Title: I moved my emails to Proton Mail
Author: Solène
Date: 12 September 2024
Tags: privacy security emails selfhosting
Description: In this blog post, I explain why I migrated my emails from
self hosting to Proton Mail
# Introduction
I recently took a very hard decision: I moved my emails to Proton Mail.
This is certainly a shock for people following this blog for a long
time, this was a shock for me as well! This was actually pretty
difficult to think this topic objectively, I would like to explain how
I came up to this decision.
I have been self-hosting my own email server since I bought my first
domain name, back in 2009. The server have been migrated multiple
times, from hosting companies to another and regularly changing the
underlying operating system for fun. It has been running on:
Slackware, NetBSD, FreeBSD, NixOS and Guix.
# My needs
First, I need to explain my previous self-hosted setup, and what I do
with my emails.
I have two accounts:
* one for my regular emails, mailing lists, friends, family
* one for my company to reach client, send quotes and invoices
Ideally, having all the emails retrieved locally and not stored on my
server would be ideal. But I am using a lot of devices (most are
disposable), and having everything on a single computer will not work
for me.
Due to my emails being stored remotely and containing a lot of private
information, I have never been really happy with how emails work at
all. My dovecot server has access to all my emails, unencrypted and a
single password is enough to connect to the server. Adding a VPN helps
to protect dovecot if it is not exposed publicly, but the server could
still be compromised by other means. OpenBSD smtpd server got critical
vulnerabilities patched a few years ago, basically allowing to get root
access, since then I have never been really comfortable with my email
setup.
I have been looking for ways to secure my emails, this is how I came to
the setup encrypting incoming emails with GPG. This is far from being
ideal, and I stopped using it quickly. This breaks searches, the
server requires a lot of CPU and does not even encrypt all information.
HTML Emails encryption at rest on OpenBSD using dovecot and GPG
Someone shown me a dovecot plugin to encrypt emails completely, however
my understanding of the encryption of this plugin is that the IMAP
client must authenticate the user using a plain text password that is
used by dovecot to unlock an asymmetric encryption key. The security
model is questionable: if the dovecot server is compromised, users
passwords are available to the attacker and they can decrypt all the
emails. It would still be better than nothing though, except if the
attacker has root access.
HTML Dovecot encryption plugin: TREES
One thing I need from my emails is to arrive to the recipients. My
emails were almost always considered as spam by big email providers
(GMail, Microsoft), this has been an issue for me for years, but
recently it became a real issue for my business. My email servers were
always perfectly configured with everything required to be considered
as legit as possible, but it never fully worked.
# Proton Mail
Why did I choose Proton Mail over another email provider? There are a
few reasons for it, I evaluated a few providers before deciding.
Proton Mail is a paid service, actually this is an argument in itself,
I would not trust a good service to work for free, this would be too
good to be true, so it would be a scam (or making money on my data, who
knows).
They offer zero-knowledge encryption and MFA, which is exactly what I
wanted. Only me should be able to read my email, even if the provider
is compromised, adding MFA on top is just perfect because it requires
two secrets to access the data. Their zero-knowledge security could be
criticized for a few things, ultimately there is no guarantee they do
it as advertised.
Long story short, when making your account, Proton Mail generates an
encryption key on their server that is password protected with your
account password. When you use the service and log-in, the encrypted
key is sent to you so all crypto operations happens locally, but there
is no way to verify if they kept your private key unencrypted at the
beginning, or if they modified their web apps to key log the password
typed. Applications are less vulnerable to the second problem as it
would impact many users and this would leave evidences. I do trust
them for doing the things right, although I have no proof.
I did not choose Proton Mail for end-to-end encryption, I only use GPG
occasionally and I could use it before.
IMAP is possible with Proton Mail when you have a paid account, but you
need to use a "connect bridge", it is a client that connects to Proton
with your credentials and download all encrypted emails locally, then
it exposes an IMAP and SMTP server on localhost with dedicated
credentials. All emails are saved locally and it syncs continuously,
it works great, but it is not lightweight. There is a custom
implementation named hydroxide, but it did not work for me. The bridge
does not support caldav and cardav, which is not great but not really
an issue for me anyway.
HTML GitHub project page: hydroxide
Before migrating, I verified that reversibility was possible, aka being
able to migrate my emails away from Proton Mail. In case they stop
providing their export tool, I would still have a local copy of all my
IMAP emails, which is exactly what I would need to move it somewhere
else.
There are certainly better alternatives than Proton with regard to
privacy, but Proton is not _that_ bad on this topic, it is acceptable
enough for me.
## Benefits
Since I moved my emails, I do not have deliverability issues. Even
people on Microsoft received my emails at first try! Great success for
me here.
The anti-spam is more efficient that my spamd trained with years of
spam.
Multiple factor authentication is required to access my account.
## Interesting features
I did not know I would appreciate scheduling emails sending, but it's a
thing and I do not need to keep the computer on.
It is possible to generate aliases (10 or unlimited depending on the
subscription), what's great with it is that it takes a couple seconds
to generate a unique alias, and replying to an email received on an
alias automatically uses this alias as the From address (webmail
feature). On my server, I have been using a lot of different addresses
using a "+" local prefix, it was rarely recognized, so I switched to a
dot, but these are not real aliases. So I started managing smtpd
aliases through ansible, and it was really painful to add a new alias
every time I needed one. Did I mention I like this alias feature? :D
If I want to send an end-to-end encrypted email without GPG, there is
an option to use a password to protect the content, the email would
actually send a link to the recipient, leading to a Proton Mail
interface asking for the password to decrypt the content, and allow
that person to reply. I have no idea if I will ever use it, but at
least it is a more user-friendly end-to-end encryption method. Tuta is
offering the same feature, but it is there only e2e method.
Proton offer logs of login attempts on my account, this was surprising.
There is an onion access to their web services in case you prefer to
connect using tor.
The web interface is open source, one should be able to build it
locally to connect to Proton servers, I guess it should work?
HTML GitHub project page: ProtonMail webclients
## Shortcomings
Proton Mail cannot be used as an SMTP relay by my servers, except
through the open source bridge hydroxide.
The calendar only works on the website and the smartphone app. The
calendar it does not integrate with the phone calendar, although in
practice I did not find it to be an issue, everything works fine.
Contact support is less good on Android, they are restrained in the
Mail app and I still have my cardav server.
The web app is first class citizen, but at least it is good.
Nothing prevents Proton Mail from catching your incoming and outgoing
emails, you need to use end-to-end encryption if you REALLY need to
protect your emails from that.
I was using two accounts, this would require a "duo" subscription on
Proton Mail which is more expensive. I solved this by creating two
identities, label and filter rules to separate my two "accounts"
(personal and professional) emails. I actually do not really like
that, although it is not really an issue at the moment as one of them
is relatively low traffic.
The price is certainly high, the "Mail plus" plan is 4€ / month
(48€ / year) if you subscribe for 12 months, but is limited to 1
domain, 10 aliases and 15 GB of storage. The "Proton Unlimited" plan
is 10€ / month (120€ / year) but comes with the kitchen sink:
infinite aliases, 3 domains, 500 GB storage, and access to all Proton
services (that you may not need...) like VPN, Drive and Pass. In
comparison, hosting your email service on a cheap server should not
cost you more than 70€ / year, and you can self-host a nextcloud /
seafile (equivalent to Drive, although it is stored encrypted there), a
VPN and a vaultwarden instance (equivalent to Pass) in addition to the
emails.
Emails are limited to 25MB, which is low given I always configured my
own server to allow 100 MB attachments, but it created delivery issues
on most recipient servers, so it is not a _real_ issue, but I prefer
when I can decide of this kind of limitation.
## Alternatives
I evaluated Tuta too, but for the following reasons I dropped the idea
quickly:
* they don't support email import (it's "coming soon" since years on
their website)
* you can only use their app or website
* there is no way to use IMAP
* there is no way to use GPG because their client does not support it,
and you cannot connect using SMTP with your own client
Their service is cool though, but not for me.
# My ideal email setup
If I was to self-host again (which may be soon! Who knows), I would do
it differently to improve the security:
* one front server with the SMTP server, cheap and disposable
* one server for IMAP
* one server to receive and analyze the logs
Only the SMTP server would be publicly available, all ports would be
closed on all servers, servers would communicate between each other
through a VPN, and exports their logs to a server that would only be
used for forensics and detecting security breaches.
Such setup would be an improvement if I was self-hosting again my
emails, but the cost and time to operate is non-negligible. It is also
an ecological nonsense to need 3 servers for a single person emails.
# Conclusion
I started this blog post with the fact that the decision was hard, so
hard that I was not able to decide up to a day before renewing my email
server for one year. I wanted to give Proton a chance for a month to
evaluate it completely, and I have to admit I like the service much
more than I expected...
My Unix hacker heart hurts terribly on this one. I would like to go
back to self-hosting, but I know I cannot reach the level of security I
was looking for, simply because email sucks in the first place. A
solution would be to get rid of this huge archive burden I am carrying,
but I regularly search information into this archive and I have not
found any usable "mail archive system" that could digest everything and
serve it locally.
## Update 2024-09-14
I wrote this blog post two days ago, and I cannot stop thinking about
this topic since the migration.
The real problem certainly lies in my use case, not having my emails on
the remote server would solve my problems. I need to figure how to
handle it. Stay tuned :-)