Posted 2023/7/7
ProtonMail Rewrites Your Emails
I switched to ProtonMail a few years back after getting fed up with Google. It’s been mostly acceptable, but a few months ago the Android client started mangling emails – if I hit “send” too soon, it would send out only part of what I’d typed; I had to wait 10 seconds or so after I finished typing before hitting send to be sure it sent. I figured I’d switch to some other email client instead, since I wasn’t particularly in love with the Proton app anyway.
My solution was to set up the Proton Bridge in a VM on my NAS, then used rinetd to forward incoming connections on the IMAP and SMTP ports to the bridge (which only listens on 127.0.0.1). I then set up tailscale on that box and on my phone; with that, I could connect any Android email client (I like FairEmail) to my Proton account. I was also accessing it from Linux using Claws.
Everything was great until I decided the other day that I’d also like to do PGP signing on my outgoing messages. I exported a signing-only subkey to my Android device and configured FairEmail+OpenKeyring to use it, then I also set up Claws on Linux for PGP/MIME.
When I sent a test message to myself, though, Claws and FairEmail didn’t have any clue that it was signed. If I switched to PGP inline, it worked. I sent an email to one of the Claws maintainers, who reported that my MIME structure was all messed up. He sent me a signed message back, and Claws was able to verify the signature just fine.
It turns out that Proton has been breaking outgoing PGP signatures from the beginning: https://github.com/ProtonMail/proton-bridge/issues/26, https://github.com/ProtonMail/proton-bridge/issues/320. It seems that their argument is this:
- When you send a regular email via Proton to another Proton client, they automatically PGP sign+encrypt the message. (I think this is great!)
- Their automatic signing+encryption cannot coexist with a user-applied signature.
- Therefore, all user-applied signatures will be broken. Tough luck, bucko, we’re the SECURE email company, you’ll upload your private key to our servers and you’ll like it!
It’s absurd that there’s no way to disable this, no option to tell Proton “if you see a multipart/signed or multipart/encrypted message, just leave it the hell alone.”
I’m looking at other potential email hosts. I know PGP isn’t widely used, but I have a hard time swallowing Proton’s silent mangling of my email, and I especially dislike their smarmy we-know-better attitude when people complain about it.