Yubico Forum

My subscription to my current email service provider (ESP) is about to expire. I've been with this provider and had the same email address for 15+ years. While it does pain me to consider leaving this address, the novelty of having the same email address no longer overrides what I perceive to be a weak and non-progressive ESP.

I mostly use desktop clients (Outlook 2013, contemplating a shift to Thunderbird) and mobile devices (native apps) to access my email via IMAP and I prefer that to remain the case. I would like a more secure email service, both in terms of log-in authentication and security of my emails themselves while on the server. I've learned a lot recently about email security and encryption. I know that I could encrypt my own emails using an OpenPGP/Gpg4win implementation (and a YubiKey NEO), but this is largely pointless because nobody with whom I've ever interacted uses such a setup (or S/MIME for that matter). I also know that if I wanted to really be secure, I'd pull the emails off the server and not allow them to remain in the cloud; however, I consider myself an average-paranoia level person and like to be able to access my entire email account from anywhere.

Based on my research, here's the criteria I'm looking for:

1) Secure log-in authentication, 2FA preferred, YubiKey/OATH strongly preferred
2) Secure connection (SSL/TLS), this is pretty much universal nowadays
3) Secure server storage, encrypted highly preferred
3a) No indexing/datamining of my email (i.e. Gmail, Hotmail, Yahoo, etc.) to provide to companies/gov't
3b) No employee access to my email (like LastPass), understand this would probably require client-side encryption
4) IMAP support, understand this conflicts with 2FA, I want 2FA for webmail access/account settings
5) Reasonable price for about 1GB worth of storage ($40-$50)

Based on the above, Fastmail and Lavabit are the closest matches and a combination of the two would be perfect (Fastmail has 2FA, Lavabit encrypts the account).

My personal opinion is that "nuclear", self-contained options like Countermail, Hushmail, Safe-Mail, etc. are most appropriate for the super-paranoid, activists/journalists, or criminals. I am none of the above.

Opinions on forums are like...you can fill in the rest, which is why I've posted this query to a smaller, more specific audience here at Yubico vice bigger forums like Wilders or EmailDiscussions.

Are there any ESPs I'm missing and should be considering? I am strongly leaning towards Lavabit, but I know there are other options like FastMail, Pobox, etc.

I've been using Fastmail.fm for about 10 years. Never had a problem. I don't use it for my main email anymore, but do keep the account paid up. Nice thing is that Fastmail supports Yubikey authentication on the web client.

I also use FREE digital certificates from CAcert.org (www.cacert.org). Once your identity has been assured, you can generate as many certs as you need, both client and server. These can be used to encrypt email on most any email service, including Fastmail.

I use the Apple Mail client or Postbox to access my email and encrypt/decrypt with my CAcert certificates. Have used Thunderbird with no issues. Never used Outlook.

Hope that helps you.

I am with Zoho Mail http://www.zoho.com/mail/and I am quite happy with them. They offer a fully fledged email service IMAP POP3 Calendar, notes and more. It's probably worth logging on a have a look round. My only complaint is that it can be a little bit confusing to get your Control Panel. I had no trouble registering my MX records. I don't think so hello uses Yubikey.

FastMail also operates a great service. I was with them years ago. I still have an account with them but I have to log on if I want to use it.

I would definitely advocate using Thunderbird but there is also another client called EM client but I haven't use that one is quite awhile now but I was happy with it when I was using it.

Good luck with your search.

Robert…