01/09/2013

Why is email dangerous?
THE ANSWER IS
'HEYJOE"
lack OF INTEGRITY AND TOTAL RELATIONSHIP OF A DISHONEST PERSON.

Abdullah Ramazanoglu
Offline
Joined: 12/15/2016

[heyjoe]
> Option 2: stay with whatever you use, communicate using end-to-end encryption (if your recipients know how). Then it doesn't matter much who the carrier is. The caveat still remains.

I think the same. Regardless of which SAAS service is used, backbone routers and fiber-optics are still owned. So it does't matter at all whether you use a PRISMed server or a home brewed server, unless you *encrypt* your communications.

As for the caveat, if a correspondent doesn't use encryption, then there's nothing that can be done. Again it doesn't matter if you've secured yourself or not. So my suggestion would be using any mail service pragmatically convenient, and then using encryption whenever possible.

[SuperTramp83]
> Why is email dangerous?

I believe J Assange doesn't trust in encryption as well. He may have a reason for that.

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

Edit: I misread.

quantumgravity
Offline
Joined: 04/22/2013

> The question is: which online service provider runs on RYF hardware with FOSS firmware and software?

No, that's not at all the question.
It's always the same thing: once you send data to other peoples computers, you gave away control over this data anyway and it doesn't matter at all what
software this other computer claims to run.
It's not *your* computer but theirs, and so asking for an email provider that runs only free software on their servers is actually being concerned about *their* freedom.
You already gave away control over your data anyway and can never be sure what software the mail provider really runs.
Even if he does run only free software, he could still mistreat you by copying your mails, reading them, selling your data etc (just examples here).

Now, don't get me wrong: we have to give away control over our data to some extent in order to do certain jobs.
For instance, I can't search the web with my own computer alone. I have to connect to a search engine and transmit my query.
There are other examples were I *could* do the job on my own computer, and if I still send the data to some server in order to get processed, it's called
"Service as a software substitute":
https://www.gnu.org/philosophy/who-does-that-server-really-serve.en.html

Note that in the case of "service as a software substitute", it's not important what kind of software actually runs on the server, since you don't own it.

An email provider that "respects your freedom" is most likely one that allows you to use his service without the need of proprietary software.
I think this holds for all providers I know of.
An email provider that "respects my privacy" is a separate question, since freedom and privacy are two distinct yet connected topics.
It's always a matter of trust... unless you use encryption.
After all, this whole "we will not log anything and won't read your mails" is nothing but a promise.
As others have pointed out, running your own email server is the best but inconvenient way.

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

The email provider does NOT run only free software. NO computer in this world does that as of today. I wonder why it is so difficult for most people here to understand this.

I wonder why it is so difficult for you to understand that it is *not* quantumgravity's point. He even started his reply to your question ("which online service provider runs on RYF hardware with FOSS firmware and software?") with "No, that's not at all the question". The central point of his reply is:

Even if he does run only free software, he could still mistreat you by copying your mails, reading them, selling your data etc (just examples here).

quantumgravity
Offline
Joined: 04/22/2013

Did you even read my post?
It almost feels as if you're replying to somebody else... you completely missed my point.

dsj19
Offline
Joined: 12/05/2013

> The question is: which online service provider runs on RYF hardware with FOSS firmware and software?

Vikings [1] will soon lunch their librehosting service and I asked them at FOSDEM when they will be ready to deliver. They said that they would start in April 2018 with email hosting first and afterwards continue with the librehosting service.
They run on free hardware [2] (Talos 1 and Talos 2) + FOSS software

[1] https://vikings.net/
[2] https://www.raptorcs.com/TALOSII/

GrevenGull
Offline
Joined: 12/18/2017

protonmail?

Jodiendo
Offline
Joined: 01/09/2013

i USE PHOTON MAIL ,IS FREE BUT iF YOU HAVE TO PAID FOR IT IS A DIFFERENT STORY.

CalmStorm

I am a member!

Offline
Joined: 12/31/2014

If it comes down to using other email providers,

Disroot.org is the best free one.

If you are doing it yourself, that's good too...

But yeah... if you know how to do it yourself, that is the best option.

But if you don't, then go for disroot.org.

That one is copyleft. Though I wish I knew which license it was. :0

Aristophanes
Offline
Joined: 10/05/2017

What do you think of Autistici/Inventati? I've done some research, and they seem to be solid in terms of the security and privacy they offer.

CalmStorm

I am a member!

Offline
Joined: 12/31/2014

ring -2 and ring -3?

hmm... I don't know much about ring,

I just know for desktops its pretty freakin decent.

I should also add 4gb cloud storage and also, it costs nothing unless you donate.

Its copyleft and also,

Oh, not that this helps you persay, but,

https://www.ssllabs.com/ssltest/analyze.html?d=disroot.org

A+

I use Hyperbola and use their email through icedove 52.6.0 works good for me.

I still haven't figured out how to add a gpg key to it yet, but someday it will be easier I am sure.

That's my thoughts anyways.

but they do have good ciphers in general.

CalmStorm

I am a member!

Offline
Joined: 12/31/2014

Interesting, its worth looking up I am sure. I don't quite know the answer at this time.

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

I still haven't figured out how to add a gpg key to it yet

Have you tried following the steps on https://emailselfdefense.fsf.org/en/index.html ?

CalmStorm

I am a member!

Offline
Joined: 12/31/2014

Ah you misunderstand, I meant within the website itself. Kind of like posteo.de's method of doing so.

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

You want your GPG private key to stay on *your* machine, not on that of the service provider.

CalmStorm

I am a member!

Offline
Joined: 12/31/2014

Hmm, I never thought of it from that perspective. That is a good point.

Abdullah Ramazanoglu
Offline
Joined: 12/15/2016

[TIC]
I believe email security is generally exaggerated to no extent. It shouldn't be quite so difficult to achieve reasonable security in terms of email messaging (ignoring other uses of internet for the sake of discussion).

If you simply merely...

* Use only pure libre and audited hardware
* Use only pure libre and audited software
* Encrypt your emails with GPG
* Ensure that there is no back doors to the encryption algorithm you use
* Ensure that your keys are safe
* Ensure that all of the above also true for your correspondents

...then you can expect to have reasonably good email security and privacy.
It's quite as very simple as that!
It is beyond me why people make a fuss about it.
[/TIC]

Abdullah Ramazanoglu
Offline
Joined: 12/15/2016

> What you list is only valid if all the nodes in the network have the qualities you listed.

I had addressed it with;

>> * Ensure that all of the above also true for your correspondents

Node B is one of your correspondents.

> That's the big fuss (to my mind).

[TIC]
Oh no, ensuring encryption-suitability of your correspondents is not so difficult that you seem to think. All you have to do is prepare a simple checklist, send it to your correspondents in plain text while you're exchanging public keys. And decline exchanging encrypted mails if one of the requirements in the checklist is not met by your correspondent.

In order to make things easier for non-tech people, this checklist should *not* ask questions like "[ ] Is your hardware comprised of only pure libre and audited parts?" That's a tough question for the casual user. Some people may not know what "pure and libre parts" means. Each question regarding encryption suitability (that I have given in my previous message) should be translated into much easier sub-lists, such as;

For hardware:
[ ] Is your CPU Shakti? (if not, please give its name and model)
* What is the name and serial number of your BIOS? [__________]
* What is the name and model of your GPU? [__________]
* What is the name and model of your NIC? [__________]
* What is the name and model of your WiFi? [__________]
* What is the name and model of your modem? [__________]
* What is the name and model of bluetooth adapter? [__________]
[ ] Are your USB connectors stuffed with glue? (silicon gum or the like would also do)

A plain and easy sub-list similar to the above should be prepared for each of hardware, software, GPG usage, algorithm security, and key security. Shouldn't take more than a couple of minutes of your correspondent. Given the stakes involved, what's a minute?

A small utility might be written, even, to streamline the process. For me, I would have found it most helpful if Debian main repository included such a package. Then all I would have to do would be, quite simply, asking my correspondent "Please run freedom-police and pass me the output".
[/TIC]

Abdullah Ramazanoglu
Offline
Joined: 12/15/2016

> What is TIC?

Tongue in cheek. :)

Abdullah Ramazanoglu
Offline
Joined: 12/15/2016

> The bullet lists you show are still only for experts. I can't imagine doing it with clients who use iMac/iPhone and are utterly proud of it and closing one's source of income because of that would be insanity.

Exactly.

With [TIC] paragraphs I was indirectly saying that true email security is practically out of reach for the time being. Non-existent (yet) libre CPU, non-existent libre GPU, non-existent libre networking hardware, pure libre audited software, ensuring that all the parties are the same...

Abdullah Ramazanoglu
Offline
Joined: 12/15/2016

> So there is not a perfect method.
> How difficult is it?

I am afraid there is no *perfect* method, but there are *good* methods. I sctratched the surface of it in the other thread you started. (Is there a perfect method to guard our communication?)

CalmStorm

I am a member!

Offline
Joined: 12/31/2014

You must have had an error of some sort, maybe ask a mod to delete your duplicate posts?

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

You can write to david (although I am not sure the issue is worth fixing): https://trisquel.info/users/david/contact

FindEssential
Offline
Joined: 08/23/2017

Hi talbers,

Congratulations on getting to a place where you want to drop Google. There are lots of ways to look at services when wanting one "respects your freedom". Most of the respondents focused on absolutism, this option is simply not free (as in cost), which was indicated in your question as a requirement. Therefore, you are looking for some type of relativism.

Personally, I wish this forum would help people find resources that are relatively better than what one is using currently; rather than immediately jumping down some absolutist rabbit hole.

Clearly, dropping Google is a huge step. It can be very difficult as its services are rather sticky. Moving off Gmail, a service you know for a fact is mining your email to serve you adverts is a challenge because it requires using less sticky options. Disroot.org was already mentioned as a drop in webmail option to replace many Google services. They do not charge, serve adverts, and are not a hulking corporation with compromised realities.

Beyond that first option, you might already have an account that is free of advertising that you have more control over. If you have a website, most hosting accounts include an email account. Openmailbox also has a limited, free tier. Some people have had issues with the service, but I used it for three years with no issue.

If your like me, you might have several accounts already, and adding another might be unnecessary for the purpose of getting away from Google. When I made that choice, I went back to my old Fastmail account as my primary and use my icloud account as a secondary account. I went down from a peak of eight emails accounts to two, meaning less of "me" is out there to be mined.

strypey
Offline
Joined: 05/14/2015

"Personally, I wish this forum would help people find resources that are relatively better than what one is using currently; rather than immediately jumping down some absolutist rabbit hole."

Having participated in this forum for a few years now, I've noticed that the truly knowledgeable people here do what you describe, and are very helpful. But there are always a few PRISM-breakers who only seem to be here to show off, with posts that demonstrate only their ability to fall into the black/white fallacy.

It's true that one can *never* be 100% sure that any information entered into any networked, digital system is secure (privacy is a related but separate issue). It's also true that no matter how many locks we put on our doors and windows, we can never be 100% sure our house is secure. That doesn't mean there's no point taking what sensible precautions we can at home, or on our computers. There are real steps we can take to make it harder for people with malicious intentions to enter our computer (or our house), which makes it less likely to happen.

Those who play chess will know that making a silly move and leaving a piece exposed doesn't always result in the loss of the piece. It depends how skilled the opponent is, and what other threats are distracting them from noticing the opening.

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

I am pretty sure strypey refers to the current #1 poster on this forum: https://trisquel.info/forum/what-i-think-about-george-anchev-heyjoe-and-his-site

strypey
Offline
Joined: 05/14/2015

I prefer not to name names. I suggest you look at each comment and ask yourself, does it help others increase their control over their computing, improve their computer security, or protect their privacy? Or does it amount to an argument that no improvement is worthwhile unless it results in instant perfection (which is, of course, impossible)? By the fruit of their actions shall ye judge them, and all that.

That said, given the behavior of the person MagicBanana refers to (as described in the link they give), it does seems justified to name and shame in the case of that person.

strypey
Offline
Joined: 05/14/2015

One of the oldest laws of the jungle on the net is "don't feed the trolls". You don't solve the problem of a forum being flooded by people who thrive on attention by ... giving them more attention. This is true whether they are trolling on purpose for the lulz, or just don't know how to participate in a more useful way.

strypey
Offline
Joined: 05/14/2015

Trolling is when a user intentionally provokes other users, and disrupts conversations. When we say a user is a "troll", we simply mean that they are trolling, rather than posting anything sincere or helpful. See:
https://www.urbandictionary.com/define.php?term=Trolling

An example of trolling would be posting on the Trisquel forums about how lame Trisquel is, and how people should just use Ubuntu. Any conversation that proceeds from a post like this can only take the form of contradiction ("no it isn't!", "yes it is!"), and is a waste of everyone's time. If a user regularly makes posts like this, we would say they are a troll, and encourage other users to simply ignore them, until they go away.

That's what we mean by "don't feed the trolls"; since they thrive on attention, even telling them why they're wrong encourages them to keep trolling, and keep wasting everyone's time. So if we suspect someone is trolling, we don't respond to them directly, because that would "feed the troll". We might post a comment directed at forum users in general, correcting any serious misinformation the troll has posted, and then warn everyone not to feed the troll.

strypey
Offline
Joined: 05/14/2015

MSuzuqi wrote:
>> So even if you down-voted every his comment, it might not be "feeding". <<

The Trisquel forums have a voting tool that allows us to collectively moderate posts on the forums. If enough users downvote a comment, it is hidden from view by default (if you have JS turned on). Those who wish to can still view the hidden comment, and upvote it if they think it shouldn't be hidden.

Used responsibly, this tool allows us to prevent people from flooding the forums with abusive or time-wasting comments, including trolling. Used thoughtlessly it can be a tool for censorship, or even for trolling. With great power comes great responsibility and all that. TBH I prefer the community moderation approach to having an elite of "moderators" who have to make all these decisions by themselves, and then waste their time handling appeals and criticism from people who disagree with their decisions.

>> I might be able to clarfy the difference between "troll" and, for example, "terrorist", after your answer. <<

Just because the word terrorist is over-used, that doesn't mean it's not a thing. A person who uses tactics intended to scare the public, as a means to achieve political change, is engaging in terrorism, and can be described as a terrorist. I've always given a definition of trolling, and explaining that someone whose posts are mostly or only trolling can be described as a troll.

CalmStorm

I am a member!

Offline
Joined: 12/31/2014

Some people are amused by trolls... I myself am, sometimes... depends if they are making fools of themselves in a funny way... or if they are just being irritating.

That is my dilemma with what you just said.

J.B. Nicholson-Owens
Offline
Joined: 06/09/2014

name at domain wrote:
> Personally, I wish this forum would help people find resources that are
> relatively better than what one is using currently; rather than immediately
> jumping down some absolutist rabbit hole.

It sounds to me like what you want is what IT professionals do. Whom did
you contact about buying a paid support contract?

ADFENO
Offline
Joined: 12/31/2012

> It sounds to me like what you want is what IT professionals do. Whom
> did you contact about buying a paid support contract?

I support this, specially because I do need money to get living and I
recently made a savings account which (as far as I know) accepts Orders
of Payment from abroad, and I also just made a Bitcoin wallet, and I do
intend to pay my taxes. ;)

--
- https://libreplanet.org/wiki/User:Adfeno
- Palestrante e consultor sobre /software/ livre (não confundir com
gratis).
- "WhatsApp"? Ele não é livre. Por favor, veja formas de se comunicar
instantaneamente comigo no endereço abaixo.
- Contato: https://libreplanet.org/wiki/User:Adfeno#vCard
- Arquivos comuns aceitos (apenas sem DRM): Corel Draw, Microsoft
Office, MP3, MP4, WMA, WMV.
- Arquivos comuns aceitos e enviados: CSV, GNU Dia, GNU Emacs Org, GNU
GIMP, Inkscape SVG, JPG, LibreOffice (padrão ODF), OGG, OPUS, PDF
(apenas sem DRM), PNG, TXT, WEBM.

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

I will write to you now to get your account number and thank you that way for the better CSS you wrote for my Web page.

Totally different topic: I know you are involved with checking Chromium's licensing status. Have you taken a look at the superficial investigation I made in https://trisquel.info/forum/free-software-foundations-problems#comment-128239 and https://trisquel.info/forum/free-software-foundations-problems#comment-128267 ? Are those problems real?

ADFENO
Offline
Joined: 12/31/2012

> I will write to you now to get your account number and thank you that
> way for the better CSS you wrote for my Web page.

Thank you very much for the understanding. ;)

> Totally different topic: I know you are involved with checking
> Chromium's licensing status. Have you taken a look at the superficial
> investigation I made in
> https://trisquel.info/forum/free-software-foundations-problems#comment-128239
> and
> https://trisquel.info/forum/free-software-foundations-problems#comment-128267
> ? Are those problems real?

I didn't look thorough these yet, but I plan to do so once I'm no longer
pressed by college tasks and job seeking. Also, Chromium is a behemoth
after all. ;)

strypey
Offline
Joined: 05/14/2015

This discussion of the software freedom issues with Chrome/ Chromium is important, and deserves its own thread, rather than being tacked onto an unrelated one. Perhaps a new thread could be created, or this one could be used?
https://trisquel.info/en/forum/confirmation-iridium-libre

BTW thanks Adfeno for trimming your posts. It makes a big difference to the layout of the forums, particularly when replies get a few layers deep, and I imagine it also improves the legibility of your posts when received by email :)