Yes picking a good VPS provider is important, and that is a flaw with email.

We could re-word your statement as "Email isn't good for active threats, but if the provider wastes money, then information can be obtained"

However, you do not present an alternative. 

 And tell google what you're buying and where you live?
If you have a self-host, easily one of the many addresses can be for junk. 

 Oh I put in fake information and shit to throw off Google in those cases. :) 

 Fair point. But I think SPs point is that we should ALL be doing that. 

 If you email someone on gmail, that one email is compromised yes. But not the entire sum of all your activity.
So you're protecting against someone seeing everything you're doing.

And further, the vast majority of websites will force you to register using email. So just controlling that email is all the stuff you own. Traditional social media accounts, fiat banking, websites, forums, crypto exchanges, dexes, ect

Also you can use something like anonaddy to hide that it's even you that's emailing gmail.  So gmail would only see each conversation in isolation, and not even know your real domain 

 But what is stopping you from using a different anonymous email for each different service and turning on E2EE? 
For every product you buy, your data is in the company’s server anyways, if that is compromised, doesn’t matter if your emails is or not. 
Plus you have to make sure your server is hack proof, always accessible and DDOS proof. There are already simpler solutions out there. 

 There is no "turning on E2EE" with email.  It's SSL, like regular websites.  Unless you're saying using PGP, which most people are not doing and the metadata is cleartext.

When you say "there are simpler solutions out there", yes Mailu is open source email.  We are setting it up for people who do not want to read technical docs.  And setting up other services on the same VPS, so you get the most out of having one.

Your argument is unclear.  Are you suggesting people should NOT be self-sovereign and have a digital home? 

 Protonmail, Mailbox, Tutanota, Countermail, Startmail etc are all E2EE already 

 Look how many choices you listed.  Proton-to-Tutanota isn't E2EE, so it's only among that provider.  If the person you're talking to is cool enough to use privacy email, they are cool enough to use a REAL private protocol like simplex.  The purpose of email is the people you're reaching out to don't care.  And the businesses you sign up for are forcing you to your account to it.

Also take a step back and think about what you're really standing for right now.  You're literally trying to haze me for telling people to be decentralized and as self-sovereign as they can be .... and you're instead trying to degrade what I'm doing to promote millionare Protonmail.  Like what's your goal?

Clearly we would be in a better place if everyone and their mother had their own VPS with email.  So it's unclear your agenda. 

 His agenda is clear. Check his pfp.
He works for the MI6


lmao 

 What r u even talking about? All these email providers are E2EE. Decryptions only happen on your clients.
But If you don't want to use them, just generate your own keys and send emails using PGP.
You proposing newbies learn how a VPS works, learn how hosting works, learn how cybersecurity works and somehow put everything together themselves is unrealistic and somewhat dumb when simpler more elegant solutions already exists.
 

 First,
If a Protonmail user emails a Tutanota user, it is NOT end-to-end encrypted.

Therefore,
Your solution of there already exists all these options is bullshit, because the options contradict each other.

Further,
It is unclear why a Nostr user, who promotes Bitcoin, (decentralized social media and money), would be opposed to decentralized email.

Finally,
I reject your entire worldview of having people self-host Bitcoin nodes, which add no value to their lives.
Yet, you dismiss people owning a VPS with their communications, emails, docs, files, ect.

Conclusion,
Given your complete failure to acknowledge basic facts, you're essentially spamming.  To say you're worthless would be an improvement, currently you are sucking up my resources to respond to low level dribble.  So fuck off and let's end this convo 

 You are a fucking idiot. Obviously It is encrypted If both people are on the same provider. Otherwise you can just import a PGP key and use it that way. 
The fact that you are telling people to self host but at the same time selling your own VPS solution as “self-sovereign” is exploitative. 
People will see through it and your “businesses” will inevitable fail
So fuck off and try scamming people somewhere else 

 It is not END to END encrypted unless the same provider.

Therefore:
You are promoting centralization.  Everyone on the same provider. 

 We can take your logic a step further, if Tutanota's CEO were here on Nostr today promoting his product, you'd say "Oh don’t self-host your own thing, we already have Protonmail, Mailbox, Countermail, and Startmail". 

 Thanks for your time in writing in for an educational opportunity.

First, Proton is NOT end-to-end encrypted.  As per own their blog:

https://proton.me/support/proton-mail-encryption-explained
(Please note, I only changed the CAPS)

Quote:
"The email is encrypted in transit using TLS. It is THEN UNENCRYPTED and re-encrypted (by us) for storage on our servers using zero-access encryption. Once zero-access encryption has been applied, no-one except you can access emails stored on our servers (including us). It is NOT end-to-end encrypted, however, and might be accessible to the sender’s email service"
</end quote>

Second, they do scan it for spam and phising.
They repeat this with:

Source: https://proton.me/blog/encrypted-email-spam-filtering

"Emails that come from third party email providers obviously CANNOT be delivered with end-to-end encryption, but upon reaching our mail servers, we will encrypt them with the recipient’s public key before saving the messages(new window). All this is done in memory so that by the time anything is permanently stored to disk, the email is already un-readable to us. This gives us a very limited window to perform spam filtering on incoming messages."

Then they further elaborate,

"Secondly, the message is passed through our customized Bayesian filters which marks suspicious messages as spam.
Next, we generate checksums of incoming messages and check them against a database of known spam messages. If there is a match, we mark the message as spam. The checksums are done in such a way that it is also effective against mutating spam emails."
</end quote>

So they claim to have it unencrypted, then have a "limited time" to stop spam, but then also claim to encrypt it, and then after compare the hash to spam hash.  If their own claims were true, then why do they only have a limited time?

Third, they hand over huge amounts of data.  If it's encrypted, then what do they have to hand over?

From their own transparency report:
https://proton.me/legal/transparency


"2023
    Number of legal orders: 6,378
    Contested orders: 407
    Orders complied with: 5,971
2022
    Number of legal orders: 6,995
    Contested orders: 1,038
    Orders complied with: 5,957"
</end quote>

Fourth, you imply that I am not trustworthy but proton with a World Economic Forum board member is.  It's not logical to trust a government regulated and registered entity to resist government, over a pure crypto provider.   We've registered our PGP key with XMRBazaar so no customer funds are risked when all customers are given a receipt.

What you're really saying is you wish to attempt to haze and oppress alternatives that aren't registered with the government.
If so, why do you have bitcoin glowies on your eyes? As there is no purpose in bitcoin if you still only trust government money. 

 lol… my tinfoil hat is just smaller than yours. And I am not hazing, I am just stating I trust proton more is all, for now at least. At I can very much be for bitcoin and limited government. I never said I was an anarchist. But again, I think I just have a smaller tinfoil hat in general. I really have very little of a threat model and support proton mainly for what they represent . Also, having an x member of the wef doesn’t mean you are complicit in the wef. Though I would like that person to state where they stand these days. 

 I hear you on the tinfoil hat.  Part of this is not per say they are getting your data, but also about control.  One of the members of our chat group was talking about being banned from proton for sending business emails in small bulk.  He was saying how it was fairly small amount, but he lost the account.

So it's about privacy yes, but also control over your digital home. 

 I can get that, but it sure is a lot of effort to manage a self hosted email. 

 Understood, that's why we're trying to help people to make it fast and easy.  Now does that have trust in us? Yes.

But the goal is to get people in a place where they are more self-sovereign 

 I can get behind that, cheers! 

 They do. They claim it is to combat spam and mass sign-ups on centralised social media accounts like reddit in order to maintain their reputation. 

 In the end, I trust them more than any other email provider. Also, if you have a life, hosting your own email on your own server is not a good solution, I’ve tried it more than once… super easy to get going, hard to maintain. So proton it is for me, and without proof of nefarious activities I think it is unfair to attack them. Complying with the law is not nefarious. Know your threat model and it shouldn’t be an issue, because if you really had something to hide you wouldn’t use email in the first place. 

 I have not researched into fedora.  But the question is not is any provider per say compromising you, but if you have root access to control it.

My message is: Don’t trust external services, run it yourself.  Have a digital home, not just for email. for docs, chat, ect.