I need to change ISPs and need to find a new email provider. This time I want to move to my own domain which I purchased through Namecheap and I do not want to use another ISP’s email system nor do I want to use Google, or Microsoft since I am Linux (and Android too) based. I would like this to be US based or at least have a strong US presence so obvious choices like Proton Mail, Mailfence, and Mailbox.org are out. I would prefer it interoperate well with FOSS software too, I use Thunderbird and K-9 Mail for example. Also so want them to be trustworthy, have good security, and have good OpSec with respect to their their servers and service.
After looking I find three I am considering and they are quite different:
- Fastmail. Long history. No PGP support but they do have their own domains one can use also.
- Namecheap Private Email. Uses Ox App Suite, may support PGP, and quite new. I think you have to have your own domain (not sure).
- Forward Email (forwardemail.net). A forwarder with IMAP support. You supply the webmail if you want webmail, but otherwise it should work fine with IMAP and normal clients.
So questions:
- Any thoughts and experience, pros and cons with the above 3.
- Other better ideas.
So thoughts? Thanks.
No PGP support
Why would the mail provider need to support it? I mean, if they provide some sort of webmail client, maybe it doesn’t do PGP, but I sure wouldn’t be giving them my PGP keys anyway.
I haven’t used any of them, but I don’t think that you can go too far wrong here, since you have your own domain. Pick one, try it for non-critical stuff for a month or two, and if you don’t like it, switch. As long as you own the domain, you’re not locked in. If you do like it, then just start migrating.
The main differentiating factors I can think of are (a) service reliability, (b) risk that someone breaks in and dumps client mail, but it’s hard for me to evaluate the risk of that at a given place. And © how likely it is that other parties spam-block mail from them.
I’d look for TLS support for SMTP and IMAP; that may be the norm these days. The TLS situation for mail is a little unusual compared to most protocols, where on a new connection, some servers initially use the non-encrypted version and then upgrade via STARTTLS.
If you intend to leave your mail on their server rather than just using it as a temporary holding point until you fetch it, you might look into what their storage provided is.
I’d also see what the maximum size of any individual email that they permit is.
I could be handy to read you mail on the web client. Depends on how secret you want your PGP key, how much you trust your provider. I would argue that in most cases it would be better for the provider to manage the keys then to have no one use PGP which is what we mostly have now.