Hello,
I am thinking on which email provider to use as an alternative for Gmail.
I don't expect E2EE because I know nobody who uses either Tutanota or Proton Mail personally. I just want an alternative to Gmail, where I can message people I know who use Gmail securely.
EDIT: I have chosen my email provider as Proton Mail because I can send encrypted emails not only to people using Proton Mail, but to people who don't too, which I feel is better.
The wiki lays it out pretty well. Since you're interacting with normal people all your emails are both sent and received in the clear and can be read by your email provider and your counterparties email provider.
As far as Google alternatives go fast mail which isn't an encrypted email service is a reasonable alternative that lots of people enjoy.
The big difference between proton and Tutanota is what is encrypted at rest.
Proton does not encrypt subject lines to and from lines at rest. So that means they can always inspect who sent you mail and what the subject was. The benefit of this is indexing as fast and you can use their search quickly.
Tutanota does encrypt everything at rest. So nothing is readable including subject to and from lines. Except by your client with the correct key. You can search your email locally but you have to maintain a large cache of your email if you want to search all of it.
As far as encrypted email goes it's great, but only for encryption at rest, if it's caught in live transmission then the data's compromised. But it's definitely better than leaving the data open on some server. So the choice is yours
Since we're on a privacy forum I want to point out that if you're not paying for a product you are not the customer you are a product. If you want to make privacy alternatives to Google viable you should consider financially supporting them .
This brings up a good point I hadn't thought of mentioning before. You should really use your own custom domain name for email. That makes migrating the different services much easier and you don't have to change your email address with your friends. Your own domain usually requires a paid service one for the domain registrar itself, and the mail provider. All the services we talked about today charge money for custom domains but it's worth it
If by ”backup” you mean “infrequently used”, be careful about using Tutanota for that purpose - it will delete free accounts after 6 months of inactivity.
Personally I use Proton for my mail needs but then Tutanota for my calendar. Perhaps something you could consider so your Tutanota account doesn't get deleted.
Please consider at least a low cost service, it really raises the quality of the service a lot if it's even $1 a month like Posteo or $2 like Migadu. You get a lot of genuinely useful features (unlike super-hyped services like Proton) and it removes any incentive to exploit or upsell you.
Proton users can send E2EE e-mail to anyone using PGP, you can attach your signature, and import attached signatures. This happens automatically between Proton users, but it will work with any e-mail client that uses PGP.
Someone said this doesn't work with Tutanota, they are using their own encryption that allows them to encrypt more than just the body, but it's not compatible with PGP.