In case you don't use Tutanota as your main email service, yet: What is missing? Why are you not using Tutanota?

@Tutanota I use Tutanota, but I'd like to see some JS-free alternatives client or IMAP/SMTP support

@Tutanota sure, but why is tutanota not allowing me to abuse it for my wordpress installations so i don't have to run postfix?


As everything is encrypted in Tutanota, you have to decrypt it on your computer before reading it. IMAP and SMTP can’t access your mails directly on the servers.

Same with protonmail, they are high protective email services, that standard protocols can’t access.


@nautilus @Tutanota protonmail *has* smtp/imap support so why not tutanota, right?


I feel like it would be like adding a backdoor to the encryption mechanism :p

As far as I know, Protonmail can’t be used through Wordpress. They developed a proxy to install on your computer, which will open smtp/imap local port on your computer to connect to.


@nautilus IIRC Proton has a local "bridge" that decrypts the mails and accepts IMAP/SMTP connections. Can't Tutanota do the same?

Most people that request IMAP probably do to be able to use a different client. So, just having a local bridge should be enough for the majority.

Or, if the bridge were to be a CLI app, then you could install it on a server and use Tutanota's servers for whatever mails you want to send, but I'm not entirely sure if they would support that kind of usage.


Ah ah ah, ^^ I’m leaving it to @Tutanota on this one. But still the proxy won’t answer to the Wordpress problematic, I wouldn’t personally install that kind on proxy on a server, it will just kill the purpose of a secured email address.

Tutanota made the choice of security over functionalities.
And that is what I was searching for.
Nevertheless, you are right, for my wordpress websites, I have to use a ovh email account.

@nautilus @admicos We don't plan to develop such a bridge, but focus on adding features such as offline availability to the desktop clients. A bridge is no solution because:

* With such a bridge all data, including a search index, would be stored unencrypted in the third party email client. We aim for a solution where all data is always stored securely encrypted.

@nautilus @admicos
* Upon sending an email out of the third party email client, the user can't possibly know whether the email is actually going to be send end-to-end encrypted (the client can't show this as a bridge works on a different level). Therefore sending confidential emails via a bridge is essentially impossible...

* IMAP and SMTP are not the most efficient protocols especially when it comes to push notifications or to attachments of emails (which are encoded into the body).

@nautilus @admicos
We planto enable integrating external accounts via IMAP to the Tutanota clients, instead. ;)

> would be stored unencrypted in the third party email client.

In a browser, the email is stored unencrypted in a third party software, to be displayed. An email needs to be unencrypted to be displayed.

Having unencrypted data client-side is not the end of the world.

A third party email client is not the end of the world.

People use operating systems, browsers, hardware that are between them and Tutanota. Most people can trust these things, most people wouldn't care about minimal risks on their own computers regarding IMAP. Most people don't care if on their own computer data is stored unencrypted, it's not a risk if they're competent.

People want IMAP because they want to export email (unencrypted, doesn't matter if you think it's a risk, people can encrypt them themselves if they want). They want to remove their emails from the cloud, they want to have access to those emails once they delete their Tutanota account years from now.

Offline availability is temporary, exporting mail in a standard format is the real solution.

If you don't want to use IMAP, you might develop a new, secure, free, open source protocol, then develop a free, open source extension to Thunderbird, K-9 Mail, and some other clients.

@Tutanota @rysiek ok and what about smtp so i can at least tell my server to use that to send mails from?

@Tutanota @koyu so you are trading standards-compliance and interoperability for security (as defined by you).

I have a problem with that. That's called a walled garden. These never turn out right for the users in the end.

So I'm going to stay away. But you do you.

@Tutanota I already replied to one of your earlier posts about what I wanted from Tutanota:

I just wanted to add that I would definitely forego E2E of "regular" e-mails in exchange for IMAP/SMTP support.

@Tutanota - i use Tutanota too. The only thing I am missing is integration with my phone's native () apps. Having two separate places for contacts, mail and calendars is making things more difficult.

@vattuvarg I hate when apps force me to use the OS's built in contact and calendar system.

I want to separate my communications and data on different services. Especially on privacy services. I don't want Google/Apple/other third party contact/calendar apps to access anything related to Tutanota.

It's ridiculous that Signal and K-9 Mail forces you to use OS Contacts, that most calendar clients force you to use your OS's Calendar system. I'm back in the stoneage, manually copying email addresses and looking at raw phone numbers, because I don't want to use those systems.

If Tutanota wants to do this, at least they have to give us an option to opt out, an option to keep Tutanota contacts separate from your OS contacts.

@dialyzer - In it is possible to keep each dataset separate and still view them together. When planning I really don't want to jump between a bunch of calendar apps.

I want my device to be the link between the channels of data. The OS on my phone makes that possible.

Having access to my own data only through a custom app is a bit risky too. The Tutanota apps are opensource so the same functionality could be added to my device making the encryption safe and simple to use.

@Tutanota IMAP support to be able to use it from everywhere, even where you can't install specific software (and yes I know, even if it reduce security).

@emax We plan to enable offline access for better accessibility. IMAP is not posstible, unfortunately:

Encryption for external recipients using PGP, or IMAP and SMTP support, otherwise great service

@Tutanota IMAP/SMTP thing, like a bridge to allow the use with others FOSS programs, like (neo)mutt

@Tutanota - I would NOT give up encryption. Integration with my native apps would be perfect.

I think next generation multi platform native desktop clients will be carried out by #Flutter 👌🏻 seams very promising.

@nasi @Tutanota

@nautilus @Tutanota If it will be less sluggish and offers more ways to interact (e.g. individual keyboardshortcuts) I'll be fine with that.

@nasi @nautilus Thanks for sharing, we'll take a look. Native clients are not an option as it would be imposible for a small team like ours to maintain these. With Electron, we can keep all clients up-to-date easily and add new features almost simultaneously, which is a great advantage.

@Tutanota @nautilus I totally understand that. But I hope you'll grow big enough to have more resources ;-)

@Tutanota support for PGP would be cool for me. One reason I like proton is that it doesn’t force anyone who wants to securely talk to me to switch to proton. I’ve read your blog on why you don’t support it and it makes sense but that’s the answer for me. Nobody in my circle uses Tutanota so it’s useless for me outside the calendar.


That's true. The reasons for tight encryption are valid but when using T. I have a feeling I enter into a closed ecosystem. Option to choose GPG for some contacts would be the thing for me.

@thenewoil Thanks, we plan to support Autocrypt in the near future to solve this.

@Tutanota I would like to use U2F or FIDO2 for Desktop & Mobile (NFC) with Yubikey / Nitrokey ❤️

1. A separate compose window that can be minimized and expanded.
2. A possibility of changing the layout (as with Thunderbird>View>Layout>Classic/wide/vertical view, message pane on/off...).
3. Conversation view.
4. Contact groups.

As I don't use Play Store, I once had a problem where I had my tutanota app failing with outdated client error but I had the latest version available from fdroid. I was unable to access e-mail on my phone for about a week due to this.

@harig Make sure to always keep F-Droid updated as well. Then this should not be the case.

5. Possibility of adjusting and saving the desktop clients UI (zoom in/out).

@Tutanota I started using Protonmail before Tuta was available and haven't enough round tuits to get off Gmail yet anyway. No real problems with your service.

Missing is domain hosting. My current domain hosting includes free E-Mail services. Spreading hosting and email over different providers seems too cumbersome to me.

@petrarca Thanks for your feedback. We plan to offer buying domains through Tutanota in the future!

@Tutanota when picking my main services (proton) part of the selection was how i already knew what privacy laws the swiss had, and their strengths, since its well marketed universally. like, i still have no idea how good your laws are. i'd have to research it. additionally, your services feels clunky and lower quality in comparison, also doesn't offer as much for the price. since proton has mail + vpn, and soon drive + calendar. it's services i already pay separately for, but they offer cheaper.

@Beiz Guess the answer would be too long, but trying anyway:
* privacy laws are very similar, but Swiss have data retention for six months, which Germany has not (email is explicitly excluded from retention laws)
* pricing: with €1 per month and unlimited own domain support Tutanota is much cheaper. Plus, we already have a calendar, drive & notes are planned. ;)

@Tutanota wait, so german privacy laws are even better? huh.

i didn't know you were planning a drive and notes! eta? what type of notes? i'm in dire need for a privacy oriented onenote replacement with on-the-go web support (using joplin right now, but no web support is a problem, especially since their ios app is really bad, and standardnotes is the only other option, but too expensive). a trusted vpn is also very important and why i got proton in the first place, but i'm not a fan of CLI.

@Beiz We've no ETA, yet, as we want to complete email & calendar features first. We won't do a vpn because so far we haven't seen one vpn in the market which is 100% trustworthy and we don't want to destroy our reputation by going into that business.

@Tutanota okay, i am really excited about a notes as long as it supports markdown, folder structure and tags. since you already have the calendar available and are indeed also planning a drive (proton said they are at least 2 years away) i will be switch to tutanota right away.

"We won't do a vpn because..."
that's a fair argument. and you're right; as it stands, feature-wise, privacy and cost-wise, tutanota is a superior service. even if i do keep proton as vpn (but drop their other services).

@Tutanota I am quite glad that #Tutanota provided its users with a client and not a bridge. For most people, this provides a consistent UX across all platforms and generally boosts their workflow. It is one of the reasons I chose Tutanota. As a former user of ProtonMail, their 'Bridge' felt a little 'hacky' and a bit too technical. The end result was also marred by many UX issues. I understand why some people might need it but I feel that Tutanota made the right decision. 😁 #privacy4everyone

@sudo @Tutanota having the option to use native clients at least is always nice

@Tutanota I think that one thing that is missing is the GPG support.

Also this is stupid but Tutanota's logo doesn't remind me enough of the two main features of Tutanota (email and privacy), such as one direct competitor. (Basically I don't like it)

Feature-wise and platform-wise, I am more and more thinking about moving to Tutanota and using it as my main email provider.

Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!