Just a week ago I wrote my impressions of diverse email providers so I put it here with a few corrections:

Proton gives me some no good vibe I cannot explain, but it works really good and they really have the human capital to make it work the best. A big criticism is hosting some many services under one roof... specially VPN, drive and email, but it is very convenient for customers. They do also have policies of no-refund that makes that bad sentiment grow... Why no refunding non-used portion or even with a penalty? Regarding its founder, Andy, he did made 3 statements that appeared to support Trump, but I think they were misinterpreted; Andy criticized more the Democrats unrelenting support for the Tech Giants than praising the Republican administration. Let’s remember that, at that time, Trump was the only voice that appeared that was going to favor more the small business vs the mega corporations. Of course, that was the promise that Trump, as with all others he made, were a complete lie. I don’t recall any other statements from Andy beyond that topic of small business vs big tech. After listening to many of Andy interviews, he does not seem to me like a typical Conservative, let alone MAGA supporter.

Mailbox, has been static for a while, but they do offer a good service and now they are attempting to modernize. No full privacy by default but that could potentially be with some effort, but okay for most people. Still a bit German-centric. I still would recommend them easily.

Posteo would have been my first choice since 5 years ago, but the lack of no being able to use your domain, sorry to say it is inexcusable. They say because your own domain brings some privacy up to light, very true! So advise it, “look, we suggest to use our domains for better privacy for you, but if you want the freedom to move to another provider in the future at the cost of a bit of privacy, you are welcome to bring your own domain”. I want to believe the decision was genuine because they think it is for better privacy and not to create a lock-in for its customers.

Tuta… oh Tuta. I like the people, I believe and trust them the most! Yet, they probably still need to grow a bit so they can have the resources to do better (maintaining an email service is it very hard nowadays, even more a privacy oriented one). Their android client does not share data with Google for the push notifications (hello Proton?!) and that should be a fundamental requirement. For just email, it is fantastic and for privacy it is the best, period… if you are OK with the lack of support on IMAP and POP3 protocols that is; They should do some bridge like Proton does and I would put in top among all in a instant.

Other privacy oriented providers can be okay since they have a low profile and less targeted by 3rd actors, but at the same time also less prone to keep with security updates. It is sad, but I would not use in a daily basics. Same with self-hosting, free or non-free, don't! As mentioned, it is very complicated not only from a security concern but also many email will get lost in the void by picky providers like Gmail.

On the concerns of the change of political colors in Germany, first regarding privacy, you are more at the wimps of the people of the provider than the leader of the time. I don’t really see any country as safe today, not a single one! Now, a right owner is someone like Lavabit’s that choose to close shop rather than given the SSL keys to the US authorities, that is why trust is so critical; I would rather use a provider based in the US with the right owner, than one in Switzerland with one I don’t know much about. Your only protections are the technology and the owner!

Once said that, unless you are a high targeted individual, maybe you should not only focus on privacy, besides, sometimes, the best defense is to blend-in among the no-so-top-notch-privacy providers. In any case, I trust the most Tuta, but recommend Mailbox for most people and Proton to those a bit concerned about normal privacy. I think there is room for a new player here that covers all the shortcomings, but it is not here yet.

Self Hosting

but truly private AND secure is a must.

Remember that email is none of that, unless both people use encryption.

Tuta and Proton both are encrypted, which is great, but the moment you exchange with someone that is not using encryption (aka, the vast majority of people), they're not anymore.

I always considered email like sending a good old postcard: something anyone could read without being invited, just by looking at it.

so I can have control

Be it Tuta or Proton, or any other commercial offering, you won't have real control without owning your actual domain name. Owning it means you can change email provider if/when you wand (and if you don't feel like using your own).

Honestly use whatever you want and use pgp, or gnpg. Encrypt all your messages using ecc.

Everyone telling you email isn’t private is right.

Don’t use it for things you don’t want to be public knowledge.

This might be an unpopular opinion in this community, but here it goes.

Privacy doesnt really exist with email. Yes, Proton does support encryption, but nobody but Proton uses it. When your bank sends you an email, its plain text, and its pretty much guaranteed its sent from an outlook or gmail server. If they want your data they can get it whether youve got proton or not.

As for me - I actually still use my universities email. Its on outlook, but, hardly anything is sent to it, it never gets flagged as spam, and it doesnt cost me anything and will hopefully be there forever.

TL;DR: Stick with Protonmail. There is, based on what you told us, no reason for you to switch to another provider.

I wouldn't recommend Tuta at the time of writing, due the lack of OpenPGP (no, their own EE2E does not act as a solid replacement) and JMAP/IMAP support.

I've kind of given up on the concept of email as a whole. Nobody emails anymore. Nobody in my family uses email, I've never had a friend who emails me, I'm the weirdo for asking for an email address so I can email you a calendar invite because I'm a weirdo for using the calendar..

Maybe it's just been my experience but does anyone actually use email? And if so what about everyone else's security?

Others have already said similar, but it depends on what you mean by "private" and "secure". Yes, proton is e2e but that only is true if you're emailing another proton user. And yeah, Proton can't read your emails, but as soon as you email someone else outside the ecosystem, it's as good as public.

I'm not saying thou shalt not use proton! But I had a subscription and cancelled. One part because the CEO vocally supported Trump and the doubled down when called out. Another part because I got tired of the proton ecosystem being inaccessible outside its own walled garden because of the e2e.

So I switched to Fastmail and couldn't be happier. Is it perfect, no, but what is? It works well, it's reasonably priced, they've been around forever, and I can use it with apps/programs outside of what they provide.

When it comes down to it, your email will never be truly private unless you only communicate with people who are just as concerned about privacy.

The real answer isn't don't use email for private communication. It's like asking what's the most private way to shout into a crowded room

Mailcow is great and is completely free