And what do you actually use? I know the answer is probably self-hosting but maybe there are other solutions for a decent privacy.

  • Cam@lemmy.world
    link
    fedilink
    English
    arrow-up
    18
    arrow-down
    2
    ·
    1 year ago

    A privacy email provider and email aliases for everything you sign up for.

    Email Providers

    Protonmail

    Tutanota

    Email Alias Providers

    Simplelogin

    addy

    • beeb@lemm.ee
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      Proton pass does e-mail aliases if you pay up for the high tier subscription

      • cooopsspace@infosec.pub
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        1 year ago

        Theres plenty of good reason to keep your alias provider separate from your email provider.

        The first being you can lift and shift to another email provider very easily.

        Secondly if something happens to your account you don’t lose the lot.

        Thirdly, just get a domain with alias provider and it matters not what email provider you use ever.

        • Atemu@lemmy.ml
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          The first being you can lift and shift to another email provider very easily.

          All alias providers I have seen (including SimpleLogin) allow arbitrary target/“backing” mailboxes.

          just get a domain with alias provider and it matters not what email provider you use ever.

          Personal domains are nice for “important stuff” that should be tied to your real person.

          One of the features of mail aliasing services is it to provide pseudonymity which you cannot achieve if the domain literally contains your real name.

          • cooopsspace@infosec.pub
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            I have a pseudo domain that has none of my info on it.

            It’s something along the lines of “thisisspam.com” that forwards to my personal email accounts.

            The point is, since I and not the service control my addresses I can take them anywhere.

            • Atemu@lemmy.ml
              link
              fedilink
              arrow-up
              3
              ·
              1 year ago

              Problem is that this domain (whether it includes your real name or not) is still related to your person as you are the sole user.

              If you created accounts at Google, Amazon and Facebook using a schema of servicename@thisspam.com, don’t you think they’d be able to tell it’s the same person who created those accounts?

              With the likes of google.quothfaaoa@aliassingservice.com, amazon.qwrlaklfas9@aliassingservice.com and facebook.1afglasdah@aliassingservice.com, that identification vector is simply ruled out.

              • cooopsspace@infosec.pub
                link
                fedilink
                English
                arrow-up
                1
                ·
                1 year ago

                This is going to be controversial, but if I was a user of these three scummy sites what you say above isn’t the hill I’m willing to die on or care about.

                However I have half a dozen domains, I could quite easily add one or two more for dumb shit like this if I wanted to.

      • Atemu@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        They do but it’s a limited kind of alias. You can’t set up reverse-aliases (you send first) for example which the regular SimpleLogin can.

    • gabriele97@lemmy.g97.top
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      I am new to the alias world so I’ve a question. How can I be sure that an alias provider doesn’t have access to my emails when they are forwarded?

      • Cam@lemmy.world
        link
        fedilink
        English
        arrow-up
        8
        arrow-down
        2
        ·
        1 year ago

        Unfortunately there is no way, it requires trust. Just like you need to trust your email provider to not have access to your emails.

        • Atemu@lemmy.ml
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          A point can be made here for email providers that also provide aliasing services such as Protonmail/SimpleLogin: Since they’re the same entity, using an aliasing service requires no additional trust.

          • Cam@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            arrow-down
            2
            ·
            1 year ago

            True but I believe SimpleLogin is based in France while Protonmail is based in Switzerland. Two seperate governments.

            • Atemu@lemmy.ml
              link
              fedilink
              arrow-up
              2
              ·
              1 year ago

              Indeed, interesting

              SimpleLogin is the product of SimpleLogin SAS, registered in France under the SIREN number 884302134. SimpleLogin SAS is part of Proton AG.