AnonAddy VS Tutanota makes encryption easy

My tips from moving away from Gmail:

- Mailbox.org is what I use and it's pretty good. I often see Fastmail recommended too.

- Use a standalone email client that allows you to connect to multiple email servers. This makes it easy to continue to monitor your old email account while you use the new one. I use Thunderbird on desktop and FairEmail on Android (though Thunderbird also has an app for Android).

- Transfer all of your most important accounts over initially. As long as you continue to have access to your old account, you don't need to transfer absolutely everything all at once, you can do it over time.

- Use a custom domain name so if you decide to change providers again in future you just need to update your DNS records rather than changing your email address in all your accounts.

- You may also want to set up a catch-all email address or use a service like https://addy.io/ to generate email aliases on the fly, and create a new alias for each service you use (for example, your email for GitHub could be github.com@mydomain.com). This helps protect your actual personal email address from spam.

I generate a unique email alias for all web services that I sign up to, so I made a CLI tool to make it easy to instantly create or get an alias for a website.

While I'm planning to eventually self-host anonaddy[1] or SimpleLogin[2], I'm currently happy with Fastmail.com's masked email feature[3].

90% of my own usage consists of entering `masked_fastmail website.com`, which will get the alias for website.com or create one if it doesn't exist. The alias is automatically copied to clipboard. There's a GIF of how this works in the project README together with some more examples.

The CLI tool is written in Go and is very simple. I've used it myself for almost 1 year now. I made some upgrades yesterday and wanted to share it here in case it's useful for someone else :)

[1] https://github.com/anonaddy/anonaddy

https://addy.io/#pricing

No limit to the number of aliases from which you can send/reply.

But you probably need to be a paid subscriber, at least €1/month.

That looks good, thank you. And being owned by Proton give me more trust, the other suggested here https://addy.io/ not that much.

With providers like Addy and SimpleLogin it is possible to use your own domain.

> https://addy.io/

This is one of a few reasons I have started to use email forwarders such as AnonAddy.

https://github.com/anonaddy/anonaddy

Not all of my emails have been moved over yet, but over time I plan on depreciating almost if not all of my main emails from logins.

Hey, Tuta Team here. If you're looking for one with unlimited addresses for a custom domain, check out Tuta Mail: https://tuta.com

You can also try https://tuta.com/ and see if it works for you.

The essentials for me are private email, calendar & cloud storage. Here is my post-Google setup:

https://tuta.com/ is a German privacy-focused alternative that I'm currently using for email & calendar. Easy switch, although I was already using web clients rather than IMAP before the switch.

I looked at Proton Drive for cloud storage, but their CEO Andy Yen is a Trump supporter [1](https://archive.ph/2025.01.15-162500/https://www.reddit.com/...), which makes me question his decision-making.

I settled on a 5€ / month VPS from Hetzner and using Syncthing instead, but this requires some minimal amount of technical skills to set up and maintain.

There is no alternative to YouTube, unfortunately.

Last time I checked, while tutanota's emails are ostensibly E2E encrypted, all public keys are provided by their server and there's no way to pin keys or verify them over a side channel, so a compromised server could trivially send its own public keys and MITM attack all encrypted emails.

This completely defeats the purpose and guarantees of E2E encryption, but for some reason, it hasn't seemed to be a priority for them.

https://github.com/tutao/tutanota/issues/768

Hi HN, we are the developers from Tuta (formerly Tutanota), the German end-to-end encrypted email provider, and we recently released the world's first post-quantum encryption for email.

We have included a full technical write-up of the cryptography involved in these changes and we have released it for open public review.

This document specifies TutaCrypt, a protocol designed for hybrid email encryption in Tuta Mail. The protocol combines a classical Elliptic-Curve-Diffie-Hellman key exchange with a post-quantum KEM. The goal is to replace the usage of RSA in Tuta Mail.

In the remainder of this document we describe some preliminaries such as the cryptographic primitives used. We define the core algorithms of the protocol and describe the flow of messages between the communicating parties. Finally, we discuss the security properties and some limitations of the protocol in its current form.

We are eager for your constructive feedback. All cryptography related source code is available for review and experimenting here: https://github.com/tutao/tutanota/blob/master/src/api/worker...

If you have any questions or comments related to post-quantum cryptography please let us know in the comments!