remove tuta.com mail addresses #425
Conversation
@ghost also mentions in #422 that outlook** addresses should be removed from the list as you can also make "burner" addresses with outlook. If you aren't adding outlook to the list, then proton, skiff and tuta should be removed from the list (and probably others)... |
|
On this basis, you might argue that all domains are to be removed from this list? Common sense suggests that Outlook links its services to user identity (and therefore ultimate accountability to the individual) creating and using the email account. Furthermore, there will be robust corporate procedures in place to address concerns about sign up and fraudulent use of *.outlook email addresses. On the basis of common sense and in the spirit of this list (i.e. identifying burner email domains), the domains mentioned above should remain as included domains in my view. It is a weak position to attempt to leverage well established consumer facing email services with robust user identification, data and privacy policies to justify and legitimise the primary proposition of other, newer providers that in many cases advertise themselves as "burner/temporary" in nature. Fundamentally, there are two opposing forces at play here:
Both are valid propositions and both are technically incompatible with each other. This list serves purpose 2 and will therefore always draw attention from those seeking to advocate or with direct commercial interests in 1. That is, unfortunately, just the nature of life in the grey area between privacy (anonymity) and the abuse (e.g. financial and identity fraud) by bad actors using and abusing services (often with no auditing and accountability themselves) providing burner digital assets. Clearly there are some far reaching impacts being felt by the decision of various services to use this list to screen logons / signups etc. At this stage, to address these concerns, it is probably time to think about publishing a list / delist policy for clarity. I'll take this up with the repo owner (@wesbos) for further consideration. More information to follow... |
|
Thanks for your reply. Just for clarification, I can make an outlook email account, like @ghost shows, without giving any identifying information. In regards to identifying the user, unless you are referring to the unethical tracking Microsoft (and other large corporations) undertake to establish who the user really is, if you have Tuta and the like on this list, then Outlook really should also be on the list. Yes, there is a far and wide impact to normal users with this list. Some of us simply want to protect our privacy from companies that don't need to know who we are. I understand there are other impacts in regards to those that need to protect their interests, but with a service like Tuta, that even prevents new accounts from sending emails for a certain amount of time after registration, this provides problems such as outgoing emails getting caught by spam filters or even just being blocked altogether requiring the user having a "privacy-unfriendly" email address to even sign up. I for one will make sure I am as anonymous as possible if I really need to sign up to one of these services, even purchasing a burner mobile number if needed, or I won't sign up at all if it is too difficult or uncritical. I support a second ignore list whole heartedly. |
|
Hello @emh-rowland-oconnor @wesbos, I'm from the Tuta development team. I'd like to point out that we at tuta (until recently tutanota) have been a privacy-focused email provider for more than a decade and that adding us to any list that's used to block signups to a significant number of services would disrupt daily operations for millions of businesses and private customers. We're just as committed to prevent abuse of our systems as the bigger players in this space, and are wondering why our customers should be singled out and penalized even though we're not doing anything different, identification-wise, than for example outlook or gmail. It is very easy to just sign up anonymously to gmail - I have done it several times for testing purposes. As one might guess, it would be bad for business if we were to gain a reputation for enabling spam and mass signups, which is why we have several layers of automated abuse detection and manual approval of suspicious registrations. And I assume it's also bad for the reputation of this list of disposable email-providers if it starts adding services used by many as a primary mail provider. Please reconsider this addition and help us by not having our domains on this list, Thanks! |
|
Hi @ganthern
Thank you for your note and explanation.
Happy to have these domains removed. Please generate PR accordingly.
Kind regards
…On Fri, 8 Dec 2023, 08:18 ganthern, ***@***.***> wrote:
Hello @emh-rowland-oconnor <https://github.com/emh-rowland-oconnor>
@wesbos <https://github.com/wesbos>,
I'm from the Tuta development team.
I'd like to point out that we at tuta <https://www.tuta.com/> (until
recently tutanota) have been a privacy-focused email provider for more than
a decade and that adding us to any list that's used to block signups to a
significant number of services would disrupt daily operations for millions
of businesses and private customers.
We're just as committed to prevent abuse of our systems as the bigger
players in this space, and are wondering why our customers should be
singled out and penalized even though we're not doing anything different,
identification-wise, than for example outlook or gmail. It is very easy to
just sign up anonymously to gmail - I have done it several times for
testing purposes.
As one might guess, it would be bad for business if we were to gain a
reputation for enabling spam and mass signups, which is why we have several
layers of automated abuse detection and manual approval of suspicious
registrations. And I assume it's also bad for the reputation of this list
of disposable email-providers if it starts adding services used by many as
a primary mail provider.
Please reconsider this addition and help us by not having our domains on
this list, Thanks!
—
Reply to this email directly, view it on GitHub
<#425 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ADLAS4KFNA5RE6CLAITEBOTYILEMXAVCNFSM6AAAAABAHI6NVGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNBWG42DKOJTHA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
www.tuta.com is not a burner mail provider. We offer a free tier, but have several stages of review and automated detection for suspicious signup attempts in place.
Thanks!
close #420