CTemplar is shutting down, Best alternative?

After spending a few months looking into alternatives, reading through whitepapers and privacy policies, and keeping up with the news, I ended up choosing Protonmail over mailbox.org, Startmail, Lavabit, and all the other providers out there (Tutanota, Posteo, etc.). I wrote out my full reasoning on my blog The Codegito if you’re interested. I go in depth into my requirements, how each platform met (or didn’t meet) my requirements, and on why I chose Protonmail despite (if not because of) the scandal brewing at the time.

This is my personal opinion, but I did a lot of research and would be willing to talk about why I made the decision if you had any questions. I admit that PM isn’t perfect (no third-party smartphone clients and their desktop bridge requires a subscription), but I can confirm that since choosing Protonmail, I have rarely (if ever) regretted my choice.

I won’t point to a review, but some things impress me about Posteo, particularly from F-Droid perspective (as much as I do or don’t understand it). They don’t have an app, in apple or google stores, or anywhere, AFAIK. They care about javascript licenses Email green, secure, simple and ad-free - posteo.de - JavaScript Licenses . They publish transparency reports Email green, secure, simple and ad-free - posteo.de - Transparency report . They have provisions for anonymous signup, and work fine over Tor…

I might have chosen Posteo, but I figured:

  1. Posteo doesn’t support custom domains (so I’d be stuck with them);
  2. Since they aren’t as popular as Protonmail, I’ll be less likely to hear if something goes wrong (there won’t be as much press coverage)

own domain

Not sure why needed, and

Posteo has a good reason for this: doing so would require they store the assignment of the domain as unencrypted user information, which violates their privacy promises.

Regardless, where there’s a will, there’s a way: Andy's Blog

hear if something goes wrong

Bad news travels fast, and I feel posteo would publish it themselves.

own domain

Not sure why needed, and

The main reason I need this is so that in the unlikely event that Protonmail goes south, I can change email provider without worrying about missing all my emails. I understand why Posteo is doing this, but I need the freedom to change providers if I choose to in the future.

Regardless, where there’s a will, there’s a way: Andy’s Blog

I hadn’t seen that. Thanks for sharing the link!

hear if something goes wrong

Bad news travels fast, and I feel posteo would publish it themselves.

Yes, but I don’t want to have to rely on the company shaming itself should something go wrong. Especially for a smaller company, news won’t spread as far or as quickly. Better safe than sorry in my opinion.

Again, I could be wrong about any of these, but this is how I came to my conclusion about Protonmail.

Also, I hadn’t mentioned this earlier, but has Posteo undergone any professional security audits like Protonmail has?

freedom to change providers

Send your email contacts a “here’s my new email address” email. Problem solved.

audit

Sure they have: site:posteo.de audit at DuckDuckGo

Is anyone able to give me an Invite Code for Riseup please?

fedora.email ?

Autocrypt is the EU attempt at killing PGP. Designed to be encourage MITM.

@RichZ
Care to elaborate?

1 Like

Send your email contacts a “here’s my new email address” email. Problem solved.

Except it doesn’t work like that (unfortunately). What about businesses you’ve signed up for services with, your taxes, bank, etc.? You have to change you email in all your accounts. In addition, parents and relatives may not always remember your new email or list it on your contact card. Source: I tried.

Sure they have: site:posteo.de audit at DuckDuckGo

Could you give me a specific link for an audit done on Posteo itself? If they have had one, my opinion of them will certainly increase, but I can only find articles about them auditing Enigmail, Mailvelope, and other software - never themselves. I could be completely wrong and stand ready to be corrected, but I haven’t yet found evidence that Posteo itself has been professionally audited by a third-party company.