Alternative, privacy focused email providers similar to Gmail and 'promotional' mail

aynrus

 
Banned
That's wired.
I will try it once again if LinuxMint 20.1 English version is installed.

But with 10 aliases available, one account is enough for me. :cool:

The IP stuff was only relevant while doing the sign up. Later on they didn't care anymore, but I registered with them 10 years ago.
If it doesn't allow creating more accounts, may be clearing cookies could help.
I usually try to separate accounts themselves. This way there's less chance of things getting compromised or flooded with spam. Separate for anything financial/banking/2 tiers - more and less important, another for online purchases, one for personal, one for official/government, burner accounts, etc.

After using protonmail I'm not happy about some stuff. I know some banks reject them and in general some domains don't work with them as they consider their IPs to come from the class where much spam comes from (at least this is the excuse). I tried to use it to register for one forum and never received confirmation email despite trying mutliple times. One time I tried to restore my lost protonmail password and it worked - but account contents got wiped out. It's good from security standpoint but bad for my needs. Plus, the government bans on them, means could be stuck without access to my stuff or not being able to login into a bank. Protonmail now has political statements posted supporting protests, which only fuels government bans more.
Email used to be a simple thing and without IP tracking BS.... and should be, hopefully gmx will work for me.
 
Last edited:

aynrus

 
Banned
I couldn't login into GMX account using Opera VPN Europe server today. Closed the browser window, changed to Asia server and was able to login. Later logged out and logged in with normal US IP.
I'm starting to think GMX blocks some but not all VPN servers.
 

Bird

Pelican
Catholic
Probably free Opera VPN isn't a good idea in general, even if you were able to register the account with it. The term "VPN" is also not true since it is more like a proxy.
 

aynrus

 
Banned
Probably free Opera VPN isn't a good idea in general, even if you were able to register the account with it. The term "VPN" is also not true since it is more like a proxy.
I just don't want to have restrictions on type of VPN/proxy and IP in general I'm using.
 

aynrus

 
Banned
Probably free Opera VPN isn't a good idea in general, even if you were able to register the account with it. The term "VPN" is also not true since it is more like a proxy.
Actually, it did let me login with Opera Europe VPN server after re-trying a couple of times, so doesn't seem like that IP is really banned.
I want to stress-test the account a bit.
 

aynrus

 
Banned
The crooks who run Google had reached new lows... I have a gmail account which I haven't used in may be 7-8 months.
This email account never had any issues and login was kept highly secure/never used on public networks/etc.

So I tried to login today and entered correct password - it was ok with the password but asked for "recovery email" -
I typed correct recovery email - next, it asked for my phone number to text a "code" -
I gave it my phone number since I'm going to change it anyway soon, got a code/entered it -
next, it said "we're not sure it's you, can't login, try to login from some other device".
And this is logging in from US mobile phone number IP and no vpn used.
Time to de-google everything ASAP.
 
Last edited:

skullmask

Woodpecker
Protestant
The crooks who run Google had reached new lows... I have a gmail account which I haven't used in may be 7-8 months.
This email account never had any issues and login was kept highly secure/never used on public networks/etc.

I know you don't want to pay for email or put together a simple mailserver, but if you had your own email server you wouldn't have had to deal with that crap.

I'm spending about $3.50 a month for the server host, and 10 bucks a year for the domain name. I'm willing to spend a little under $5 a month if it means I don't have to submit myself to Google screwing with me. Plus I have a personal website I can host things on. I could do stuff like host my collection of rare Pepes, or something.

Just sayin.
 

aynrus

 
Banned
I know you don't want to pay for email or put together a simple mailserver, but if you had your own email server you wouldn't have had to deal with that crap.

I'm spending about $3.50 a month for the server host, and 10 bucks a year for the domain name. I'm willing to spend a little under $5 a month if it means I don't have to submit myself to Google screwing with me. Plus I have a personal website I can host things on. I could do stuff like host my collection of rare Pepes, or something.

Just sayin.
I have other email services, which are free and weren't locking me out, already removed gmail from important places...just don't need to pay for email, there're alternatives. (I was able to get into that account on my phone though)
I don't really need to pay for hosting/email, website - at least to the point where it'd need scalability requiring paid service, I have a free site, that's enough for my needs. I thought of buying a rightly-worded domain and paying for hosting in case I needed to host a QR-pointed site for fake vaxx cert, etc, that's the only situation I'd want to pay for anything. I have tons of free email accounts, probably dozens. This verification garabage really started with gmail and few years back. Gmail occasionally asked me for a phone number to get a text, but in 10 years I only had one prior incident of being completely locked out (I had dozens of accounts with them) - and I lead nomadic life, means new IPs all the time.

It seems like that KYC is intensifying and time to move on. As these old big monopolies become too interested in knowing you, there'll be others willing to take their place by not asking for too much. Paying for domain is less private because your financial info is on file somewhere, plus I'm adverse to the idea of "paying" for these things in general (just like I don't want to pay to run Linux), but another aspect is I never sign up for automatic billing, an as bad as I'm with remembering to pay I'd be without working email in no time. It's 21st century and email should be free and functional just like it was at the start of the Internet; the current dark ages of the internet will hopefully wane.
I don't know if it all moves into full-on China mode, though, something like phone and/or ID number to access not only any email but the internet itself.
 
Last edited:

aynrus

 
Banned
By the way, I earlier created Microsoft/outlook account with offensive password, something in the lines of screwmicrosoft.
I created another outlok account without offensive password around the same time.
The account with offensive password got frozen by microsoft, ther other account did not get banned.
They're even scanning "private" passwords for trigger words, clearly.
 

skullmask

Woodpecker
Protestant
By the way, I earlier created Microsoft/outlook account with offensive password, something in the lines of screwmicrosoft.
I created another outlok account without offensive password around the same time.
The account with offensive password got frozen by microsoft, ther other account did not get banned.
They're even scanning "private" passwords for trigger words, clearly.

I generally try to avoid offensive passwords. You never know when you might need to give someone your password. There are legit situations for that, and not just for wifi.

I thought good practice for password storage was to only keep a hash of the password on your server, that way if a hacker got access he would only see a random string of letters. Go figure.
 

aynrus

 
Banned
I generally try to avoid offensive passwords. You never know when you might need to give someone your password. There are legit situations for that, and not just for wifi.

I thought good practice for password storage was to only keep a hash of the password on your server, that way if a hacker got access he would only see a random string of letters. Go figure.
Why avoid offensive passwords? The only thing is common words are easier to guess, but with passwords being complex including multiple words and various characters, it doesn't really matter.
The password should never be given to anyone, in my case that's for sure as I don't share my passwords with others, and even in emergency situation - at least not to anyone who'd raise a brow over your choice of words, not being 100% trusted family member.

I'm going to create another account, with even more offensive password and see if password scanning (which is not supposed to be happening) continues.
 

skullmask

Woodpecker
Protestant
Why avoid offensive passwords? The only thing is common words are easier to guess, but with passwords being complex including multiple words and various characters, it doesn't really matter.
The password should never be given to anyone, in my case that's for sure as I don't share my passwords with others, and even in emergency situation - at least not to anyone who'd raise a brow over your choice of words, not being 100% trusted family member.

I'm going to create another account, with even more offensive password and see if password scanning (which is not supposed to be happening) continues.

I'm just saying, you never know when you might have to give a password out for some unforeseen reason. Of course it may depend on context. I would never give out my personal login password for my desktop, so I wouldn't worry about it. But I wouldn't want my wifi password to be Eat$h!tAndD1e! if I may have to give it out to grandma or something. I keep my passwords at work clean too, for the same reason.
 

aynrus

 
Banned
I'm just saying, you never know when you might have to give a password out for some unforeseen reason. Of course it may depend on context. I would never give out my personal login password for my desktop, so I wouldn't worry about it. But I wouldn't want my wifi password to be Eat$h!tAndD1e! if I may have to give it out to grandma or something. I keep my passwords at work clean too, for the same reason.

I never had to give password to email account to anyone, and I've been around for a while. I was talking about email/microsoft account password. Email password goes to the grave with me.
But if I had to due to some kind of unknown emergency, I'd have no problem giving whatever password.
(I don't have grandma or anyone else to give passwords to, I live alone and plan to keep it this way. You're talking about completely different thing, wifi password you might share with a visitor or technician)

Anyway, my point is Microsoft is scanning and analyzing passwords, which is not supposed to be happening under any circumstances.
 

skullmask

Woodpecker
Protestant
Anyway, my point is Microsoft is scanning and analyzing passwords, which is not supposed to be happening under any circumstances.

Yeah, pretty bad isn't it? Probably because they can pass the info on to the NSA, CIA, FBI and whatever. After all, it's so common for people to use the same password for most of their accounts. They're probably providing these passwords as a service to the three letter agencies in exchange for something. Or just selling it to common hackers for a small fee. I wouldn't doubt that Microsoft isn't the only party guilty of doing this either.
 

aynrus

 
Banned
Yeah, pretty bad isn't it? Probably because they can pass the info on to the NSA, CIA, FBI and whatever. After all, it's so common for people to use the same password for most of their accounts. They're probably providing these passwords as a service to the three letter agencies in exchange for something. Or just selling it to common hackers for a small fee. I wouldn't doubt that Microsoft isn't the only party guilty of doing this either.
Yes, exactly, they're doing unknown things after parsing the passwords. and very likely selling them and using them. Their system is only supposed to be checking them for characters that aren't allowed, parsing input character by character, and not do any lexical analysis on them.
I guess they're parsing political (and may be crypto-related) words/phrases too to report to NSA.
 

Max Roscoe

Pelican
Orthodox Inquirer
I wouldn't trust any US based service. No matter how good their intentions, they will be knowingly or unknowingly subverted. I forget the company, but a few years ago there was a privacy based ISP and the guy chose to shut down because he was being threatened with secret letters like "provide all information you have on user xxx and if you tell anyone you are doing this you are committing a felony" and basically you can be kidnapped and tortured at a secret rendition site because law doesn't matter.



They are all compromised.

Probably the best bet if you are not doing anything other than wrongthink, is to just run your own email server. It's not that difficult, though you probably want a dedicated machine (at least a raspberry pi) to do so, and it's much more difficult for glow agents to target 20,000 individual servers than compromise one firm with 20,000 user accounts.
 

soli.deo.gloria

Woodpecker
Orthodox Inquirer
Gold Member
I encourage running your own mail/web server if you are able. You get much more control and privacy and it's super convenient once you get used to it. A decent vps doesn't cost that much and if you are a newbie you can do most things via cpanel and tutorials. I use a local hosting provider so I don't necessarily have a recommendation for one but it's easy enough to search and look at reviews for vps offerings. It's obviously not for everyone but I think it's fun and you get to learn a lot about how email and the Internet works.

A good setup imho is Ubuntu Server (or whatever Linux distro you prefer) with Postfix, PostfixAdmin, DCC, Razor, Pyzor, PostGrey, SPF, DKIM, SpamAssassin, DNSRBL, Amavis, ClamAV, Dovecot, Apache (or Nginx), sqlite, PHP, RoundCube, UFW (iptables), and Fail2Ban. There are some good tutorials out there that show how to set everything up. Most guides suggest MySQL but I prefer sqlite because it's simpler and uses less resources. My server with all the stuff listed above runs nicely on a single core with only 1GB memory and about 10GB disk space.

I wouldn't trust any US based service. No matter how good their intentions, they will be knowingly or unknowingly subverted. I forget the company, but a few years ago there was a privacy based ISP and the guy chose to shut down because he was being threatened with secret letters like "provide all information you have on user xxx and if you tell anyone you are doing this you are committing a felony" and basically you can be kidnapped and tortured at a secret rendition site because law doesn't matter.



They are all compromised.

Probably the best bet if you are not doing anything other than wrongthink, is to just run your own email server. It's not that difficult, though you probably want a dedicated machine (at least a raspberry pi) to do so, and it's much more difficult for glow agents to target 20,000 individual servers than compromise one firm with 20,000 user accounts.

There is no such thing as trust or privacy (and there never was). All currently available technology is backdoored at multiple levels and most of the big companies and applications were either created by or cooperated with (or later infiltrated by) various alphabet agencies and/or the tractors. From phones to computers to software, you name it. Btw I believe the company you were thinking of was LavaBit.
 
Last edited:
Top