I considered them, but had a problem with two things about them: they both a) don’t allow custom domains (which is fine for privacy) and b) recycle email addresses, meaning that if you move on later they will make your old email address available to others.
The security risk is the problem, right? If you can get a a new password sent to an email address for the person who owned it before you, that’s an interesting attack vector.
I considered them, but had a problem with two things about them: they both a) don’t allow custom domains (which is fine for privacy) and b) recycle email addresses, meaning that if you move on later they will make your old email address available to others.
That’s going to be very interesting with persistent spam senders.
The security risk is the problem, right? If you can get a a new password sent to an email address for the person who owned it before you, that’s an interesting attack vector.
I use posteo and simplelogin together.
Posteo seems fine if you use a custom domain. If not, they have the same issue of recycling email addresses, like mailbox.