I love the combination of features though. I pay for pro so I get catch-all email on custom domains. Really helps to see who sells your info and secure storage and no advertising with good web-mail client are obviously major selling points too.
Catch-all is nice but I came from the self-hosting world where I could also customise the from address when I reply to a catch-all email. Protonmail only lets you reply from a non-catch-all address, so you end up leaking your "private" address if you ever reply. That's my only real complaint about Protonmail. I requested this feature but I doubt it's high up their priority list.
There is an additional problem with catch-all emails on a custom domain, the domain itself is a uniquely identifiable substring (easy for data-gobblers and advertisers to trade or sell).
Since most senders aren't using PGP/E2EE your effective security risk is equivalent. Plus you can still discover address misuse/sale/leakage, disable addresses at will, and your privacy increases.
That makes sense although I still have an info@ email that collects my catch-all that is not my main, so while I agree it would be preferable to customise from address, at least I still retain a signal that it isn't personal email.
I've been with Protonmail a long time and never encountered anything like this. They'll get it figured out and prevent it from happening again. Once this is over, I'm confident the other parts of your experience with them will be good.
Protip: if you're on a Mac, the ProtonMail bridge is a nice utility to use ProtonMail with Mail.app.
I've used proton for several years now. The only headache I've ever had is being unable to subscribe to the openbsd mailing list. And that's only because openbsd added proton servers to a spam list... a decision I wish they would revisit.
Edit: I initially said freebsd mailing list. It was the openbsd mailing list.
Someone was complaining that mail sent from ProtonMail was unreadable to them. Turned out to be because of base64 encoding. Which is an RFC standard. However, several people in the thread insist that this is a problem.
Theo de Raadt, the founder and leader of OpenBSD says in the thread:
> Maybe it should be blocked. Then the users there can tell them to fix it.
> Would have no downside for me.
I guess this may be what happened?
Really weird IMO. But at the same time I kind of see their point. They have a setup that works for them. And if they want to keep that system the way that it is, it is up to them. Still sad for people that use ProtonMail that they are blocked from even reading the list though if I understood the GP here correctly.
Wait but if microsoft completely blocks a cloud provider wrt. any mail sending this is a form of illegal hindering of competition as far as I can tell.
I'm a customer for more than a year and never had any noticeable outages-issues so far. A few times, I encountered issues in their UI, but I'm also using the beta-version so that's to be expected.
FYI, there's also an awesome unofficial open-source Electron client for ProtonMail, ElectronMail: https://github.com/vladimiry/ElectronMail I prefer a standalone client but still like their GUI over thunderbird et al; ElectronMail fills this gap perfectly
As a paying user I feel that the reliability of their services in recent months has been completely unacceptable for me. That combined with the ridiculously slow rollout of new products (will calendar ever be fully released?) has now made me look at alternatives. I love the product itself and the idea behind it, but the amount of money I pay to host multiple domains for mail and for their VPN service is pretty absurd in itself and now I have to put up with these reliability issues too?
We apologize for the unexpected incident this morning that resulted in an hour of downtime. We take this incident very seriously and will be conducting a full investigation and making changes to ensure that it does not reoccur.
This is the first significant downtime we have had in several years, and while we will strive to do better, the incident this morning is something way out of ordinary for Proton.
Regarding development speed, we are working on increasing our development velocity, but due to our security/privacy first approach, we can't cut any corners. You might remember that Gmail was in beta for 5 years before full release. Calendar has been in beta for around a year, and certainly won't take us 5 years.
Apart from general unavailability, I've had, since yesterday evening, intermittent failures while sending email over Protonmail bridge. Maybe they're over now though, as I've sent an email an hour ago without problems.
You realize that Gmail's prolonged "beta" was a common punchline to jokes while it lasted, right? Might be best not to compare yourself to that, even favorably.
ProtonMail has been rock solid for me for several years now. I might have just gotten "lucky", but Gmail has been down more often for me than PM.
While I do look forward to their calendar solution, it's by no means a deal breaker. I've seen too many products driven into the sand by feature bloat. I use PM for email, that's all it needs to do, and it does that very well IMO.
Same for me. ProtonMail has been very reliable. We all have a “I want this now feature.” For me, that feature is automatic detection of events in email, with a simple prompt “add to calendar?” implemented.
Last year I was a paying customer for ProtonMail, FastMail, and Google Suite - all at the same time. I have now canceled all paid services except for ProtonMail.
It's also the only provider that I know of that keeps your emails as ransom if you don't continue payment once you're on an upgraded account, instead of downgrading it for you at the billing cycle.
Good thing I only used my PM email to test things out, paid for an upgrade because I liked their public image, only to come back a year later and have no access to anything unless I pay up.
It's typically swiss (i'm swiss) it is not even meant evil but out of sheer ignorance and stupidity we make decisions like that.
Recent examples:
-Switzerland wants to make a Free Trade Contract whith Indonesia, now Swissmem makes some Advertisement on YT with the starting sentence "Indonesia is not just Bali and Palmoil..." First that's kind of ignorant as if Switzerland is just Chocolate and Matterhorn. Second..PALMOIL..that's not something to brag about.
-We had a initiative, which in theory came thru, but was stopped (different theme). It was about Corporate responsibility (Swiss Corps are not allowed to break Swiss Laws even when they are not operating in Switzerland), and now imagine who made that Advertisement on YT against that initiative? F*cking NESTLE!!!
It's like: Hy i'm your dear friend Assad and i am against regulations concerning ABC-Weapons.
BTW: Hey Nestle and Swissmem, if you need someone who filters your BS for the modern age before it goes online, write me an Email (it's my username at protonmail...no pun intended)
I had tried to move over from Google for email and calendar, but Protonmail's calendar isn't ready yet for my needs. Full-time job, startup, volunteer and personal commitments -- I haven't found a calendar app that can manage all this with customizable app and email alerts, search functionality, and daily email digest.
Well i think Email Calendar and Contacts have to be one product, otherwise Outlook will be always on the winner side, but VPN...well it brings probably more money in than the other Products combined, my biggest critique is the storagespace (hey Protonmail, storage should be non of your concerns, it got really cheap in the last 10 years)..and the prices are a bit high.
Your comment could explain why they need to have downtime for maintaining something. Maybe even a pressing security fix, that breaks things.
That being said, I don't understand why companies don't have test systems for validation of updade and maintenance procedures.
My systems actually always had two test systems. One which was identical with Prod, and another one where test-users could test new features coming out of development system(s).
Just a guess, but I think they are currently in the process of slowly doing some major infrastructure migrations.
And doing such thinks without downtime can be hard, especially if you did some design mistake at the beginning which wasn't obvious and didn't cause problems until they scaled to a much larger customer base and/or provided additional services (storage, calendar) which originally whern't planed/considered when creating the mail service.
> reliability of their services in recent months has
Didn't affect me at all, sure they seem to currently slowly do some major infrastructure changes and there
seem to have been service interruptions, but again mail is an asynchronous "slow" communication protocol so this didn't really affect me at all and besides today I didn't even notice it.
> ridiculously slow rollout of new products
Do you buy into services because of not yet rolled out products? I at least don't and I prefer them to have a slow rollout leading to a stable product once released then a rushed rollout.
> but the amount of money I pay to host multiple domains for mail and for their VPN
I agree that their price for people with many custom domains is high, but then lets be honest most people (I know, in my experience) have sometimes a custom domain very rarely two and hardly ever more. So my guess is for most users it's reasonable priced.
I never understood why people love proton so much. I pay less for more features (e.g. catch all and calendar) with mailfence. And mailfence just seams more honest and less theater like (no cryptocurrency, no vpn, no 1000 meters if granite. Just pgp and metadata removal.)
I didn't had any problems with ProtonMail last year; tutanota on the other hand had this issue in early December where my ISP was locked out from accessing login page for few days - it wasn't a single case since I saw other people with Orange services facing same problem.
I use pm on personal emails where I need privacy. For work emails that I assume everyone can read and that needs availability I use Fastmail and G Suite
Not exactly. But, for me at least, reliability of my mail provider is just as important as them respecting my privacy. There are alternatives that I trust just as much as ProtonMail. For what it’s worth I’ve been a loyal customer since the beginning and have been more than supportive of them (I even own Proton merch..), but from a users perspective all I’ve seen recently is them pumping attention into new product releases as opposed to finishing currently half baked products or making their systems more resilient to downtime (which I’ve noticed a lot more of in the last 6 months than since the very beginning). It’s hard to turn a blind eye and continue supporting them.
Looking at the protostatus history they indeed seem to have an unusual amount of (not too long, but noticable) outages (which I personally didn't notice as I read mails only 1-2 times a day).
My guess is they needed some major infrastructure changes which where at fault, maybe related to them providing additional services.
Or at least so I hope, as this would mean thinks get back to being nearly always reliable soonish.
Would be nice to hear about it from them, but then if my guess(hope) is right we probably only hear about it after it's fully done (at least that is what I would do).
I think the actual "problem" that this article brings up is German law, and ProtonMail in Switzerland would be no better from what I can tell (and I live here). From the article:
> Tutanota said it plans to appeal the November ruling from a regional court in Cologne, arguing that it contradicts an earlier decision from another German court.
> “This decision shows again why end-to-end encryption is so important,” Pfau said via email. “According to the ruling of the Cologne Regional Court, we were obliged to release unencrypted incoming and outgoing emails from one mailbox. Emails that are encrypted end-to-end in Tutanota cannot be decrypted by us.”
It seems like this openness of the CEO about the warrant and their actions taken indicate that they are trying to do everything they can without brazenly breaking local laws where they operate. "Unfortunately," if you use an email provider based in a country with a system of judicial proceedings and warrants this will always be a concern, and if you use one in a country without these things you instead lose any semblance of checks on these powers. They offer end-to-end encrypted emails that cannot be decrypted, and their clients have long been open-source to verify this unlike ProtonMail.
>>Does this resolution affect Proton?
This resolution is non-binding. On its own, it does not change the current EU framework but rather points the direction the EU may take in the future. ProtonMail is also protected by Swiss jurisdiction (Switzerland is not a member of the EU). Any request for us to develop a backdoor to ProtonMail under this hypothetical anti-encryption law would need to pass the scrutiny of Switzerland’s strict criminal procedure and data protection laws.
> We are currently experiencing some technical difficulties with a planned maintenance, and are working to bring the service back online as soon as possible.
(Speaking as a free member)
Pretty reliable generally, meets almost all my expectations as a non intrusive mailing service. Surprised that it crashed, but gotta cut them some slack.
I've experienced some serious bugs on ProtonMail, one of them being that a saved draft from the desktop web app subsequently sent from the iOS app doesn't show up in the sent mails.
I've since switched to Tutanota which I'm very happy with and is in some ways more secure. It doesn't support third-party clients for security reasons but theirs is open source.
It seems to be related to a database intervention, but can anyone shed some light on how this results in outages in both incoming and outgoing mail servers?
database has user accounts, email server needs to lookup user account information of some kind to handle mail and can't would be the most straight-forward assumption.
Email are in general retried for a short while if delivery fails. Earlier the SMTP server was responding:
550 5.5.1 Protocol error
As of now the socket is timing out, so no mail can be delivered at all. Most services will retry this later on if possible, perhaps hours or days into the future so long as the response is not a permanent failure message.
If an hour's downtime would make you 'seriously consider' switching, I doubt you will find any service that meets your requirements. You're asking for 99.96% uptime. I don't think any email provider will guarantee you that.
99.95% is a high standard already: 365x0.0005x24 is 4.38 hours outage for a year. In our current world, 4.38 hours is certainly not enough time to, say, rebuild a DB from backup, if needed.
Yeah, especially when they're saying it's calculated on a calendar month, so you can't even "draw down" on previous months with 100% uptime if you have a serious outage.
Yes, but I assume the rationale here is that they will only have to refund that month and can reset the clock for the next month. So if they have serious downtime it won't cost them for the full year - just for that one month.
Noone can gurantee any specific uptime. Any projection for the future, however qualified and propable, is still only a projection. GMail could go down tomorrow, for 24 hours or forever. (Not, of course, that such optimism is in way warranted).
Whoever downvoted the comment above start your own server, and we'll talk a decade later. The comment is correct; nobody can guarantee uptime. The can promise, there can be agreements, insurance, etc, but guaranteeing is basically impossible. Even if someone were to use a real mainframe cluster across the globe one still connects to them via international ISPs and those routes can go down as well.
While I agree with the sibling that an hour's downtime isn't much, and that you can't expect much better performance than that, I'd like to give a shoutout to mailbox.org.
I originally chose them over Proton when degooglifying my life because of Proton's absolutely batshit crazy idea not to offer IMAP access. I've been very very happy with mailbox for years. Their web interface is ugly, but like I said… IMAP.
ProtonMail does client side encryption/decryption so there is no way to offer vanilla IMAP endpoints without some sort of client side decryption. This is what ProtonMail Bridge does. Although I'd admit it's not always the most stable experience, depending on your mail client.
It's still a completely pointless cludge, and another thing that can break. For no reason. No reason at all!
I really wanna like and use Proton. I think some of the people behind it are great. I wanna support Swiss companies (I miss the place dearly). I don't mind that it's a bit more expensive than many competitors. BUT I WANT IMAP ACCESS without some crazy converter stuck in between me and my email.
1) That's patently not true. It's their special flavor of encrypted email that's not compatible with IMAP.
2) I value IMAP far far far more than I value their special flavor of encrypted email. If they'd let me turn the latter off in exchange for IMAP without the crazy converter, I'd have chosen Proton when I was cutting Google out of emails.
I love the combination of features though. I pay for pro so I get catch-all email on custom domains. Really helps to see who sells your info and secure storage and no advertising with good web-mail client are obviously major selling points too.
I wish them luck resolving the situation.