Ask HN: What is the most secure way to do email? |
Ask HN: What is the most secure way to do email? |
In terms of payload security, gpg encrypt your messages. Exchange gpg public keys with the other parties in a secure manor. Avoid gpg key servers if you are privacy conscious.
Disable HTML, CSS and Javascript in your mail reader. Enforce plain text. Use an application firewall on the machine your mail client resides and ensure it can only connect to your mail server and nowhere else.
If feasible, use plugins on your mail server and/or on your mail client that convert all manor of hyperlinks and URL's into sanitized links that are not clickable. Strip out all forms of HTML.
I’ve been using a mixture of email providers, like Protonmail for example. I was wondering if that’s about as good as it gets in terms of security.