by Sytten on 12/15/19, 4:10 PM
I made the switch a couple of days ago. Here is my experience so far:
- interface looks better than a few years ago. It is still gwt based though which is notably insecure (I got a NPE in a warning the other day).
- they do support multiple domains but with a limit on aliases which is quite low (10 for the base plan)
- plus addressing is nice but managing where each go (folder) is a pain.
- no subdomain addressing
- privacy feels better with servers not in the US
- my threath model doesnt include the NSA so I am fine having unencrypted emails if I can have IMAP instead of browser based.
- calendar is very well done and simple to use
- combined with Nine on android I replaced google calendar, contacts and gmail.
Overall I am happy with the switch.
by cik on 12/15/19, 4:09 PM
I've been all in on secure email, and friends the last week or so since buying yet another domain. It's really a painful world. The tradeoff continues to be that Google and Microsoft both provide a tonne of value (and security) for $5/month/user. At the same time the obvious tradeoff on privacy and anonymity is made :(.
The secure email services provide far less product-based value, though clearly the security and lack of ad tracking is there.
Ultimately the market will declare - but currently people overwhelmingly choose brand (Google) and feature-based value, whilst giving up their privacy. It's quite frustrating.
by rndbit on 12/16/19, 2:46 AM
I recently switched to Mailfence after briefly using Mailbox.org. My issue with Mailbox.org was getting IMAP mail, calendar, and contacts synchronized across Mac and IOS. Mailfence worked perfectly with Exchange ActiveSync for IOS and IMAP/CardDav/CalDav for MacOS.
My requirements were:
1. Support my own domain
2. Support IMAP, CardDav, and CalDav
3. Privacy friendly country
Some alternatives I looked at and rejected were:
* Posteo - Doesn't allow domains
* Fastmail - The Assistance and Access Bill of 2018 makes Australia a privacy unfriendly country (also part of the Five Eyes)
* Protonmail - Doesn't support standard protocols and IMAP bridge was flaky
by dbtx on 12/15/19, 4:06 PM
They want a minimum 7-character login, and first & last name-- then it seems you can't just type your desired actual address's name@mailfence.com, instead you have to select from a short list of varied combinations of login, first, last. I just changed my first name to the short name I wanted and went back to that list, and as expected, it appeared as an option. I picked it, I restored my real name, everything is OK AFAICT. Still, I wish vivaldi.net and mail.com would get on the 2FA train... especially the former.
by tptacek on 12/15/19, 6:28 PM
This seems like yet another "secure email" provider where the cryptographic security is cosmetic, because it's delivered over HTTP requests that can with every individual backend fetch silently override the encryption or exfiltrate keys.
Also, their "we take software security" blurb is weak:
We use operating systems and open source software that take security seriously. However, software have bugs. In most cases, an update for a security problem will be available within minutes/hours of the original report. We perform the update as soon as it is available and validated.
Applying patches is table stakes. What portions of their stack, including their own code, have they actually had audited? Do they have software security engineers on staff? Is there a /security page somewhere on this site that explains where to report vulnerabilities?
by stevehawk on 12/15/19, 4:01 PM
Security/privacy aside - it's a bummer that it doesn't mention multiple domains per account. I have ~20 diff domains tied my sole fastmail account.
by jammygit on 12/15/19, 8:07 PM
How do you evaluate the security or privacy of providers like this one? I think years ago they or one of their fans went all over Quora and Reddit saying good things about it, but I wasn’t sure in the end how to evaluate their claims or find independent reviews and ended up Switching to ProtonMail.
While I used it, it was good at least. Setting up a custom domain at the time required sending the company an email iirc?
by chrisweekly on 12/15/19, 8:32 PM
Can anyone highlight differentiators vs [protonmail, fastmail, ...]?
What advice for someone busy but technical, looking to get off gmail?
by cobbzilla on 12/15/19, 6:41 PM
I read the title too quickly and saw "Mailfeasance"
It would be a great name for an email service catering to spammers and scammers.
by RiOuseR on 12/15/19, 4:21 PM
Wants an email... to sign up for email? Lolwut?
by paulryanrogers on 12/15/19, 3:48 PM
Claims to be "browser-based" so I'm going to guess Electron. Also mentions OpenPGP and Belgium HQ for legal protections. Though I'd guess they'll also need to only hire Belgium developers to maintain the claim that they're outside the reach of other governments.