In the domain of email, unleas you're running your own mail system, there is NO SUCH THING as privacy against inspection by your mail provider. They can see (and hand over to authorities, or to anyone who pops them) anything you send or receive which is going to be cleartext unless you're PGP'ing the contents or something.
Someone who promises you privacy (Proton) is lying. On top of likely (actually in case of Proton) being cryptofash scum.
If email secrecy is really important to you, the only option is running your own mail system and using DANE. And you still have to trust that the mail systems of the people you're communicating with are honoring the cryptographic requirements and that their mail providers aren't snooping (which is only true if they also run their own mail systems).
@dalias I don't know how many times it's been explained, very clearly, that private email is impossible.
You have to trust the provider and assess your threat model. If secrecy is a must, email isn't for you.
The PGP email dream is dead, based on all that I've ever heard, and basically was never alive to begin with.
And yet...
@gwozniak It's not impossible, but impossible to outsource.
@dalias it's not hard to write a milter for postfix or sendmail to PGP encrypt any cleartext incoming email. So it *is* possible to be an email provider with zero access to clients' emails.
@hyc No, because the provider is the one who'd be running that code, and thereby have access to the cleartext. "Encrypt on arrival" is the bs Proton claims to do. And there's no way to verify that they actually do it, nor any way they can refuse lawful order to intercept first.
@dalias ah, good points.
Still could be worthwhile to do on your own email server, if it's hosted by a 3rd party.