Yeah same here, they deleted my old addr for inactivity, fine, so I made a new one. "Flagged for review, cannot send/receive emails at this addr yet" 2d go by, "flagged harder, reach out, using the email that can't send email, to tuta support and explain why you need this acct." Tried to send the email, perhaps unsurprisingly, to no success.

So I created a Disroot acct instead. They also flagged me for review (but then approved me, and I did it twice so I have two disroot accts which I need for different reasons), and their sign up site is pretty bad (it says "weak password" until you get enough chars in the prompt, coulda just told me that instead of making me insane rolling 30 different passwords in keepass..) but still, much better now, I have IMAP and disroot doesn't delete for inactivity, so, woohoo!

That's why I switched to my own mailserver. Sure this isn't something for everyone. But getting a vps with a reputable and static IP to setup stalwart and use their manual for building up all the DNS querys wasn't that hard.

Sorry to hear this, what a nightmare.
If your old Gmail account lives, my thought is to carry on using that with auto forwarding to a fresh Tuta account and see how that goes, using the fresh Tuta and copying to old Gmail for redundancy / fallback. Thats what I did

This is what I hate about all email and why I say every so often I would like citizens public email. I mean this could happen with google. We need to have a right to an email address.

Buying a domain and using that is a good idea, and you can also do a catch-all so you can give each service their own address and see which ones leak your data

I think it's safe to say you went too fast (id always start with email forwarding and slowly moving services over in ascending order of importance, and make sure you avoid email 2fa if at all possible), but that does suck.

Tuta is definitely the least reputable of the privacy email services, I still don't know why they get recommended. I've made and lost several accounts with them and treat them like a burner.

Protons a bit risky to me because they're very aggressive about immediately locking you out if you don't pay right away (in this case a trial expired, they charged me with no credit card on the account and threatened to block me from accessing my account if I didn't pay up even though I immediately contacted them and tried to cancel as soon as I saw the trial expired). To me that level of inflexibility is, while maybe acceptable in Europe, not for me. I keep a few email addresses and as soon as the above happened immediately moved everything out of proton.

But really what I'd recommend is the more traditional services that you pay a small amount for. Posteo has been good for me for several years. I've read similar things about similar services which aren't marketed as "privacy" services but instead they just aren't Google.

A lot of these "privacy sensitive" service providers are actually quite user-hostile.

Find a middle ground - get your own domain (pick a good registrar) and find a respectable mail host that has a support team with accountability who don't treat you like a burden on this planet when you attempt to contact them (i.e not Tuta, not Mailbox-org - nope!!!, not Proton etc.). Do not go overboard with DMARC/etc in the beginning. Go about it slowly.

Also - make sure you use a service that lets you connect via an IMAP/POP client. It pains me to say that, but if you start avoiding services based on "five eyes" and "14 eyes" and "195 eyes", I'm pretty sure we will be looking at pigeons and corked bottles in the sea. So, if you need E2EE over email - please use E2EE in the email using GPG on your own. I'd highly recommend not falling for the privacy theatre of the likes of Proton.

I've been using tuta for more than 3 years now, paid, and even though it has its drawbacks, it's a good secure alternative to most providers nowadays.

I've had to deal with support a while back and even though they were not the fastest, they replied on a fairly timely manner.

I'm sorry to hear you've had a bad experience with them.

Use duck dot com email proxies, ya noob.

Thank you first of all OP for actually sharing your experience. I've known Tuta was sketchy for a while, yet in every single post anyone talks about switching emails, every other reply is always "Tuta! :)"

And I feel because everyone is so unanimously vouching for Tuta, people who may use other niche services don't feel as encouraged to share what they may have "Oh, guess everyone likes Tuta."

Stfu about Tuta. Seriously.

And ftr, no OP you're not alone. I've seen countless other domains engage in the same draconian 2FA shit where they do a better job of locking you out of your own accounts than actually protecting your privacy. It's unfortunately becoming an industry standard model from the looks of it.

they are active on mastodon. message them publicly there and tag them

To be fair though, the exact same thing can happen to you on gmail too. They are not unknown to immediately block your account if something flags it to them and getting a quick response there is not a given either.

I'm really sorry this happened to you OP.

I would really recommend that you consider getting a custom domain for your email. many are not that expensive and if you do, then you can just point that domain at whatever email provider you want without changing your email on the services.

in this scenario, it would let you setup that domain on another provider and at least get access to any emails going forward.

If they "can't do anything" on their own service then how can they be trusted at all?

They're either lying outright, or are so deeply incompetent that they don't know how their own software works and can't touch it to try to resolve a problem for fear of breaking something.

I had the exact same issue when I created a Tuta email, thankfully they solved my problem in less than 24h after I emailed them about this.

Just send an e-mail. your account was flagged as bot.

my new Tuta account got "frozen" for 48h after creating it. Tuta said to prevent mass-sign-ups of bots and prevent spam.....

Try posteo. They at least allow third party clients and they have some cool features.

Just curious was this a Tuta paid account, or a free one?

Tuta is very strict with the free accounts and flag them for all sorts of reasons. They take their time to "approve" free accounts just to be able to use them. And on top of that they might nuke your account anyway if they think it is being used for spam/illegal activity/whatever or they think it's not being used.

But I thought those are just issues with their free accounts, presumably their paid accounts don't get flagged for those things.. or so I thought.

Also to echo the other comments - best to buy and own your own domain for your email, that way it doesn't matter where the email is being hosted in case you need to switch email providers.

I also had a problem a few years ago with Tutanota and when I emailed for help, no response. I just gave up and accepted that those emails were lost forever. I now have Protonmail and I’ve been happy with them.

Instead of having your online accounts registered directly to your @tuta.io address (or your gmail address, or any webmail address), buy a domain name and have the accounts registered to that and then set the DNS to forward all mail from that domain to your webmail account of choice. That way, if the webmail service fucks up, the worst-case scenario is that you change the forwarding again and you've only lost the contents of the previous emails sent, not access to receive future ones.

(Caveat: when you send an email it'll by default be coming from your webmail provider address, not your custom domain address, and I'm not sure how to fix that -- I've only recently started switching to the scheme myself -- but if your main issue is receiving 2FA emails and such that's not a big deal.)

I choose mailbox as my email service, it's mature, based in Germany, privacy focused and has given me zero issues in terms of my emails going into people's spam folders.