102
Warning to new tutamail users, your account could be temporary (lemmy.world)
submitted 1 day ago by GaryGhost@lemmy.world to c/privacy@lemmy.ml
40 comments fedilink hide all child comments

I made my first and only account with tutamail and within 48 hours it was disabled due to abuse. It really bothered me because I had forwarded now deleted emails for storage, updated many accounts including my doctors with the new tuta email. The next time I try to login it tells me that my password is wrong or can't login. I waisted my time trying to change the password and when I contacted support they send me this:

Hi there,

Thank you for your email.

Your account was flagged as an abusive signup by our system and it was therefore suspended. We have reviewed this case and we cannot make an exception. Please understand that we block some signups based on many different criteria in order to ensure the quality of our service.

Please feel free to register a different account.

Why the hell would I make another one? I signed up my one account the same day that I discovered them. I used a VPN, as if that's anything new. "I can make another account" really? So they can delete it again?

Obviously I should have tested their client before going all in. Who cares about privacy when random assholes can just wipe my data or read my emails. I needed to vent. Fuck you tutamail

you are viewing a single comment's thread
view the rest of the comments
[-] PiraHxCx@lemmy.dbzer0.com 1 points 20 hours ago* (last edited 19 hours ago)

You are talking about End-to-End Encryption. Zero-Knowledge Encryption means they don't have access to your mailbox because they don't know the password, it's not stored on their server, they only know the hash it generates (which is used to verify you know the password, but the password itself is never exposed).

Even though they can't get inside your mailbox they know all the incoming and outgoing metadata (addresses of emails sent/received) so they know your traffic (there is no way to encrypt metadata anyway, it would be like giving a letter to a mailman but not telling him who to deliver it to), but, say, court orders them to give access to your mailbox, they have no way of doing it, only someone with your password can read your emails.

[-] Ohh@lemmy.ml 1 points 19 hours ago

To be explicit. If its not e2e, it's sent and recieved and logged in plaintext. Tuta can opt to encrypt it, then store it, after the fact. But you cant verify that they do. Even though they claim to. Only messages (which is not mail) between tuta customers are e2e as i understand it.

Use signal. (Or for mail: i am going to shill purelymail which is awesome)

[-] PiraHxCx@lemmy.dbzer0.com 1 points 18 hours ago* (last edited 18 hours ago)

Stored emails are encrypted in any service, the difference from Tuta, Proton, Atomic, etc, to Gmail, Outlook, Yahoo and others, is that they don't have the decryption key. But yeah, technically any of them could make a copy of unencrypted emails you receive and send (the later don't even need to since they have the key), but they can't do it retroactively. Proton had a few third party audits checking their services, but afaik Tuta hasn't.

this post was submitted on 10 Jan 2026
102 points (95.5% liked)

Privacy

44365 readers
654 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago
MODERATORS
k_o_t@lemmy.ml
tmpod@lemmy.pt
Yayannick@lemmy.ml
ranok@sopuli.xyz