102

Warning to new tutamail users, your account could be temporary (lemmy.world)

submitted 1 day ago by GaryGhost@lemmy.world to c/privacy@lemmy.ml

40 comments fedilink hide all child comments

I made my first and only account with tutamail and within 48 hours it was disabled due to abuse. It really bothered me because I had forwarded now deleted emails for storage, updated many accounts including my doctors with the new tuta email. The next time I try to login it tells me that my password is wrong or can't login. I waisted my time trying to change the password and when I contacted support they send me this:

Hi there,

Thank you for your email.

Your account was flagged as an abusive signup by our system and it was therefore suspended. We have reviewed this case and we cannot make an exception. Please understand that we block some signups based on many different criteria in order to ensure the quality of our service.

Please feel free to register a different account.

Why the hell would I make another one? I signed up my one account the same day that I discovered them. I used a VPN, as if that's anything new. "I can make another account" really? So they can delete it again?

Obviously I should have tested their client before going all in. Who cares about privacy when random assholes can just wipe my data or read my emails. I needed to vent. Fuck you tutamail

you are viewing a single comment's thread
view the rest of the comments

[-] PiraHxCx@lemmy.dbzer0.com 14 points 1 day ago

They can't read your emails though, Tuta uses zero-knowledge encryption, it was something else that got you flagged. Did you send a lot of consecutive emails?

[-] spinning_disk_engineer@lemmy.ca 11 points 1 day ago

For the sake of accuracy: Incoming emails from external services are initially not encrypted. It's only truly zero knowledge for either emails sent by another tuta user, or for emails that have already been received.

That being said, they don't record this information unless specifically required by a court order, which to my knowledge has never happened. I understand that they make the decision of whether your account is spam within 48 hours, and after that it is in the clear. I created my account over Tor, didn't use it much at all for the first few days, and have been using it fine since. That's only one data point of course.

[-] PiraHxCx@lemmy.dbzer0.com 1 points 20 hours ago* (last edited 19 hours ago)

You are talking about End-to-End Encryption. Zero-Knowledge Encryption means they don't have access to your mailbox because they don't know the password, it's not stored on their server, they only know the hash it generates (which is used to verify you know the password, but the password itself is never exposed).

Even though they can't get inside your mailbox they know all the incoming and outgoing metadata (addresses of emails sent/received) so they know your traffic (there is no way to encrypt metadata anyway, it would be like giving a letter to a mailman but not telling him who to deliver it to), but, say, court orders them to give access to your mailbox, they have no way of doing it, only someone with your password can read your emails.

[-] Ohh@lemmy.ml 1 points 19 hours ago

To be explicit. If its not e2e, it's sent and recieved and logged in plaintext. Tuta can opt to encrypt it, then store it, after the fact. But you cant verify that they do. Even though they claim to. Only messages (which is not mail) between tuta customers are e2e as i understand it.

Use signal. (Or for mail: i am going to shill purelymail which is awesome)

[-] PiraHxCx@lemmy.dbzer0.com 1 points 18 hours ago* (last edited 17 hours ago)

Stored emails are encrypted in any service, the difference from Tuta, Proton, Atomic, etc, to Gmail, Outlook, Yahoo and others, is that they don't have the decryption key. But yeah, technically any of them could make a copy of unencrypted emails you receive and send (the later don't even need to since they have the key), but they can't do it retroactively. Proton had a few third party audits checking their services, but afaik Tuta hasn't.

this post was submitted on 10 Jan 2026

102 points (95.5% liked)

Privacy

44365 readers

654 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago

MODERATORS