I’m thinking of setting up a disroot.org account for Thunderbird, but I do not know which IMAP POP3 SMTP should be set. Which is the best in terms of privacy and security?I’m thinking of setting up a disroot.org account for Thunderbird, but I do not know which IMAP POP3 SMTP should be set. Which is the best in terms of privacy and security?
Disclaimer: I don’t use thunderbird, nor do I know what disroot is
But when I saw POP 3 or IMAP I needed to jump in.
POP 3 is an outdated standard that should be avoided.
IMAP is the default to connect to you email server.
SMTP does something different, it is a mechanism with which you can send emails from a server, it cant receive emails.
Why ? Do you have privacy considerations in mind, or is it just that IMAP is more suited to sync across several devices ?
IMAP has become the default protocol for mail delivery, but that doesn’t mean you can’t use POP3.
I think the main practical differences are that IMAP has support for push notifications while POP requires polling the server, and POP doesn’t store emails on the server while IMAP does making it more friendly to multiple email clients, but that may be worse thinking about privacy.
They all have different purposes.
POP3 is a dead simple protocol, all it does is grab emails from a server. If you just want all your emails stored locally in a single email client, POP3 will do the trick.
IMAP is much more complex. It keeps your emails and mailboxes/folders on the server, so if you go that route you have to worry about that. It’s a lot more convenient however, especially if you have multiple devices because it keeps everything in sync.
SMTP is not like the others, that’s the protocol for sending email so you’ll need to use it regardless of whether you use POP3 or IMAP.
All of these options will have the ability to use a TLS connection if you’re using any modern mail provider. That’s the main thing you’ll need to ensure you’re using. TLS/SSL is more secure than STARTTLS. You’ll know because you’ll be connecting to port 993 or 995 for IMAP or POP3 respectively, and 465 for SMTP.
Choosing between POP3 or IMAP just depends on how many mail clients you want and how much convenience you want, and if you trust your mailserver.
I use POP and it suits me fine, however I don’t sync across several devices, so I’m not a typical user.
I have set my email client / email providers to delete messages from the server as soon as they are downloaded, which gives me a degree of added privacy (of course, you never know whether an officially deleted mail is really erased, especially with Google).
I guess you can also ask for automatic deletion with IMAP, but I suppose it’s more complex.
Yeah the problem with this is some clients won’t store messages deleted on the IMAP server. So if you have a single client that supports this then it’s probably fine (but then you could just use POP3), but when you have multiple clients this gets trickier.
Nice to know. So it seems that POP is really a better bet for privacy, while it does not offer an iron-clad warranty either ?
Well, like you said you have no idea what’s going on with their servers, so is it truly deleted? But POP3 deleting messages from the server by default so your only emails are on your own computers in theory is better for privacy yes.