It's impossible to choose a "secure" email provider, unfortunately.
Email can't guarantee E2EE without a block cipher tool like GPG. Even if your provider stores and transmits only encrypted email data, once sent it does not maintain that guarantee while being passed by another entity's MTA.
If you email google, google gets to do whatever googly stuff it would like to do with its algorithm.
If you email exchange, roundcube, ISP, hotmail, it could wind up being archived to tape, or simply be sitting for a long time in some unencrypted mail spool, maybe in a public cloud.
If you selfhost, you would be forgiven if you find you have made a mistake or simply got pwned.
I've never selfhosted email, but I understand it is a lot of work to set up if you aren't familiar, and while maintenance is okay once you get rolling, there are occasional emergencies or hiccups that require intervention.
Aside from being much slower, regular mail is quite better since you can easily inspect the envelope for evidence of tampering, while email will be imperceptibly copied.
> Even if your provider stores and transmits only encrypted email data, once sent it does not maintain that guarantee while being passed by another entity's MTA.
What? If Alice encrypts an email to Bob, using Bob's PGP key on her laptop, then it doesn't matter how many MTAs that email passes through, the email stays encrypted at every hop.
> it could wind up being archived to tape
I guess you're saying that an encrypted email could travel through a provider that keeps a copy of it in the hopes that quantum computers will one day be cheaply available enough that they can crack the private key and read the email.
That seems expensive (and illegal) for a company to do just on a whim (assuming the sender and recipient are periodically deleting old emails), and I'd like to think that a judge would turn down a request for a warrant that covers data that won't be readable for a decade or more.
Yes, you have to bring your block cipher unless you are 100% sure all the MTAs are using your e2ee scheme.
>I guess you're saying that an encrypted email could travel through a provider that keeps a copy of it in the hopes that quantum computers will one day be cheaply available enough that they can crack
No, I'm saying when you send the email, the next MTA might not use encrypted transport and any mailbox/mail spool/cache might not store the data encrypted in any way.
You can of course get E2EE if you use GPG (you always could), but if somebody doesn't know how to use GPG or uses it wrong, that is problematic.
You can also just broadcast your gpg block message via public/ham radio or even hire a skywriter to spend his day tracing out your GPG cyphertext as a huge QR code in the sky :-)
Email can't guarantee E2EE without a block cipher tool like GPG. Even if your provider stores and transmits only encrypted email data, once sent it does not maintain that guarantee while being passed by another entity's MTA.
If you email google, google gets to do whatever googly stuff it would like to do with its algorithm. If you email exchange, roundcube, ISP, hotmail, it could wind up being archived to tape, or simply be sitting for a long time in some unencrypted mail spool, maybe in a public cloud. If you selfhost, you would be forgiven if you find you have made a mistake or simply got pwned.
I've never selfhosted email, but I understand it is a lot of work to set up if you aren't familiar, and while maintenance is okay once you get rolling, there are occasional emergencies or hiccups that require intervention.
Aside from being much slower, regular mail is quite better since you can easily inspect the envelope for evidence of tampering, while email will be imperceptibly copied.