I’m trying to figure out the least worst way to use Tuta Mail on Qubes-Whonix. There are basically 3 options I’m considering:
Webmail accessed via Tor Browser (I’ve tested this and it works but Tuta does not have an onion service that I’m aware of)
Maybe I can use Tuta Mail with Thunderbird. I don’t think I can do it like the wiki talks about because Tuta Mail has built in E2E, but there is an official ThunderBird add-on that might work.
I can probably use the official Tuta Mail app. (I haven’t tested this on Whonix, but it works on other Linux Distros. It’s packaged as an AppImage)
I’m looking for the best option in terms of maximizing privacy without compromising security. The Whonix Instant Messenger Chat docs say “Avoid using web interfaces for any messengers because they break end-to-end encryption (E2E).” I know that’s a different context, but I’m thinking that the same logic probably applies to email, so I’m leaning towards a native app rather than a web interface. Please correct me if I’m wrong.
I have no experience with Tuta as a mail provider, so I can’t speak to how good their official app is or isn’t. I will note though, their Thunderbird addon doesn’t integrate Tuta with Thunderbird, it simply uses Thunderbird’s builtin web rendering engine to load the Tuta web app as a new tab. See:
This is worse for security than using Tor Browser, as Thunderbird doesn’t come with all of Tor Browser’s protections when rendering a website. Whether Tor Browser or the AppImage is better depends entirely on how Tuta designed the AppImage.
