This morning I was asked to find an archived email with photos of some scientific equipment. I searched "Powerlab," the name of one of the instruments, in gmail, and the email came right up. Great! But then I noticed that the word "powerlab" never appeared in the text of the email. I tried searching "ML206", an arbitrary character string from one of the photos in the email, and again, the email appeared in the search, without the search phrase highlighted in the search result, as it normally would be. I tried different phrases from jpgs in emails; not all yielded search results but some did.

I'm not happy about this. I accept some compromises to privacy when using Gmail, but sending text as an image can be a way of specifically avoiding information being harvested. All I ask for is a way to turn it off.

Can anyone replicate this? Did anyone already know about this?

Hi,

I saw that Proton now has a Family Plan that includes all of their services including mail, calendar, drive, etc.

I've been looking to detach my and my family's life a bit from the big corps like Google, Microsoft, Apple, and Proton sounds interesting.

At the same time I am wondering if they're really to be trusted any more than any other company. I found some critique of the E2E encryption being basically snake oil and not properly implemented etc. I am of course aware that there're always tradeoffs and while privacy is definitely nice, I don't need to go to an extreme degree of "no logs whatsoever, never even turning anything over to the police", I think I am just mostly looking to make me and my family less of a product of advertising, possibly AI/ML and so on, so some compromise is definitely possible.

I am curious, does anyone here have any experience with or opinions on the company and their products?

I love mailing lists! They are my preferred way of discussing interesting topics with people. Please share your favourite lists, and any directories or search engines you know of. 🙂

• nettime - net art and media crit
• JISCMail - UK academic listserv

Hello everyone.

The other day, Firefox Monitor warned me that my personal e-mail was found on a data leak from Gravatar (belongs to Automattic; WordPress's parent company). Funnily, I don't have any account (and never had) with them, but nevertheless, I tried to log in, and it failed. I tried to recover my password, and it said "no e-mail found". Maybe a false positive from Firefox's side?

Anyway, that situation got me thinking that I should never use my personal email except on super important websites. For example, with Christmas gift buying, I've used my personal e-mail on multiple online websites (I usually try to avoid Amazon) and I shouldn't have done that.

Of course, Firefox recommended their own service Firefox Relay, which it does look interesting. Afterwards, I've searched on HackerNews to see what other people recommended.

These were the recommendations (apart from FF Relay):

• SimpleLogin
• AnonAddy

A few questions:

1. Do you use any of these three services?
2. How happy are you with the service that you use?
3. Is there something better?

I actually like Firefox's implementation because it is actually quite cheap (€12 per year), it is an easier way to support Firefox's development (instead of donation to the Mozilla Corporation) and I trust Firefox more on the security side of things. Nevertheless, the other two services seem more feature complete and I actually do not like that FF Relay "forces" you to use a domain like "alias@mozmail.com" or a custom domain like "alias@mydomain.mozmail.com". My goal would actually be "alias@mydomain.com" for my own contact with other people. On website registrations, @mozmail.com is okay, I guess.

I already have my own domain that I've bought from Namecheap and I think instead of associating an e-mail to my domain, I actually would prefer to use one of these services. The reason is that my website/e-mail domain could be reused if I stop paying. Some websites and/or people could have this e-mail and someone could impersonate me. With an e-mail forwarding service, I can easily and quickly delete/disable/change the alias. I'm not sure if I'm putting too much expectation on a forwarding service, but, I would like to know what do you think. 🙂

I tried to do a quick search and can't find an example of exactly what I want to do. I want to keep my email provider but change how it "looks" or said in another way, change the address itself. The reason for that is that I ditched Google to a lesser known email provider but I hate having to spell out my address to everyone because they don't know about said provider.

My idea would be to create something like myname@personal.com. Is there a name for what I want to do? Is it possible?

Thanks.

A few years ago I decided to ditch Gmail and started using Disroot as my e-mail provider. It was recommended by privacytools.io.

I realized that at least one e-mail I sent went to spam and now every time I send an e-mail I get paranoid if it will reach its destination. Is there a way to know if the e-mails I send are opened?

I've thought about switching to a more mainstream e-mail provider like ProtonMail but I already have so many accounts linked to Disroot that make switching dreadful. As a matter of fact I still have over 100 accounts that are using my Gmail address because it's so time intensive and not a priority to do the switch. Hopefully in the password-less future this kind of problem will cease to exist.

My spouse and I own a condo. The property management company that the home owners' association hired is generally mediocre (which is a huge step up from the usual scenario where most are actively awful). They do a reasonably good job of keeping us informed, but they way they do it is hilariously bad. Every email they send is sent as a .jpg and a .docx file with no actual text in the message. My email client renders it and I can read it, but it makes all of their emails unsearchable, and it makes filtering beyond the basic "emails containing address x" impossible.

I've asked them personally several times both electronically and in writing to please stop sending such correspondence and just send a regular email. (I honestly don't care whether it's plain text or HTML, just so long as it's searchable and filterable.) But it's so far been to no avail. I brought it up at the last HOA meeting and they agreed to also include their messages as text in the body of the email, but they don't. If I'm really lucky they'll have one or two sentences in text, but the rest is a .jpg and a .docx (or .pdf) of the actual body of the message. I've tried to explain that this is bad for people with disabilities and may even run afoul of the Americans with Disabilities Act, but they didn't seem to care.

It's not clear to me how one ends up sending emails in this form. I don't use any Microsoft products, which they probably can't comprehend, but I suspect this is some sort of Windows thing. Does anyone know how this happens and why? And more importantly, does anyone have suggestions for getting them to stop?

In light of the seemingly increasing rate of data breaches and privacy violations in general, I've decided to take some steps further regarding my online presence.

Among other things, I decided to switch all my online accounts to custom domain email addresses, so I grabbed two domain names (with WhoisGuard enabled): one for use with stuff related to my real identity (think @firstlast.com), and the other for all else (think @randomword.com). Then, I changed the email address of each one of my existing online accounts, taking advantage of the catch-all feature. To make things short, it goes like this:

Accounts not related to my real identity:

• tildes.net.187462@randomword.com -> tildes.net
• reddit.com.178334@randomword.com -> reddit.com
• ...

Accounts related to my real identity:

• amazon.com.113908@firstlast.com -> amazon.com
• bankofamerica.com.175512@firstlast.com -> bankofamerica.com
• ...

As you might have guessed, the 6 digits ending the local part of email addresses are meant to be randomly generated, in order to mitigate easy guesses by spammers due to catch-all (though I've also created a specific sieve filter to mark incoming emails with "unknown" recipient as spam).

Before you ask, I don't intend to start a discussion about threat modelling here. I just want—as anyone who is not a complete tech-illiterate—to have a reasonable weapon against spam caused by recurrent data breaches, so that if an email address is leaked, I can toss it and replace it with a new one without much effort.

Also, I value owning my email addresses, in the sense that if I decide to change email provider in the future, I won't have to change my addresses too as a consequence. For communicating with real humans (e.g., my doctor), I could use a non catch-all address like first@firstlast.com.

I wonder what do you think of this approach... Is it overkill? Do you see any major concern from a privacy or security standpoint? Are you doing something similar and are happy with it? I would very much like to hear your experiences with email, especially about the approach you settled with.

I've recently decided to change email providers and so I had to change quite a few things. I went from encrypted mail (Tutanota) with their own client to a plain mail / standards-compliant mail provider (Migadu) after looking at many providers. (I'll probably make a blog post about it in the near future.)

So I'm just wondering.

What email provider do you use?
What clients do you use?
How do you treat your email?
Anything else you want to share in relation with this?

I'm trying to clean up my internet presence and move away from at least Facebook and Google. I've come a long way with deleting my Facebook and it's now basically an empty shell for messaging. I've installed Signal and will start the grooming process with my friends and family now. If you have some solid arguments for the change regular ol' folks can understand please share them with me because as we all know "privacy" just isn't enough.

Next phase is the big one...Google or basically G-mail.

1. Is there any way to get an complete overview of where you've used your e-mail for a service online?

2. What e-mail would you recommend?
2a. I'm OK with paying a bit for overall quality, security and equally important UX!
2b. I don't use any other relevant Google products like Drive etc. It's just regular e-mail and sign in credentials for other services I basically need

3. I use a Mac, iPhone and iCloud. Is iCloud a problem? IF this needs to change it HAS to be an "easy" switch and not like setting up a server for myself. Because it won't happen and I'm not skilled enough.

I would very much appreciate your input :)

EDIT: Thank you all for your thorough comments!