[techntoke]

Not really, most people that use ProtonMail "heard" it was safe but aren't using VPNs daily and would probably struggle to find out how to incorporate it into their daily routine correctly with split tunneling. The smart people host their own email, not rely on someone else.

[vcavallo]

the smart people live in a plastic oil tank buried under four feet of peat

[logfromblammo]

Hang on, I need to call my peat guy, who assured me that one meter was sufficient. Also, you have to line that tank with shotcrete.

Hosting locations matter when you are buying network-delivered services. Even if it is trivial to bypass for the user, this one time, jurisdictional risk to the provider is something that you have to consider as a factor when comparing competitors and self-host options.

[vcavallo]

indeed!

and when a lot of people are talking about 'self-hosting' they're mostly talking about a VPS they rent from some provider who could vanish just as easily as Proton can. I'd like to see the numbers on how many self-hosting evangelists (I don't mean that term pejoratively. I think self-hosting is great) are actually talking about metal they physically control.

[techntoke]

Generally, that is why you'd build in redundancy and backups so that if your VPS provider, or cloud provider stopped working you could bring the service back up very quickly, however self-hosted email has proved reliable overall and there are even Helm charts for Kubernetes.

[_jal]

I can't tell where you want to draw the line. I personally have a couple physical servers in a cage. I do not own the data center in which they reside. Does that count?

If I don't "self-host", then neither does the corp I work for, with hundreds of machines in other people's DCs...

[vcavallo]

My original (sort of absurdist) point was exactly that; saying "here's the line between 'smart people' and 'non-smart people'" is both pointless and rude.

Everyone has different threat models and resources.

[_jal]

As someone with more than one weird hobby, I'm pretty sure conflating 'smart' with 'committed to weird hobbies' is a sin weird hobbyists of every stripe commit.

[this_user]

Unless you are literally operating your own servers in a location that you physically control, you are still relying on someone else.

[morj239]

And even in this case you can't rely on your domain registry not to change your DNS without your consent. And there's not really a big chance you own a dedicated IP address.

[techntoke]

Why would your domain registry change your DNS? You can also add multiple NS to a domain.

Additionally, if you're on a business plan then you can get a dedicated IP from your ISP or just host in a data center.

[enz]

For non-technical reasons, it is not always possible to self-host emails unfortunately.

[techntoke]

Like what?

[jbboehr]

I've heard it's relatively common to get allocated an IP that has previously been abused by spammers, or certain providers will reject incoming mail from IPs that have no reputation (but then how can you build reputation?).