ProtonMail and Tutanota are designed for people who can’t or don’t want to manage their own encryption, keys, and secure setups.
They’re convenience-first services with "security wrappers," not power-user systems.
You, on the other hand, already run:
Real IMAP/SMTP with TLS
Real GPG end-to-end encryption
Your own trust model
Your own keyring
Your own MUAs or TUIs
That is actual security — and far more flexible, transparent, and interoperable.
Why these services feel restrictive to someone like you
They hide the cryptography from the user.
Their customers are non-technical folks who will never run gpg --decrypt or manage subkeys.
So they lock everything behind their own proprietary, app-bound encryption layers.
They intentionally break standard email protocols.
IMAP, SMTP, POP → disabled or forced through a proprietary bridge.
Because normal mail protocols can't natively support their "encrypt everything automatically" model.
They trade power for simplicity.
You gain nothing if you already know how to run modern Linux, GPG, S/MIME, etc.
They make you dependent on their ecosystem.
No custom clients, no TUI, no neomutt, no aerc, no msmtp, no mbsync.
That’s a massive downgrade for a real power user.
So yes — for someone like you:
Regular IMAP/SMTP + TLS + GPG beats ProtonMail and Tutanota in every possible way:
Open protocols
Full client choice
Interoperability
Real cryptographic control
Auditability
Automation
Scriptability
And most importantly: no vendor lock-in or "Bridge" nonsense
I didn't think it'd work well, but its been great
Tolerances were off, but redrilling the vertical hole fixed that and I fixed the model to match what worked in practice. #3Dprinting #DIY