330
Proton Mail goes AI, security-focused userbase goes ‘what on earth’
(pivot-to-ai.com)
Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.
This is not debate club. Unless it’s amusing debate.
For actually-good tech, you want our NotAwfulTech community
"Pro privacy" company that cucked to the state to get a climate activist arrested (against their privacy policy that they sneakily change after the fact) are actually a bunch of typical corporate grifters that sell out their userbase to promote shitty llm garbage? Nawwwwwww. Say it ain't so! It's like every week or month after I argue about these shitty fake privacy companies with idiots in c/privacy I recieve massive vindication. Maybe this is my sign to become a man of faith.
What's your alternative to the fake privacy company? I'm assuming the correct thing would be: if your threat model does not include governments, self hosted email, or if it does include governments, probably don't use email.
Self hosted email is its own can of worms. I wouldn't recommend it to anyone outside of experienced IT people. You'll end up blacklisted before you send your first email if you do anything wrong (and there's a lot that can go wrong), and it doesn't solve any security problems email has.
Anything sent over email just isn't private. That goes for Proton customers when they send or receive anything from a non-Proton address too. The one thing privacy email providers can actually do is keep your inbox from being scanned by LLMs and advertisers. That doesn't prevent the inboxes and outboxes of your contacts from being scanned, though.
If you use email, the best thing you can do is be mindful of what kinds of information you send through it. Use aliases via services like simple login or anonaddy when possible. Having a leaked email is a security vulnerability. Once bad actors have your email, they now have half of what they need to breach multiple accounts.
have been that sysadmin setting up a company email server. postfix is trivial to set up, absolutely the easiest experience. following that, though, was weeks of supplicant emails to MS to beg them please not to block us. My recommendation was never do this again, use a third-party outgoing email vendor, email is lost.
MS will send your mail straight to spam if you do not set up your domain keys and DMARC in DNS correctly and do not have a reject or quarantine RUA or the email(s) in your RUA bounce.
Sometimes you may get temporarily sent to spam if your IP is in a /28 of a known spammer IP.
That's about it.
plus the bit where you wait six weeks for a response to your request that they unblock you
none of this process is fucking simple
I've never had to ask MS to unblock me and it sure as hell doesn't take 6 weeks or even 3 days for them to automatically see if everything is right again.
I even set up a non traditional domain with a "non-generic" tld a couple of years ago and I think it was around 16 hours or so before my test emails were hitting outlook inboxes.
Additionally, I think Google still wants SPF setup though it is pretty useless now. And if your RUA was set up right, as I recall, you get an automated email from MS telling you why your mail went to spam (or was rejected), which is the point of it to begin with.
I guess if it worked for you it's perfect! Well done.
As a tip for next time, if you really want to host your email but you don't want to put up with dealing with emails being sent to spam boxes, you can just use an SMTP relay/proxy provider. Your email isn't hosted there but they do send it on and will be the 'source' mail server and is going to be much, much, much cheaper than paying someone to host your email for a bunch of users.
you didn't bother reading the thread first, did you
as a tip for you next time, shut the fuck up when someone with experience tells you you’re giving shit advice
I go have one rare afternoon nap and the (un)professional services posters come out on stage, smdh
oh there’ll definitely be more