SMTP with protonmail
Like many in and around the infosec community, I’ve followed privacy issues as they relate to security for a while. When I first heard about protonmail, I believe it was in the wake of the Snowden revelations. Now, let me be clear, my primary email address is a Gmail account, I also have a grandfathered in Google account for another domain, but I needed to set up SMTP for beaukinstler.com, even if just to redirect it.
Nowadays, the choice for free personal domain email seems rather limited. I could use the IPS’s offering and pay, or I could switch registrars and maybe get some free email service, and there’s Zoho (which I tried, but didn’t get their confirmation text for about an hour, which didn’t bode well). So ultimately, I decided to accomplish two things with my need. I decided to upgrade my protonmail account to a paid version, and add my domain (beaukinstler.com) for email use, which was pretty simple.
Because of this, I now support an organization with some dollars that are doing great work for securing information. If you too are interested in really secure email, both in transit and at rest, then check them out. ProtonMail.com or ProtonMail.ch (Swiss).
Helping protect your recipients
One other point. I think people often give up on email as a secure form of communication, especially when it’s not B2B because they just can’t really rely on how others have their email setup. PGP, S-MIME, etc isn’t easy. I’ve set it up, but never use it. But with ProtonMail, you can send emails to others that DON’T have a secure account, and give them a password out-of-band. They can even email you back via that message. And, if you know the recipient of your email needs a file or a message that would be bad for others to see, but they’re for any reason unable to set up a secure system for themselves, this is something you could use to help them. So it’s really slick.
Quick look
Here are a couple screenshots to give you the idea:
Enable encryption on the message you’re going to send
Create a password, and if you like a hint!
Overkill?
For me? It could be. Honestly, I have hardly needed this level of privacy ever, but I’m lucky. I live in a place and have a life that I’m not required to be secret about. If I NEED it, it usually for some tax records, or something mundane. But there are people who need this level of protection, along with things like Tor, and I’m happy that my need for SMTP services, can help support them.