Thanks. Mailbox.org looks very good, but it doesn't look like they have end-to-end encryption, which was the main thing I was looking for. I did sign up for a test account, though.

When he started up his social network in college, he called its users "dumb f*ckers" for trusting him with their data. I can't help but think he still feels that way..

Sure, but are we really losing "privacy" by laws that potentially allow the government to read emails if they need or want to? Think about the past prior to the Internet and email. We communicated by totally insecure phone lines that were easily tapped by almost anyone. We sent snail mail with intimate letters that not only could the government intercept but could easily be stolen out of our mailboxes or read by some bored postal worker. Email, even without encryption, is infinitely more "private" than how we communicated just a few years ago. All of this talk of "reading" of emails is really bogus. Fastmail, Gmail, and all the others don't let humans sit there and "read" our email. The reading is done by software to do things like allow for searching, to prevent phishing and spam, and to target advertising in some cases. But, random government officials looking for unpopular political views aren't sifting through your email. Could they? Possibly, but imagine the waste of time and effort. What are they going to do with the 53 million emails a day that discuss worries about government snooping on emails? Could they possibly zero in on you if they wanted to? Sure, but they could also do so based on intercepted cell calls, opening your mail, monitoring your spending habits, etc., etc. There are just too many avenues of attack to expect total privacy in life, and most people do not. I think all of us tend to worry about the wrong things. I am personally much more worried about the lack of editorial oversight and standards on major social media, like Facebook and Twitter, than I am about the privacy of my email. We are allowing pure lies and fake information to be broadcast constantly to billions of people, and it has nothing to do with privacy.

Personally, I do not want end-to-end encryption on all my email, for a variety of reasons. What I would like, but do not expect any service to offer, is to have end-to-end encryption available on demand for selected messages. If able additionally to specify whether the message subject line should be encrypted, that would be even better.

Selective encryption of messages is available using things like PGP, but getting correspondents to use it, and arranging key exchange is a major challenge.

Tech companies not 'comfortable' storing data in Australia
 

Microsoft and Fastmail on the impact of the Australian government’s encryption bill
https://www.theguardian.com/technolo...icrosoft-warns

I imagine in the worst case scenario Fastmail could move operations to Philadelphia in the USA, which is where POBox.com, their affiliate, is headquartered. I believe their servers are already located in the USA. I suspect a good share of their business is from the USA. One thing I am not clear on is exactly what this law means for email service providers like Fastmail since they keep claiming it doesn't impact them. But, doesn't the law mean the government could compel any technology company, including FM, to build a "backdoor" if the government wanted it to? I realize that FM isn't end-to-end encrypted, but still it would seem that there is a possibility that backdoors could be required and that would be bad for everyone's security. On the other hand, will this law prevent companies like ProtonMail from doing business in Australia, even though they are based in Switzerland? By the way, since this law is already in force I wonder what companies and services have already been compelled to provide information?

May be it doesn't impact them, but some customers think otherwise and move their business elsewhere.

Just out of curiosity How exactly would you implement self-managed encryption in Fastmail? Is that even possible?

It would be tricky, and I do not think FastMail is the appropriate tool if strong encryption is required. If determined, and you have correspondents willing to cooperate (in my experience rare) one approach in summary would be:

• Establish private and public keys for youself and all correspondents with whom you want to have secure communications.
• Setup scripts to encrypt/decrypt strings you wish to securely communicate (subject line, messae body). See below for a rough outline.
• Having composed a plain text message and wanting to encrypt it prior to transmission, copy the text to the clipboard, execute the encrypt script, and paste the result..
• When you receive an encrypted message, copy the encrypted text to the clipboard, and run the decrypt script. View the message in the window that is produced.

The encrypt script would take the user identifier as the only argument, and expect the clipboard to contain the text to be encrypted. It would encrypt the text using the target correspondent's public key and use the result to replace the contents of the clipboard.

The decrypt script would take no arguments. It would attempt to decrypt the contents of the clipboard using your private key and show the result. in a window.

For more sophistication, you can create a process that will scan your mailbox and automatically create unencrypted copies of all received emails in a secure location. (Unless you have copies of your correspondents' private keys, if you want plain text copies of what you send, these must be saved prior to encryption.) Also theoretically possible is to completely automate the encryption of outgoing emails by intercepting the Send (easiest if using a local client with SMTP) to encrypt the message if a public key for the recipient is found, before allowing the transmission to proceed.

Besides general inconvenience, there are a number of practical issues. Mechanisms are needed to similarly encrypt and decrypt attachments. Searching emails becomes extremely tricky, only being possible on the client, and only if unencrypted copes exist. When sending to multiple recipients, the email must be separately encrypted for each of them (assuming you are not using the same keys for each which is much less secure).

Much of the functionality I describe is available in existing tools, but generally requires the use of desktop mail clients (so IMAP/SMTP calls can be intercepted) to be used to best effect.

Note that, while message content can be secured, your email activity, notably the identification of your correspondents, is not hidden and cannot be if using FastMail..

tl:dr it's impractical with fastmail.

It's getting very silent concerning Fastmail and the AABill...

What are your thoughts? Are you still using Fastmail (which is one of the best mail-services)?

Still using. 16+ years now, no plans to leave.

As a US citizen or some other countries I would also use them without any fear... But as an EU citizen you think about it twice.

The service is the same no matter what country you are in. Curious as to your answer here...

I dont get that, what is different about EU.