Often, on here, I have recommended Protonmail.
I regret this.
Having been using it for quite a long while, I have reached the conclusion that Protonmail is, hands down, the worst email provider I have ever seen.
It is inaccurate in its claims about how much space your emails take up.
It has a lot of outages. It has been utterly unreliable at times I really needed it to be reliable.
I have caught it, repeatedly, changing the content of my emails. In my sent folder, it shows one way; the recipient shows different content.
If you copy and paste your conversation in order to quote someone, in your sent folder it shows normally, but the recipient will get only a Blank Message.
It is extremely sensitive about trying to batch delete emails, making it a teeth-grinding effort.
They want you to pay them more money for it.
My recommendation, which I say in full confidence: Avoid Protonmail.
I can't speak to your first point as I have vastly more space than I've used, but for the rest:
I've only experienced a single long outage. I've noticed a few occasions where it came and went for five or so minutes at a time, but I've experienced as much from Gmail, too.
I've never experienced differing content. Are you talking formatting, or...?
Recipient getting a blank message I have experienced, though when this has happened the recipient has a little button with an ellipsis. Something to do with their attempt at hiding inline quoting seems to go heywire. This has always been resolved by hitting reply to start the reply, then deleting everything in the body before copying and pasting what I intend to quote. This is unquestionably bad UX, I agree.
Batch selection is not great. There's no different experience I can present here.
I remain willing to pay for it. It isn't cheap, but I'm not going back to free services that misuse the data, and haven't seen another paid service I consider enough better to switch, especially when I also make heavy use of their VPN and Drive services.
Content. Words being changed. We noticed it when I was asked about an odd word I used- Which I pointed out that I used no such word. Screenshots were exchanged - and it appears that a word was mixed into another word, though the content around that word seemed unchanged. My sent folder showed the correct word - the recipient got a different copy.
This has happened multiple times.
And to me... Under no circumstances - EVER - should an email provider change the content of any message I send for any reason.
That is dangerous.
I suspect it has something to do with their E2EE.
I have had many problems with Protonmail and I kept forgiving them.
But changing content - multiple times; I have run out of forgiveness.
Huh. I have literally hundreds of e-mail threads that hit the full 100 reply limit and quote heavily, and have never encountered this. I'm not arguing that it hasn't happened; I'm just surprised I haven't seen any sign of it.
I had problems with Protonmail years ago. They kept updating it all the time and logging me out. They forced 2fa on me, forcing me to have 2 complex passwords instead of 1. After time went by, they did another forced update and logged me out again. By that point, I could no longer remember my password, and I was perma-locked out of my email, with no way to log back in.
Then I found out that Protonmail, gave everyones data to their local government, cause they have no separation from government and business, with their laws. I wrote them off, they have 0 respect from me whatsoever. I haven't used them in years.
There is a reason why most people use Gmail, because it works. Now yes, they use an auto correct/spell check algorithm like everybody does these days. From what I've seen however, Gmail doesn't change your emails after hitting send.
At first, (like aravisian) I liked Protonmail. When considering all the problems with it however, I don't think its worth using. Protonmail's business decisions are going to destroy themselves, as well as their, uncomfortable government ties.
I created a ProtonMail account and stopped using it because of how difficult it made me when logging into another device. I guess they call it security but there has to be a balance.
ProtonMail also appears to be too cluttered. I’ve heard great things about Fastmail. But for my own use:
Google Workspace: hands down the best and most reliable, albeit not privacy conscious people’s first choice.
Zoho Mail: cluttered UI but very very cheap ($12/yr) to host many emails for domains.
I set up a Protonmail account recently but haven't made any progress transitioning to it as my main account. I'm curious to know which provider you'll go with now?
ProtonMail has always been clear that there's unencrypted metadata. It's how subjects and senders were searchable before they added the feature of downloading your entire mailbox for local decryption. It's obvious that if they're faced with a warrant that would withstand legal challenge under Swiss law that they'll provide what they CAN. This is true of any lawful service, and why the goal of privacy focused services is to have very little that can be turned over, and why privacy advocates have, for years, been trying to get through legislators' heads since at least Snowden, that metadata is data.
That thing is packed to the gills with jargon. That doesn't invalidate it necessarily, nor is that necessarily the wrong thing for them to do. It's an academic paper written for a specific audience. It does mean that I can't evaluate it on its own merits. I'm not qualified to follow the arguments it makes; even the MitM argument it makes is swimming in jargon. As I can't evaluate that paper, I'm left with independent security audits that gave ProtonMail a very different assessment, and the (absolutely non-proof, but circumstantial) note that if ProtonMail were as insecure as that paper seems to imply, Ars Technica and The Register would be all over it, which I haven't seen unless I've gone completely blind.
This is why I do not fault Protonmail for operating lawfully.
I am also not over-the-top about security. I just prefer to avoid Yahoo and Google, for obvious reasons.
My main email is with murena.io. There has been issues with the cloud but been happy with the email service. I only use Proton Mail for finance transactions. I only use the free one. I've only just discovered a work around. My default email is @e.email which some organisations can't cope with because the word 'email' is more than there default mail server settings can cope with (.com), so the work around for me is murena.io with such backwards organisations and it still comes to my e.email address.
My experience with Protonmail is also not stellar.
A few years ago I had to change my password and, well, long story short: I lost access to all my emails as they were encrypted with a different key. I reached out and was given instructions on how to recover them; they seemed to have a mechanism to decrypt them by providing my password manually (even though this was supposed to happen automatically), but it didn't work.
After a long back and forth, they simply claimed that I had made a typo or forgotten my password. But I was using a password manager so there's no chance for any of that.... To this day, I still can't access those old emails. Ridiculous.
Luckily I had only been using it for a short while and didn't lose anything important, or that I couldn't recover by asking it be sent to me again. I continued using it only because of this but never trusted them with anything too important (one of the reasons I keep my Gmail account).
To be fair, I have changed my password a couple of times since that incident and didn't have any issues, but it's the unwillingness to admit errors that bothers me the most.
At around the same time I tried Protonmail I was testing Tuta (formerly TutaNota), and have been using it with no complaints. It has significantly fewer features than many other providers, and the user friendliness is honestly not quite up there either, but it works fine. It's really good to see a small business grow and add features slowly over time.
Content is supposed to be encrypted automatically when all parties involved are using Protonmail, was that always the case? It's just too unlikely that a single word was perfectly replaced with another due to an error with the encryption. The chances of that are astronomical.
Regarding encrypted email in general, I've been reading up on the AI and content-scanning abilities being added to new hardware (PC, Apple, phones), usually as a separate chip on the motherboard.
Your content may be constantly scanned and any 'breaches' reported up the (AI) chain. Apple et al can legitimately claim that 'no human' sees your data - because it is done by the AI. If not now, then in the very near future. This ability renders encryption useless.
You might be on Linux, with no client-side scanning, but what about the person you are emailing/messaging? If not, then your conversation could be compromised.
This kind of ability will be very open to mission creep. Who decides what is 'inappropriate content'?
And, of course
I use my own domain email, on my own server. Its not for everyone, and it has drawbacks - Gmail can often simply refuse to accept email even though I am a regular correspondent. Its not returned, it just disappears.
I use regular, unencrypted email, and treat it as public. If I did need to be encrypted - as may happen for commercial confidentiality - I'm not sure what I would do.
I'm glad I read some more accounts of protonmail. I tried it temporarily, and seemed like it was OK, but wasn't sure if I wanted to go any further with it. I'd agree that anything that has the potential of changing content of a message is an absolute no go. Quite frankly that shouldn't ever be a thing that can happen.
Let's say the original word was "have."
Which shows intact in the Sent copy.
What showed on their end was "habeve."
Another: "take"
Sent
"take"
Recieved
"taefke"
In each case, a word was not changed with another word; rather it looked corrupted into containing additional letters. I did use the email for work and precision was needed. This caused unnecessary back and forth and other confusion or problems.
When sending snippets of code back and forth - you can see how this would be a big problem.
In fact, it get's worse. I just went looking for the emails in question to review this - and I discovered something new.
Apparently, in one of those cases, the altered word contains three new letters. Below that, a full sentence is missing. A word in that sentence contains the three letters in the same order.
In my sent copy, the word is intact and that full sentence (and rather long... you bunch know how verbose I can be) is present. In the sent copy, that entire sentence is missing.
Recipient confirms that sentence was never present in their received copy. They had not noticed at the time, since they had no reason to know a full sentence was missing.
I am so utterly beyond done with Protonmail. That is 100% unthinkable.
I don't think end-to-end encryption could ever cause words being changed like that. It would be a massive thing if more people noticed this.
I think you should consider posting it somewhere public (blog or Mastodon/Bsky) and bringing more awareness to it.
In all my years of using e2e messaging/note-syncing tools, I've never had a single letter changed, not once. That's just not how e2e works. It's not like a Xerox machine where scanning the same thing over and over again would start to produce slightly different results. (To understand that reference, check out this wonderful article from one of the best writers I know of.)
