But there are workarounds like the one Infomaniak uses (I believe Proton does it too). When sending an encrypted email to a non encrypted user, a link is sent instead of the contents of the email instead. In any case, encryption at rest with user provided keys and things like that are always an option.
In transit, it’s impossible to get them all, though it should support PGP to anyone else that has it.
At rest, it should all be locked down so only I can access, they may have to store some messages temporarily until I connect to provide the encryption, but everything else better be completely inaccessible.
How would that work? Their mail server still has to receive emails on your behalf.
Unless you mean whether they plan to sell data, which I agree they should absolutely not.
Emails could be end to end encrypted, so the mail server wouldnt be able to see the emails. Basicslly PGP but out-of-the-box
The problem is that basically no one uses PGP. Adoption would be hard
But there are workarounds like the one Infomaniak uses (I believe Proton does it too). When sending an encrypted email to a non encrypted user, a link is sent instead of the contents of the email instead. In any case, encryption at rest with user provided keys and things like that are always an option.
If the encryption at rest is done by the server, that defeats the point.
Also, how does the user receiving an encrypted email access it? Do they have to enter a password? How is the password transmitted to them?
In transit, it’s impossible to get them all, though it should support PGP to anyone else that has it.
At rest, it should all be locked down so only I can access, they may have to store some messages temporarily until I connect to provide the encryption, but everything else better be completely inaccessible.