There are very good reasons to move away from Google and Microsoft, but being "Open Source" has nothing to do with it.
> With Tutanota all is encrypted expect of course the receiving mailaddresses
By whom and when? And how do you know that there are no plaintext backups being made before they encrypt the incoming emails?
Emails are only e2ee if your sender cared to encrypt them on their end. Even then, all the emails headers are plain text, otherwise your provider wouldn't know who to deliver it to. They may claim that they encrypted the headers as soon as they received the emails, but you'll never have a way to verify that.
If there was a method of e2ee for email metadata then you'd be perfectly safe even with gmail. But there isn't any, and it's always fundamentally about trust.
1. Eee2e is only is the sender en receiver are both using Tutanota. But my emails are stored encrypted on the servers of Tutanota, so no one can read them. Also not Tutanota. And yes if I send a email to a NON-tutanota-user the mail is of course NOT encrypted... that is no rocket science.
2. Headers are not encrypted BUT HEAVILY stripped by Tutanota... Did YOU ever check that? I did, and it is the true, they do that!
> if I send a email to a NON-tutanota-user the mail is of course NOT encrypted... that is no rocket science
That is also not very useful. It's no longer "e2e encrypted email" if it only works within Tutanota. It may as well be called "Tutanota messaging service", which is probably what it is under the hood.
> Headers are not encrypted BUT HEAVILY stripped by Tutanota... Did YOU ever check that?
No, I did not. My entire point is that whatever Tutanota is doing is meaningless, because they are incapable of receiving emails as anything else than TLS-encrypted plaintext, just like every other email provider. But you just answered my question – "stripped by Tutanota". If you trust them that they did it correctly without leaking (or willingly backing up) the plaintext, good for you.
My original point still stands.
No you can't be ee2e is the receiving end is also not ee2e... that is normal isn't it??
If I spoke Dutch and you spoke French... we won't be able to understand each other... That seems normal to me...
Yes you need trust.. and yes I don't work for Tutanota. So I don't know entirely if they don't leak.
But hey I don't work at my bank. And I trust them to get my money safely across...
