Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. App Wishlist
  3. Tutanota - Secure email for everybody

Tutanota - Secure email for everybody

Scheduled Pinned Locked Moved App Wishlist
6 Posts 5 Posters 1.3k Views 5 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • jdaviescoatesJ Online
    jdaviescoatesJ Online
    jdaviescoates
    wrote on last edited by
    #1

    This looks like a good option for those concerned with encryption.

    I'm mostly just adding this as imho every single open source webmail client in existence leaves a LOT to be desired 😞

    And so the more options we get to play with to find the best fit for our needs, the better:

    https://tutanota.com/
    https://github.com/tutao/tutanota

    I use Cloudron with Gandi & Hetzner

    1 Reply Last reply
    1
    • necrevistonnezrN Offline
      necrevistonnezrN Offline
      necrevistonnezr
      wrote on last edited by
      #2

      See this for access to Tutanota mails by court order, linking a newspaper article and including a response by the Tutanota team: https://www.reddit.com/r/privacytoolsIO/comments/dv9hh0/tutanota_seems_to_be_forced_to_provide_access_to/

      ProtonMail might be subject to something similar without being able to say so (gag order); see the multitude of court orders at https://protonmail.com/blog/transparency-report/

      The problem is: Either both sender and receiver use encryption or it’s not worth much during transport.

      Email is just not secure / private. Trying to do so is just a waste of time IMHO. If you need security / privacy, use a secure messenger protocol.

      mehdiM 1 Reply Last reply
      1
      • necrevistonnezrN necrevistonnezr

        See this for access to Tutanota mails by court order, linking a newspaper article and including a response by the Tutanota team: https://www.reddit.com/r/privacytoolsIO/comments/dv9hh0/tutanota_seems_to_be_forced_to_provide_access_to/

        ProtonMail might be subject to something similar without being able to say so (gag order); see the multitude of court orders at https://protonmail.com/blog/transparency-report/

        The problem is: Either both sender and receiver use encryption or it’s not worth much during transport.

        Email is just not secure / private. Trying to do so is just a waste of time IMHO. If you need security / privacy, use a secure messenger protocol.

        mehdiM Offline
        mehdiM Offline
        mehdi
        App Dev
        wrote on last edited by
        #3

        @necrevistonnezr

        • The court order thing for Tutanota only concerns their hosting, not when the app is self hosted.
        • About ProtonMail, they are based in Switzerland and there is no concept of gag orders in switzerland.

        However, you are right, trying to build a secure email platform is a fool's errand. If you need privacy and security, use a secure messenger protocol, totally

        1 Reply Last reply
        1
        • girishG Offline
          girishG Offline
          girish
          Staff
          wrote on last edited by
          #4

          @mehdi said in Tutanota - Secure email for everybody:

          secure email platform is a fool's errand

          We removed SSLv3 in 5.2 and we already got a couple of bug reports that orange is rejecting mails πŸ˜•

          ? 1 Reply Last reply
          0
          • girishG girish

            @mehdi said in Tutanota - Secure email for everybody:

            secure email platform is a fool's errand

            We removed SSLv3 in 5.2 and we already got a couple of bug reports that orange is rejecting mails πŸ˜•

            ? Offline
            ? Offline
            A Former User
            wrote on last edited by
            #5

            @girish
            SSL 3 was (correctly) removed way back from Cloudron --- I am on v5.1.5

            0e9889b0-84e6-4644-a67a-b193a9fa5305-image.png

            The orange problem could be related to cipher suites recently removed --- there is currently just one weak suite.

            a3116001-1b80-4613-bb33-ce4f1ac12c58-image.png

            Suggest @mehdi was referring to weak message encryption and unencrypted metadata (subject lines, etc) rather than transport security.

            1 Reply Last reply
            1
            • girishG Offline
              girishG Offline
              girish
              Staff
              wrote on last edited by girish
              #6

              @Hillside502 Sorry, I meant that SSL3 was removed for the email server in 5.2. You are correct that 5.1.x already removed it for HTTPS server.

              Sadly, it seem orange only offers SSLv3 (!). In fact, one has to go out of their way to even get these old protocols with recent node versions.

              root@localhost:~# openssl s_client -starttls smtp -tls1_2 -crlf -connect smtp-in.orange.fr:25
              CONNECTED(00000005)
              140519366549952:error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol:../ssl/statem/statem_lib.c:1907:
              ---
              no peer certificate available
              ---
              No client certificate CA names sent
              ---
              SSL handshake has read 303 bytes and written 260 bytes
              Verification: OK
              ---
              New, (NONE), Cipher is (NONE)
              Secure Renegotiation IS NOT supported
              Compression: NONE
              Expansion: NONE
              No ALPN negotiated
              SSL-Session:
                  Protocol  : TLSv1.2
                  Cipher    : 0000
                  Session-ID: 
                  Session-ID-ctx: 
                  Master-Key: 
                  PSK identity: None
                  PSK identity hint: None
                  SRP username: None
                  Start Time: 1590362274
                  Timeout   : 7200 (sec)
                  Verify return code: 0 (ok)
                  Extended master secret: no
              ---
              
              1 Reply Last reply
              0
              Reply
              • Reply as topic
              Log in to reply
              • Oldest to Newest
              • Newest to Oldest
              • Most Votes


              • Login

              • Don't have an account? Register

              • Login or register to search.
              • First post
                Last post
              0
              • Categories
              • Recent
              • Tags
              • Popular
              • Bookmarks
              • Search