
Cloudflare and FastMail: Your info is safe - jsingleton
https://blog.fastmail.com/2017/02/24/cloudflare-no-breach/
======
nawtacawp
Love fastmail -- I have six domains. I can send/receive from whatever address
I want.

~~~
StavrosK
I should just bite the price bullet and move to them. I've moved everything
else off Google (even search), it's about time I move my email too.

~~~
kartickv
As someone who loves Inbox and Gmail, what does Fastmail do that Gmail
doesn't? It needs to do a lot to make it worth the high price of $36 per year.

~~~
danieldk
I have been a happy customer for some years, after using Google Apps for
domains (paid) for more than half a decade.

\+ You pay for the service, they are not mining your data.

\+ When you have an issue, it is easy to talk to real humans. I had some
feature requests, my case was transferred to one of their tech-people in no
time. One of my feature requests was rolled out on their beta version in a
couple of days.

\+ They have a standards-conforming IMAP. So, it works much better with
isync/mu4e/mutt/etc.

\+ Fastmail is fast.

\+ They are a big contributor to the open source Cyrus project. So a lot of
their development ends up being available for everyone.

\+ They support push notifications in Mail.app in iOS. (Not IMAP IDLE, real
push notifications.)

\+ subdomain addressing besides plus addresses. E.g. if my e-mail address is
_me@foobar.xyz_ I can give out _me@quux.foobar.xyz_ without first creating a
virtual host _quux.foobar.xyz_. It makes it easy to create custom addresses
that are a bit less obvious than plus addressing.

\- The spam filter is not as good as Google's, even after training it for you
personally. I regularly (usually once or twice a week) get spam or malware
mails in my inbox.

\- The mobile app is acceptable, but not as the Google Mail app. It's
basically their webmail in a web frame.

~~~
ansgri
One BIG MINUS is internationalization (couldn't care less about localization
though), they still haven't completely fixed full text search for Cyrillic
mail. Some weird behavior like not matching partial words, or otherwise
omitting some legit search results, makes things difficult to find sometimes.

That said, even with that, it's much better than everything else on the
overall UX.

------
mxuribe
Now _that_ is how a company pro-actively communicates to their userbase and
the public at large! Honest information but inspiring confidence in their
platform as well as their support. Well done fastmail! Kudos!!

~~~
cakoose
Just to be fair, this is an instance of pro-actively communicating good(ish)
news. Not everyone does this, so of course it's good to encourage more of it,
but it's _much_ easier than pro-actively communicating bad news.

------
hackuser
Would one of the apparently many happy FM subscribers share details of what
kind of security they provide?

(It bears repeating: No email can be very secure.)

~~~
fredcy
[https://www.fastmail.com/help/ourservice/security.html](https://www.fastmail.com/help/ourservice/security.html)

\- happy FM subscriber for 3 years

~~~
Veratyr
Also I didn't see it directly mentioned on that page, they're not subject to
US law enforcement requests (unless they go through a Mutual Assistance treaty
request) and there's nothing like an NSL in Australia:
[https://blog.fastmail.com/2013/10/07/fastmails-servers-
are-i...](https://blog.fastmail.com/2013/10/07/fastmails-servers-are-in-the-
us-what-this-means-for-you/)

~~~
nsajko
But see:
[https://en.wikipedia.org/wiki/Five_Eyes](https://en.wikipedia.org/wiki/Five_Eyes)

~~~
jsingleton
True, but probably still better than the US or UK:
[https://protonmail.com/blog/investigatory-powers-bill-
email-...](https://protonmail.com/blog/investigatory-powers-bill-email-
privacy/)

Their EU servers are in the Netherlands. Although I guess it's hard to know if
any EU traffic goes to the US servers.

Australia does have similar laws but it seems they don't apply in this case:
[https://blog.fastmail.com/2015/04/09/fastmail-is-not-
require...](https://blog.fastmail.com/2015/04/09/fastmail-is-not-required-to-
implement-the-australian-metadata-retention-laws/)

------
uladzislau
I'm wondering if Fastmail provides better deliverability of incoming emails
(have issues with lost emails in free Gmail account)?

Also if something goes wrong is there a mitigation plan in place to recover
data and restore access of the user?

That's another major concern - to lose access to the account and not be able
to recover it - because Gmail has no support.

~~~
kellymartini
I use mailgun to send automated alerts from our home network backup processes
and security cameras.

When sending to a Gmail account, there is sometimes up to a 2 hour delay
before the mail arrives, though usually it's within a few minutes.

Mail sent to a Fastmail account always arrives almost immediately.

MG does some kind of prioritizing based on the domain when using their free
account. It's obviously an anti-spam measure. They might also have some kind
of "warm-up" feature where if you send enough email with a valid FROM and TO
address then they queue it faster, IDK. Not sure if they do the same thing
with their paid plans.

~~~
leesalminen
My understanding is that they rate limit the number of emails sent to a domain
per IP address, per hour. Email service providers assume that if you send "too
many" emails to their domain per hour, it's "spam".

The same thing happens with my dedicated IPs (sending ~500k/mo). Yahoo is
frequently rate limited. Gmail is less common, though we have years of good
reputation on those IPs.

~~~
ktta
500k/mo ?! Do you mind me asking if this is for a company or personal use?

Although I don't have any idea why even a few person compnay would have to
send those many emails, your use of 'my' makes me wonder.

~~~
leesalminen
Our product is a SaaS for pet service businesses (grooming, dog
daycare/boarding, training). The app has 34 distinct automated email types
that are sent at various points. It's a _lot_ of email :).

------
kevindqc
Is it better to use two different domains for API and static content then, in
order for cookies to be only sent to the API domain/subdomain? That way, if
there are requests to the static content that's served by a CDN (ie:
Cloudflare), it won't contain sensitive cookie information?

~~~
michaelmior
This is good practice anyway because it avoids the overhead of sending cookies
for static content when they're not needed.

~~~
dc2447
In HTTP2 the opposite is true.

Single domain will help you with performance

~~~
Buge
Actually with http2 you can multiplex requests for multiple domains within a
single connection. As long as the DNS for the domains is the same IP, and you
have a single certificate covering both domains.

------
ivm
What amazes me in Fastmail is how fast their web UI both on desktop and
mobile. Especially compared to Gmail but it's also more responsive than Slack
or Trello.

~~~
zer0t3ch
It does look crazy fast. I'd love to try it, but not worth the cost for
personal use.

~~~
morganvachon
As someone who switched away from all Google products, including Gmail, I can
definitely say it's worth the cost to me. In fact, I'd pay more than the
current rate, now that I've had a chance to really use the service. It is
fluid and fast in every browser I've thrown at it, including the work-required
IE10.

In my opinion, the only thing they could do better is to provide an API for
their file storage module, and I believe that is in the works.

You get what you pay for, and while Gmail is a good web client it is far from
the best. Fastmail beats it hands down as far as I'm concerned.

~~~
zer0t3ch
I've already (mostly) moved away from google, at least for email. This isn't
Google vs. Fastmail to me, this is Fastmail vs. Zoho. (Which I already have a
free account with for my domain)

------
nodesocket
I currently use G Suite, and pay $5 per user per month. FastMail honestly
looks like a better client than Gmail, but G Suite provides Google Calendar,
Drive, and Docs, which all integrate together beautifully. Hard to justify
switching to FastMail for the same cost and losing Drive, Docs, and Calendar.

~~~
jsingleton
They do have a calendar, which is something lacking from ProtonMail (although
I believe they are working on this). ProtonMail has a free plan and if you
only need a single custom domain then it's cheaper than FastMail. FastMail
only have a free trial but the standard plan covers multiple domains (you have
to pay more for extra domains on ProtonMail).

Edit (numbers):

FastMail = $50/yr
([https://www.fastmail.com/pricing/](https://www.fastmail.com/pricing/))

Up to 100 domains
([https://www.fastmail.com/help/account/limits.html](https://www.fastmail.com/help/account/limits.html))

They also do DNS and static website hosting (but not with HTTPS)

ProtonMail = $48/yr
([https://protonmail.com/pricing](https://protonmail.com/pricing))

1 domain, extra domains: $18/yr per domain

~~~
nodesocket
ProtonMail seems to be focusing on high security and encryption as their value
prop. My interest and needs are more in the web interface UX, speed,
workflows, customization, Exchange (iPhone push) support.

~~~
jsingleton
FWIW FastMail also comes with file storage and notes.

------
toomuchtodo
Thanks FastMail folks. I still use Gmail primarily (multiple labels per
message feature), but I pay for an account so that you're still around when I
need you to be.

~~~
vvpan
Hm, what's preventing the switch?

~~~
kellymartini
I'm not OP, but the answer to your question is in his post: the main thing I
miss about Gmail is the tagged labels, which make a lot more sense than
folders and are quite an improvement in usability.

Other than that, I'm much happier with FastMail.

~~~
brongondwana
You'll be happy to hear that the JMAP work we're doing will make labels a lot
easier to do on the FastMail interface

(on the downside, we can't yet account quota cheaply for that, so a message
with multiple labels will count multiple times towards your quota usage at
first)

~~~
rerx
That sounds intriguing! Is there a write-up about what you are going to do
with labels?

------
temp246810
I had high hopes for fastmail and it's an awesome product, just not quite
ready for me yet.

I'm not yet at a point where I need to lug my reading glasses everywhere -
provided I can adjust font sizes on my phone.

The fastmail app is just a wrapper over the mobile site and you can't adjust
the font size. The font as it is is tiny and unusable for me.

I contacted support and while they were curteous and prompt, they basically
said too bad and refused to give me a refund, even though I had purchased the
year subscription just a few days before.

Still have good things to say about them, just wish the app were more
accessible.

~~~
rhblake
Have you tried a "real" email app (i.e., one that's not just a wrapper)? I've
used K9 (Android) + FastMail for many years and it's been great. K9 has tons
of features, including letting you choose font size (with some granularity -
e.g. you can have different sizes for from/subject/body, folder/message view,
etc.).

~~~
temp246810
Good tip I'll try k9 out, thanks!

------
_RPM
Fuck. I use cloud flare for MX records to ensure I don't completely rely on
FastMail for everything.

~~~
brongondwana
Pretty sure they're not affected by this thing - it was just http proxy
rewriting logic.

(having said that - you may as well rely on us for MX records if all the
delivery is coming to us - our DNS infrastructure is more widely distributed
than basically anything else for exactly that reason)

------
joe_developer
FastMail scores pretty well on this comparison of email providers based on
privacy:

[https://thatoneprivacysite.net/simple-email-comparison-
chart...](https://thatoneprivacysite.net/simple-email-comparison-chart/)

~~~
chmars
The scoring does not make sense:

FastMail has servers in the US and is domiciled in Australia, a Five Eyes
country:

[https://en.m.wikipedia.org/wiki/Five_Eyes](https://en.m.wikipedia.org/wiki/Five_Eyes)

Mass surveillance and powerful security services do not go together with
privacy IMHO.

~~~
jsingleton
It does seem a little inconsistent.

[https://thatoneprivacysite.net/email-chart-
formulas/](https://thatoneprivacysite.net/email-chart-formulas/)

"Our headquarters are located in Melbourne, Australia with servers at New York
Internet and QuadraNet in the USA, and at Switch Datacenters in the
Netherlands."

[https://www.fastmail.com/about/company.html](https://www.fastmail.com/about/company.html)

Maybe this?

"We do not participate in, or co-operate with, any kind of blanket
surveillance or monitoring. (We also point out that Australia does not have
any equivalent to the US National Security Letter, so we cannot be forced to
do something without being allowed to disclose it.)

...

Unless prohibited by law, we will disclose to the account holder when we
receive a warrant for their account."

[https://www.fastmail.com/about/privacy.html](https://www.fastmail.com/about/privacy.html)

------
agentgt
I have been exploring other email services. I was checking out protonmail
recently as fast isn't my top priority. Anyone like protonmail? I'll have to
give fastmail a spin soon.

------
qrbLPHiKpiux
Thank you FM. A happy subscriber

------
rb666
Moved to Fastmail from Google last month, love it!

------
ocdtrekkie
For when a FastMail guy shows up here: Thanks for the note on this. And _hugs_
, because I love you.

\- Happy customer since November.

~~~
cknoxrun
Group hug! FastMail is amazing.

~~~
fifteenforty
Agreed! Paying member for 10 years here :-)

------
grogenaut
I ginned up this little tool tonight to help people out instead of grepping.

[https://bleed.cloud/index.html](https://bleed.cloud/index.html)

You can also run the python script on the website anonymously on your computer
to dig sites out of your email, which is a good indicator that you have an
account with them.

