There is no free email you are paying for it. Most companies offering email services collect our private data every minute that we use them. They sell that data to others and use it to deliver ads to us.
In the game secure email there are hundreds probably thousands of players. Each of them claiming to be the “Best” there are hundreds of sites listing the 5 Best, 10 Best Email providers, these are paid advertising sites. Most of these email providers are not secure at all or at best have some large holes in them. This is not really surprising if you understand how email works. Let me explain.
First all “public” email services, work the same way and follow the same rules. Why are they “public” because they can communicate with any other “public” email service. Microsoft can communicate with Apple and Google and Yahoo and AOL and Protonmail and i3.net or your domain.com. This is how that looks:
- Step A: Sender creates and sends an email. The originating sender creates an email in their Email User Agent (Client) and clicks ‘Send’. …
- Step B: Sender’s MTA (mail Server) routes the email. …
- Step C: Network Cloud. (Mail Travels Through the internet)…
- Step D: Email Queue.( Addresses are checked) …
- Step E: MTA to MTA Transfer. (User exists and sender is valid mail is transferred) …
- Step F: Firewalls, Spam and Virus Filters. (Mail is checked for vulnerabilities)…
- Step G: Recipient’s MDA delivers mail to mailbox…
It is pretty simple and everyone does it the same way using the same protocols. All the major providers use SSL encryption for email in transit, where are the privacy and security problems?
The security problems, and there are many, begin with your user agreement. Whether it’s your email service or the web browser you use. All free services make money by selling the data they collect. As part of the agreement for using their service you “agree” that they will “collect” data from you and among other things will use it to deliver “relevant” ads to you.
How do they “collect” this data, what personal information do they have access to and finally how do you stop it.
Have you ever wondered why the “free” flashlight app on your cell phone wants access to your location, microphone and camera? I don’t know what data they collect once you down load the app and use it, but by signing up you give them access to all your user data on your phone, your phone number, name, IP address, Device ID and more. Who gets this information? The app developer and whoever they sell it to, the cell phone company and whoever they sell it to and your carrier and whoever they sell it to.
What does all this have to do with email security? Everything, in the diagram and seven points explaining how email works there are some missing pieces.
Your email client could be a major “hole” in email security. If you can login to your account using Google, Facebook or LinkedIn, you don’t have secure email. Whenever you use an “app” whether it’s on a cell phone, tablet or computer to login to your email account, you give access to your “data” to others. What information do you reveal in addition to your account data? Certain information is required for email to work and this is not encrypted, this information is included in the message header or envelope. Email headers contain tracking information for an individual email, detailing the path a message took as it went through various mail servers. The headers contain time-stamps, IP addresses, sender/recipient information and the subject of the message.
So put simply if you use an “app” for email, no matter which provider you use you “agree” to allow them to collect and “share” your data based on all the “user agreements” and “terms of service” of all the entities involved.
That “data” includes every email you have sent or received who it was to or from, including account information, what it was about, where you were and whether or not you were using your flashlight at the time.
Some examples of the information collected include: Capital One – Your Statement is Ready, Dr Who – You have an appointment Scheduled, Travelers Insurance – Your Policy, Jolly Yacht Sales – The information you requested, your friend Bill – Golf and so on and that is before the messages are scanned.
How do you get a truly private secure email service and what do you have to sacrifice for the sake of that privacy and security. We’ give you a little history and the answers after a word from our sponsor.
@i3.net was founded in 1995 with the same owners it has today. We began as an Internet Service Provider; we were the second ISP in Florida. We provided connection to the internet via dial up connections using modems connected to our network and to the internet portal via a T1 line. That connection cost $1700.00 a month and initially we had 20 phone lines connected to it through our servers. The internet was in its infancy, Microsoft didn’t have a website and Internet Explorer didn’t exist. Google hadn’t been invented yet.
By virtue of our location most of our early clients were in the military / intelligence arena and used our service for top secret email and file transfer most of our users were from government agencies. We were vetted and scrutinized for our policies and procedures. We have never read or scanned a client’s email. We have never been served with a warrant or subpoena to provide user information. We value our privacy and yours and have for over 25 years.
@i3.net we have no identity information to share or sell we mask your IP address when sending emails, the reported IP address is our server address. Your connection to our servers is always encrypted and your data on our servers is encrypted. Every server logs activity, we don’t save those logs; they normally expire within 24 hours.
Every email sent or received by our servers is scanned automatically for vulnerabilities including viruses, spyware, ransomware and spam. Encrypted email that is sent or received using PGP cannot be scanned and will show as “UNCHECKED‘, you should only send or receive encrypted email with known trusted sources.
If you exchange emails with another user that is also on i3.net your email never leaves our servers, no matter where each user is. No matter where you are, your email comes from and goes using our address, not yours. Our email client supports 80 languages.
Don’t use the native email client on your phone or computer it give them access to your password and inbox. Use a secure browser to access your email enable strict security and delete history when you close the browser. Put a time limit on your PGP session so encrypted email is not visible to someone viewing your screen while you’re away.
If you have an email service now our webmail client will look familiar to you, there is a choice of how it looks, you can choose from an interface that looks like outlook and one that looks like Gmail, it adjusts to the screen size of your device automatically. You can have multiple identities; create special folders, set up auto responses and more.
@i3.net’s mail client includes a contact manager and a calendar which you access through the email client with your password when you login. The calendar and contact manager are encrypted on our servers.
We don’t require two factor authentications to login to your account we don’t want your phone number and you can’t respond to an email until you’re logged in. Use a strong password and don’t share it with anyone. Some experts are recommending a short three word phrase separated by special characters like Help/me/donna for a password don’t use your name or birthday.
A one year subscription to i3.net costs US$29.95 pay with PayPal if you are not satisfied or want to cancel for any reason you can easily unsubscribe by clicking on the button on the Members page.
It’s not free, no email is and that’s part of our security.
@i3.net 25 years of continuous operation.