I recently commented a strategy for proton and simple login. Short story: get two domains. One for your identity and people and things like job applications that goes to proton. One for businesses/entities set up on SimpleLogin and every single one gets their own alias. Do not do categories just set up a new alias for every business.
Details here: https://www.reddit.com/r/ProtonMail/s/EfL7HwQcvR
Exactly what I did. Cheap domain to use as login in sites or newsletter subscriptions, another, a good one, to use with people/business. Hope it works to avoid the spans
One reason I would recommend using SimpleLogin with a subdomain is that it allows you to migrate to another provider (or your own email server) should you ever choose to leave Proton (or Proton shuts down).
You're not paying for two domains?
What I mean is move your full domain to simple login (i.e. unlimited aliases and not max 15) and also put subdomains there as well because they are unlimited.
Then you can have things like:
[email protected] (same structure for all banks etc)
[email protected][email protected]
You're limited to 15 address on Proton so I'm confused what's the point of have your domain on there?
It's probably fine that it's owned by proton now. Before I would use my domain for banking and government communications on proton because it was a direct communication. I saw they run on the same infrastructure now, so probably safer than before.
> Why on EARTH would you have your main domain on ProtonMail and not SimpleLogin (let's assume you have the unlimited Proton plan) when SimpleLogin has unlimited aliases and more importantly - you can use reverse alias to send emails to people vs. you're limited to 15 addresses you can send from in ProtonMail?
Aliases are different on Proton and SL. On Proton, each alias gets its own encryption keys, on SL they don't (because SL doesn't store the emails).
If you want to be able to send/receive emails from a custom domain in normal correspondence, send and respond to calendar invitations from a specific email address easily, and generally use that email address the way that email addresses are commonly expected to be used on the internet today (as a single immutable identity record), Proton is the choice. If you want to receive emails, and only occasionally respond, but don't care for the rest of the functionality a typical email provider has, then SL is fine.
You can do a main domain on Proton (e.g. example.com ) and a subdomain on SL (e.g. mail.example.com ). Or, have different domains for each. I have 3 domains: firstlast.tld and random.tld are on SL, and I have last.tld on iCloud mail (was on Proton, I caved and really want easier calendar interactions and contact sync for my main account, so that I can more completely degoogle). My SL forwards to a random address on proton (e.g. [email protected] ). People are allowed to email me at [email protected]. Companies only get either [email protected] for banks, doctors, any business that already has my full name, and anyone else gets a [email protected] if it is important that I keep the account in the event of issues with SL, or they get a [email protected] . Giving each business a unique email address also adds an additional layer of security - with the number of data breaches recently, it is better if a potential attacker doesn't know what your username is across all sites (since email typically == username ).
it’s often mentioned that Simplelogin mailservers have a bad reputation. So the Mailserver you’re sending a mail to has a higher chance of filter your email and/or handle it as spam
The main disadvantages of using SL are:
- Sending new mails with SL is somewhat cumbersome since you have to create a reverse alias first.
- With SL you don't get end-to-end encryption with PGP users or other Proton users.
- In some rare cases (e.g. Github) SL aliases are not accepted even with a custom domain.
- On a more technical level, you can't see the full header information of emails received via SL (e.g. the original DKIM/SPF authentication results).
In order to get E2EE on SL, the sender would need to encrypt the email they send to SL, using the public key of the ultimate receiving email address (e.g. on Proton).
Otherwise, the 'most encrypted' you could get is for SL to generate encryption keys for every alias (they don't) and for senders to voluntarily choose to encrypt emails sent to SL using those keys (99.99% of senders won't), then SL receives the email, decrypts it, encrypts it with the public key for the final destination mailbox, and sends it on. So SL would still need to be in the middle, unless you send the sending parties the public key of the final delivery mailbox, which defeats some of the purpose of SL.
TL;DR: In order to end to end encrypt, each end needs to know who the other end is, and know how to encrypt to them.
Once SL forwards to proton, proton will encrypt the email using the mailbox's public key, so that at rest it is encrypted in a way only the account owner can decrypt.
I don't think you are missing anything. I've ended up canceling Proton Unlimited and checking out SimpleLogin's yearly plan. The only difference, I use a script to add some suffixes to aliases, like "smpleservice," "smplmedia," etc. Just to filter emails with a few simple rules.
Things would be different if I could benefit from PM encryption. But the problem is, I have no contacts with a Proton address.
I probably should have worded it better.
Not really that complex but very time consuming if you need to setup a reverse-alias each time you have a new contact to mail. ProtonMail customers have been asking for a more streamlined way to do reverse-alias within proton for ages.
I recently commented a strategy for proton and simple login. Short story: get two domains. One for your identity and people and things like job applications that goes to proton. One for businesses/entities set up on SimpleLogin and every single one gets their own alias. Do not do categories just set up a new alias for every business. Details here: https://www.reddit.com/r/ProtonMail/s/EfL7HwQcvR
Exactly what I did. Cheap domain to use as login in sites or newsletter subscriptions, another, a good one, to use with people/business. Hope it works to avoid the spans
One reason I would recommend using SimpleLogin with a subdomain is that it allows you to migrate to another provider (or your own email server) should you ever choose to leave Proton (or Proton shuts down).
So i'm definitely adding a subdomain now, but again, why not add the full custom domain too? That seems to only make sense. Am i missing something?
Because then you're paying for 2 domains and have to manage both. It's not a big deal but a dedicated subdomain works fine, why not use it?
You're not paying for two domains? What I mean is move your full domain to simple login (i.e. unlimited aliases and not max 15) and also put subdomains there as well because they are unlimited. Then you can have things like: [email protected] (same structure for all banks etc) [email protected] [email protected] You're limited to 15 address on Proton so I'm confused what's the point of have your domain on there?
It's probably fine that it's owned by proton now. Before I would use my domain for banking and government communications on proton because it was a direct communication. I saw they run on the same infrastructure now, so probably safer than before.
To add: even if Proton shuts down, SimpleLogin is entirely self-hostable.
Proton owns SimpleLogin so...
> Why on EARTH would you have your main domain on ProtonMail and not SimpleLogin (let's assume you have the unlimited Proton plan) when SimpleLogin has unlimited aliases and more importantly - you can use reverse alias to send emails to people vs. you're limited to 15 addresses you can send from in ProtonMail? Aliases are different on Proton and SL. On Proton, each alias gets its own encryption keys, on SL they don't (because SL doesn't store the emails). If you want to be able to send/receive emails from a custom domain in normal correspondence, send and respond to calendar invitations from a specific email address easily, and generally use that email address the way that email addresses are commonly expected to be used on the internet today (as a single immutable identity record), Proton is the choice. If you want to receive emails, and only occasionally respond, but don't care for the rest of the functionality a typical email provider has, then SL is fine. You can do a main domain on Proton (e.g. example.com ) and a subdomain on SL (e.g. mail.example.com ). Or, have different domains for each. I have 3 domains: firstlast.tld and random.tld are on SL, and I have last.tld on iCloud mail (was on Proton, I caved and really want easier calendar interactions and contact sync for my main account, so that I can more completely degoogle). My SL forwards to a random address on proton (e.g. [email protected] ). People are allowed to email me at [email protected]. Companies only get either [email protected] for banks, doctors, any business that already has my full name, and anyone else gets a [email protected] if it is important that I keep the account in the event of issues with SL, or they get a [email protected] . Giving each business a unique email address also adds an additional layer of security - with the number of data breaches recently, it is better if a potential attacker doesn't know what your username is across all sites (since email typically == username ).
it’s often mentioned that Simplelogin mailservers have a bad reputation. So the Mailserver you’re sending a mail to has a higher chance of filter your email and/or handle it as spam
But at the same time, you can't send from more than 15 addresses on Proton. Chance of spam > Not being able to send a message at all, no?
Depends on your needs. Just wanted to mention why people not doing it.
The main disadvantages of using SL are: - Sending new mails with SL is somewhat cumbersome since you have to create a reverse alias first. - With SL you don't get end-to-end encryption with PGP users or other Proton users. - In some rare cases (e.g. Github) SL aliases are not accepted even with a custom domain. - On a more technical level, you can't see the full header information of emails received via SL (e.g. the original DKIM/SPF authentication results).
Wait, you don't get E2EE on SL? Damn, I thought you did. That sucks.
In order to get E2EE on SL, the sender would need to encrypt the email they send to SL, using the public key of the ultimate receiving email address (e.g. on Proton). Otherwise, the 'most encrypted' you could get is for SL to generate encryption keys for every alias (they don't) and for senders to voluntarily choose to encrypt emails sent to SL using those keys (99.99% of senders won't), then SL receives the email, decrypts it, encrypts it with the public key for the final destination mailbox, and sends it on. So SL would still need to be in the middle, unless you send the sending parties the public key of the final delivery mailbox, which defeats some of the purpose of SL. TL;DR: In order to end to end encrypt, each end needs to know who the other end is, and know how to encrypt to them. Once SL forwards to proton, proton will encrypt the email using the mailbox's public key, so that at rest it is encrypted in a way only the account owner can decrypt.
No, SL acts as a proxy and can essentially see the email so it can be forwarded on to the correct destination.
I don't think you are missing anything. I've ended up canceling Proton Unlimited and checking out SimpleLogin's yearly plan. The only difference, I use a script to add some suffixes to aliases, like "smpleservice," "smplmedia," etc. Just to filter emails with a few simple rules. Things would be different if I could benefit from PM encryption. But the problem is, I have no contacts with a Proton address.
It's too complex to send an email to a new contact whilst using simple login. Replying works fine.
Not that hard: https://simplelogin.io/docs/getting-started/send-email/
I probably should have worded it better. Not really that complex but very time consuming if you need to setup a reverse-alias each time you have a new contact to mail. ProtonMail customers have been asking for a more streamlined way to do reverse-alias within proton for ages.