I made my first and only account with tutamail and within 48 hours it was disabled due to abuse. It really bothered me because I had forwarded now deleted emails for storage, updated many accounts including my doctors with the new tuta email. The next time I try to login it tells me that my password is wrong or can’t login. I waisted my time trying to change the password and when I contacted support they send me this:
Hi there,
Thank you for your email.
Your account was flagged as an abusive signup by our system and it was therefore suspended. We have reviewed this case and we cannot make an exception. Please understand that we block some signups based on many different criteria in order to ensure the quality of our service.
Please feel free to register a different account.
Why the hell would I make another one? I signed up my one account the same day that I discovered them. I used a VPN, as if that’s anything new. “I can make another account” really? So they can delete it again?
Obviously I should have tested their client before going all in. Who cares about privacy when random assholes can just wipe my data or read my emails. I needed to vent. Fuck you tutamail
My guess is that whatever VPN server your connected to had someone else who was spamming or doing something else they weren’t supposed to. This caused the email addresses associated with that IP to be flagged.
One of the drawbacks to a VPN is you share your IP with strangers who sometimes do stuff you get penalized for.
Was it a free account, or paid? Tuta is pretty strict with the free accounts especially when new. I definitely would not consider using Tuta free for anything long term, they’ll just come up with all sorts of reasons to restrict or disable your account.
I’ve read they don’t do that sort of thing with paid accounts but can’t confirm, only ever used their free accounts for temp usage.
It’s absolute bullshit that they refuse to reopen when the user reaches out for a solution. Just replying with an autoreply, probably without even actually looking in to it, telling the user to basically fuck off is as scummy as it gets.
I had an account, but got sick for a whole year or so. When I tried to come back, they had taken the account down, and I could only access with an old emergency code I didn’t have anymore - I ‘only’ had my user/password.
I guess I had less than 40 emails, so the account didn’t cause space problems, or anything. But I managed to get a few other essential services bound to tuta before I got ill. That was unfortunate.
I won’t be dealing with a corporation that treats mail accounts casually as if they were not an important ‘anchor’ for other internet services. A small mail account should never be taken down for ‘not using it enough’. No tuta business crap again. disroot.org are the shit for me. Cool guys, and they still had my ~8yo account running without me using it until now…
You cant create accounts for anything with a vpn active now days but once you’ve created it on your bare ip you can use a vpn.
They can’t read your emails though, Tuta uses zero-knowledge encryption, it was something else that got you flagged. Did you send a lot of consecutive emails?
For the sake of accuracy: Incoming emails from external services are initially not encrypted. It’s only truly zero knowledge for either emails sent by another tuta user, or for emails that have already been received.
That being said, they don’t record this information unless specifically required by a court order, which to my knowledge has never happened. I understand that they make the decision of whether your account is spam within 48 hours, and after that it is in the clear. I created my account over Tor, didn’t use it much at all for the first few days, and have been using it fine since. That’s only one data point of course.
You are talking about End-to-End Encryption. Zero-Knowledge Encryption means they don’t have access to your mailbox because they don’t know the password, it’s not stored on their server, they only know the hash it generates (which is used to verify you know the password, but the password itself is never exposed).
Even though they can’t get inside your mailbox they know all the incoming and outgoing metadata (addresses of emails sent/received) so they know your traffic (there is no way to encrypt metadata anyway, it would be like giving a letter to a mailman but not telling him who to deliver it to), but, say, court orders them to give access to your mailbox, they have no way of doing it, only someone with your password can read your emails.
To be explicit. If its not e2e, it’s sent and recieved and logged in plaintext. Tuta can opt to encrypt it, then store it, after the fact. But you cant verify that they do. Even though they claim to. Only messages (which is not mail) between tuta customers are e2e as i understand it.
Use signal. (Or for mail: i am going to shill purelymail which is awesome)
Stored emails are encrypted in any service, the difference from Tuta, Proton, Atomic, etc, to Gmail, Outlook, Yahoo and others, is that they don’t have the decryption key. But yeah, technically any of them could make a copy of unencrypted emails you receive and send (the later don’t even need to since they have the key), but they can’t do it retroactively. Proton had a few third party audits checking their services, but afaik Tuta hasn’t.
That’s pretty annoying.
I had a similar experience today with two other services. The bot detection systems these sites are using is completely broken.
I’ve had my tuta account for a while so never had that issue with them. But I don’t appreciate the way they handled your issue. I wouldn’t use tuta if I was treated like that.
That’s why I closed my Tuta account and sign for Posteo. Couldn’t be more satisfied!
It pays in the long run to have your own domain for your email. Most providers can host your domain for a (usually) small fee, then you will never lose your addresses, even if your provider disappears.
Same. Signed up for one service and the Tuta account was gone within 2 days. Fuck em. It’s one thing to know your account can disappear at any time, it’s another to know they have a consistent history of doing it. I will never consider them a legitimate option for email nor recommend them to anyone.
Yeah they deleted an acct of mine for inactivity, then when I replaced it they flagged the new one for manual review saying “this addr cannot send/receive emails until it is cleared, please email us at [support acct] using [the very acct that cannot send mail, ffs].” Like dude how can I email you from the email on your servers that you have blocked from sending email? How does that make sense to you?
Anyway I made a Disroot acct which is better for me because IMAP support. They flagged me for review too, but then approved TWO different emails without all that horse shit from Tuta. Their sign up site can be a bit confusing (in particular their “human check” just says “weak password” unless you hit the character count so just max that out, but as a result of this confusion I’m using a 64char long randomly generated pass so, yay) but other than that they’ve been great so far.
They look awesome, while signing up they were closed for the weekend because everyone needs a break. Thats actually awesome, im excited
I had a few Tuta accounts suspended when tying to create an anonymous Google account. Eventually, I did get a stable Tuta which I have had for months.
Eventually
Not something the average person wants to hear when it comes to creating a personal email account
K
It wasn’t criticism aimed at you btw, just that it doesn’t inspire a lot of confidence in an email provider to hear that they are likely to suspend accounts
It’s all good. No offense taken.
