[jedberg]

So this is a mail client that by default deletes all the messages off of the mail server. So your privacy is still dictated by the mail server you choose to use, and then also your data integrity is 100% on you.

I'm not sure I understand how this improves privacy. It also makes things worse by making your email data more susceptible to being lost (which is different than protecting your privacy).

[HerraBRE]

Unless your adversary has a time machine, deleting from the server protects your past e-mails from any server-side compromise.

That's not nothing. :-)

But you're right there are trade-offs. If you don't have good backups, you are indeed increasing the odds of data loss by managing the data yourself. That is also true of encryption of data at rest, you are increasing the odds of data loss to buy some protection against unauthorized access. There are always trade-offs.

I had grand visions for how Mailpile could help mitigate such issues by encrypting the mail and re-uploading back to an IMAP server. But I haven't gotten that written, so for now it's just an idea. Someday, I hope.

Disclaimer: I wrote Mailpile. :-D

[HerraBRE]

To expand on this slightly, and illustrate:

I'm going to go out on a limb, and assert that THE most common attack performed against peoples' e-mail, is a jealous person who knows their partner's password logging on to their e-mail and reading their mail.

I know people who have done this. You probably do too.

People trust each other, people routinely tell their loved ones their passwords. And relationships routinely fall apart and trust is routinely violated.

Deleting from the server mitigates this problem and greatly reduces the window of opportunity for the attacker.

The privacy cost/benefit ratio for routinely deleting from the server probably beats every other privacy enhancing technique out there. Super simple, super effective.

Techies too often forget that privacy isn't just about the NSA, APTs and TLAs. The fact is, the people most interested in violating your privacy are the people who know you personally...

[microcolonel]

It means they can not be subpoenaed for a message that you have already received. That is an important distinction, since much of the time, not having received a given communication is a defense against its incriminating effect.

[jedberg]

> It means they can not be subpoenaed for a message that you have already received

How so? Even if you delete a message in Gmail they can still be subpoenaed for it. And usually the subpoena is for metadata anyway, like who sent you a message and when. They still have all that data whether you delete the messages or not.

[beagle3]

There’s some ruling that any mail left on the server for more than 60 days or so is considered abandoned and is essentially an all-you-can-eat buffet for law enforcement, even if you search/read it every day.

[occamrazor]

Source for that statement? I have never heard anything similar.

[Pyxl101]

https://www.businessinsider.com/when-can-the-government-read...

> In enacting the ECPA, Congress concluded that customers may not retain a "reasonable expectation of privacy" in information sent to network providers. . . [I]f the contents of an unopened message are kept beyond six months or stored on behalf of the customer after the e-mail has been received or opened, it should be treated the same as a business record in the hands of a third party, such as an accountant or attorney. In that case, the government may subpoena the records from the third party without running afoul of either the Fourth or Fifth Amendment.

[beagle3]

Thanks, I misremembered the 6 months for 60 days.

The third party isn't even obligated to let you know that the subpoena happened - Google usually does (unless there's a gag order), but does not promise to AFAIK, and I am not aware of the policies of other providers.