Half the stuff you mentioned is a move to a US company (Apple) or a US-controlled company (Proton).

That’s a whole lot of trouble just to virtue signal, mate, and in the end you aren’t even getting the result you want.

Hmmm this looks like a really nice option! Any issues with deliverability?

My understanding is that the number of such sender aliases is limited, at most 50 or 250, depending on the plan. There are ways to use a custom domain for sending where you end up using a larger number of localparts fairly quickly, and it would be a hassle to have to manage them, instead of just typing whatever sender you want (or on replies, having the email client automatically use the address from the original email, without having to worry whether it’s still in the set of registered aliases).

I also use mailbox.org and use my own domain for email. Not sure what issue the author ran into.

...also migrating AWAY from Fastmail (Australian) and TO an European provider sounds like a very bad idea - I'd kind of want both the US and the EU legally away from my coms at all costs (!)

>How comfortable are you guys with the fact that EU countries allow prosecutors and sometimes even police officers to issue their own search warrants without meaningful judicial review?

This is a hilarious 'just asking questions' concern that doesn't address the complete 180 in direction the US is taking and descending in to authoritarianism while moving against the world order it primarily helped build post WWII while threatening other liberal democracies like Canada and Denmark with invasions.

It's a complete false equivalence. ICE agents have straight up murdered two US citizens in broad daylight without consequence and you're querying the nature of some search warrants in the EU.

> How comfortable are you guys with the fact that EU countries allow prosecutors and sometimes even police officers to issue their own search warrants without meaningful judicial review?

(IANAL.) This was reviewed by the courts themselves:

> The CJEU confirmed that the Belgian, French and Swedish prosecutors were sufficiently independent from the executive to be able to issue EAWs. […]

> […] Public prosecutors will qualify as an issuing judicial authority where two conditions are met: […]

> 2. Second, public prosecutors must be in a position to act in an independent way, specifically with respect to the executive. The CJEU requires that the independence of public prosecutors be organised by a statutory framework and organisational rules that prevent the risk of prosecutors being subject to individual instructions by the executive (as was the case with the German prosecutor). Moreover, the framework must enable prosecutors to assess the necessity and proportionality of issuing an EAW. In the French prosecutor judgment, the CJEU specifically indicated that:

* https://www.fairtrials.org/articles/legal-analysis/can-belgi...

The question that the OP asks is fair enough, but there's a lot of subtly and 'low-level' details on how things operate compared to the high-level question that is being asked. Also depends on where the OP lives and what he's used to: common law (UK/US/CA/etc) and civil law procedures and laws are (AIUI) quite different.

Valid question, which must be put in the context of US-based providers willingly satisfying US out-of-jurisdiction search requests for EU data without even letting the EU know about it. (And when the providers are not willing, they can be forced by U.S. Cloud Act)

https://www.forbes.com/sites/emmawoollacott/2025/07/22/micro...

> What Is An Administrative Warrant?

> An administrative warrant is a legal document issued by a government agency, rather than a court, that authorizes the agency to take specific actions such as conducting inspections, searches, or seizing property. Unlike judicial warrants, administrative warrants are frequently issued on less than probable cause of a crime.

> Administrative warrants are typically used for regulatory or civil enforcement purposes and allow agencies to enforce rules and regulations within their jurisdiction, such as health inspections, building code enforcement, or immigration-related actions.

> The problem with administrative warrants is that they make the agency both the prosecutor and the judge in the very same matter. The entire point of having agencies go to court for a warrant is because courts are an independent branch with an independent mission. Rather than solely focusing on identifying and prosecuting violations of law, courts seek to check agency errors and overreach. When the very same agency that wants to execute a warrant is the one deciding whether it issues, those checks disappear, and Americans’ security pays the price.

https://ij.org/issues/ijs-project-on-the-4th-amendment/admin...

US legal protections do not apply to EU citizens keeping their data in the US, do they?

So what's the point of this comparison, since if I host my data in the US they don't need a warrant at all?

> How comfortable are you guys with the fact that EU countries allow prosecutors and sometimes even police officers to issue their own search warrants without meaningful judicial review?

Just to be clear, according to the DOJ, law enforcement officials in the US can search your home without a warrant if they suspect that you are a "Alien Enemy" [1].

https://www.documentcloud.org/documents/25915967-doj-march-1...

Sweden is a country like this. It is just the way it is here. It can be abused, sure. But all things considered, I much rather have my things hosted here than in the US.

> Some EU courts will not exclude illegally obtained evidence either, so challenging the warrant later on will be pointless.

Generally speaking, I trust EU countries criminal systems more then USA one. USA one is too procedure oriented - like for example with this rule.

Unlike in USA, in general European cops and prosecutors can be punished when they do illegal stuff. That provides better protection then the pretend fairness rule you just cited.

At least there is still the rule of law and democracy in the EU

No system is perfect. It's more a theoretical risk for now, if you're not running a shady business.

> you might be in a reasonable EU country and still be hit with an EIO from one of the unreasonable countries.

Are you certain this has happened? I never heard that happen in central Europe. I am pretty certain legislation of other countries is irrelevant, unless it would be an EU regulation - and I am unaware of an EU regulation that could bypass local laws and that has not been made a EU law. Which EU law specifically do you refer to?

How much is this a practical rather than theoretical problem?

One of the problems with being on the US Internet is that we get lots of coverage of US police overreach and much less coverage of EU police overreach. That could have one of three causes:

- actual incidence is low

- it's not being reported

- it is being reported, but doesn't generate discourse

(And the counter option: sometimes when you do hear about it, it's been laundered through weird US right-wing politics, like almost anything anyone says about Sweden)

This isn't a downside against EU services when compared to the US, so what are you actually suggesting? Don't just vaguely hint at stuff. Should we be moving to Singaporean services? Oh shit, similar concerns there. Okay, where do you suggest we move? If you don't have any suggestions then there's little substance behind what you're saying.

Generally comfortable.

While the EIO is s controversial instrument (I particularly dislike the excessive power it gives to authorities in issuing countries and the inability to question the warrant), it at least is something that happens as part of a judicial process.

I'm certainly more comfortable with it than being subject to the whims of the US government and its 3 letter agencies.

That said, yeah, EIO in the shape it exists is bad.

Maybe the motivation is more to stop giving American big tech MAGA fascists money rather than any kind of gain in privacy/security against state level law enforcement.

Could you summarize the easy and hard aspects? Have you had any unexpected benefits or downsides?

Used them in my last project for around 5 years. They were boring in a good way and inexpensive.

I use them too. Highly recommend. Have never had an issue with them.

So where do you want to host your email?

Name a country and it probably has its own problems: some combination of instability, corruption, authoritarian governments, collaboration with the US and EU governments that you want to escape…

ProtonMail is in Switzerland, so it’s perhaps the best mainstream bet. But the Swiss are absolutely not immune to US and EU pressure.

Runbox are a good option - company and servers in Norway: https://runbox.com/

Been around since 2000. They're also working on JMAP support and are the top financial contributor to the Stalwart mail server (https://opencollective.com/stalwart) so I think they'll have a more compelling offering soon.

Also worth keeping an eye on Thunderbird pro which will also use Stalwart: https://www.tb.pro/en-US/

I'm using Zoho (Indian company, hosted in Europe). Maybe not perfect from a geopolitical pov, but it will do for now.

Singapore, Japan have reliable ISPs.

For email and calendaring, Fastmail, although Her Majesty’s Australian government has strong overreach instincts.

Fastmail is australian

lol, you want trustworthy stability without “too many” regulations. Good luck with that.

I’m not sure you know what instability means if you think the US is unstable. If anything, the fact that the dumbest person on the planet is in charge of the United States and the country still functions as well as it does proves a lot about the stability of the USA. The country runs on geopolitical easy mode.

Maybe there’s a libertarian fantasy novel where you can host your services.

You seem to know what you're talking about. I used a cheapie Taiwanese Intel netbook for years, on Linux, with great success. When it came to replace it, there was nothing left in that niche (i.e. small and cheap) except ARM Chromebooks with (apparently) locked bootloaders. So I reluctantly bought a heavy and expensive Intel laptop.

Was I wrong to assume that the average big-box-store Chromebook cannot be jailbroken, or has only driverless hardware, or are things changing here? If the latter, surely this opens a boulevard for Linux? Any insight much appreciated.

You can also get a refurbished thinkpad with Ryzen and 16gb of ram for 400€ or so on european Ebay.

I never understood why bother with these.

You get a dealbreaker keyboard because of the lack of an alt key and you don’t even save much money for the effort of working around the Chromebook restrictions. A laptop originally sold with Windows is so much more straightforward to work with.

I’d just grab something like an HP EliteBook 840 G10 on eBay. Around $300, upgradable RAM and SSD, and reasonably recent. Relatively modern/attractive aluminum build.

Or I’m sure there’s some other 2-in-1 not-Chromebook convertible model you can grab if you need the touch screen.

If you buy directly from Mullvad, they delete the transaction details after two weeks. Sure, your payment procesor knows you’ve bought from Mullvad, but in this case so does Amazon, no?

Regarding Migadu, after extensive research it seemed to be the best option, but man that 20 outgoing emails limit is just so off-putting and the next tier is so far apart. I would be comfortable paying 50-60 euros per year for 50 outgoing emails, but no, it’s either 20 for 20 euros or 100 for 90 euros

> Agree on mullvad, buy giftcard on amazon.

I've heard this before. Is this just to add another hop in the chain to make it harder for someone to track the user down? Apart from someone needing to order Amazon to pony up the details ("Which credit card was this Amazon item bought with?")

Is there another layer of privacy I'm missing?

I am boggled by the number of people who see "I really don't want to X" and then reply with "Here's how to easily do X!"

devault made sourcehut which I think is hosted in the netherlands

https://sr.ht

I tried it once, it's very opinionated and may not be suitable for what a lot of people think of when they're coming from something like Github. The required old-school patch-by-mail thing is a blocker for a lot of people.

Regarding Forgejo [0] there are a number of other open providers listed on the delightful forgejo [1] curated list. In addition there is a Professional services repository [2] where services are listed in the issue tracker.

[0] https://forgejo.org

[1] https://delightful.coding.social/delightful-forgejo/#public-...

[2] https://codeberg.org/forgejo/professional-services/issues

Yes, check out https://www.gitlabhost.com/ It is based in the Netherlands

I think Sourcehut is EU based now.

For just the basics, self-hosting of git can be pretty easy. I use gitolite on a VPS.

https://gitolite.com/gitolite/

I self-host Forgejo on a Docker container. Thinking about it, this is actually the right way to go.

If you got public projects, then something like Codeberg is in fact the place to go. If you got private projects, why push to someone's cloud-hosted git service at all? Push to your own service like Forgejo and sync backups to a local hard-drive or even online using rclone.

Uhm, is it? I have some small repos there, which are private and for my company (ie the website). I didn't encounter any warnings?

Edit, it says indeed (right in your face on the front page):

Codeberg is a non-profit, community-led effort that provides services to free and open-source projects, such as Git hosting.

I just click... click opened a repo and set it as remote and boom. Never thought anything of it... Perhaps I'm... Tolerated for the time being?

Gitea is one of the easiest projects to to self-host. And to do regular upgrades, you only need to update one file. It has been a joy to self-host for many years now.

Git is extremely easy to "self host". What makes things complicated are the web interfaces around code hosting, and all their supposedly important features. These days, Prs, issues, forums, wikis and all that seem to be synonymous with "git", which is pretty weird.

gitlab ce is easy to host.

Here's a step-by step guide:

Change directory to your local git repository that you want to share with friends and colleagues and do a bare clone git clone --bare . /tmp/repo.git You just created a copy of the .git folder without all the checked out files.

Upload /tmp/repo.git to your linux server over ssh. Don't have one? Just order a tiny cloud server from Hetzner or another European provider. You can place your git repository anywhere, but the best way is to put it in a separate folder, e.g. /var/git. The command would look like with scp -r /tmp/repo.git me@server:/var/git/.

To share the repository with others, create a group, e.g. groupadd --users me git You will be able to add more users to the group with groupmod.

Your git repository is now writable only by me. To make it writable by the git group, you have to change the group on all files in the repository to git with chgrp -R git /var/repo.git and enable the group write bit on them with chmod -R g+w /var/repo.git.

This fixes the shared access for existing files. For new files, we have to make sure the group write bit is always on by changing UMASK from 022 to 002 in /etc/login.defs.

There is one more trick. For now on, all new files and folders in /var/git will be created with the user's primary group. We could change users to have git as the primary group.

But we can also force all new files and folders to be created with the parent folder's group and not user primary group. For that, set the group sticky bit on all folders in /var/git with find /var/git -type d -exec chmod g+s \{\} +

You are done.

Want to host your git repository online? Install caddy and point to /var/git with something like

    example.com {
      root * /var/git
      file_server
    }

In Germany, netcup (https://www.netcup.com/) is also quite popular among customers who are

- small or midsize companies, or

- "hacker-minded people" (I know quite some "hacker-minded people" who rent a server or vServer at netcup),

since they offer quite a bit of value for the money. In opposite to Hetzner, netcup is more of an inside tip.

Haven't used it, but I've been intrigued by git-bug (stores issues in got itself) for years, to use as the issue/pr sync.

Bonus that now the issues aren't vendor locked either

https://github.com/git-bug/git-bug/blob/trunk/doc/feature-ma...

It's the rule of law that attracts business.

> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software…

– https://github.com/go-gitea/gitea/blob/main/LICENSE

If you don't want your software used like that, don't choose this licence.

You can't post-hoc decide how people behave.

The author mentions using them as well, but I personally would have a really hard time trusting any service run by any individual and be it just in case something happens to them.

I tried Uberspace for email and what bothered me that you can only set up one email domain per Asteroid. So if you have multiple domains, it gets expensive quickly... (depending on how many users per domain you have). But other than that, great company with a great ethical stance (and as far as I can tell, great technical infrastructure). I will definitely be going back to them if I need a simple VPS.

I think he means that he can have a catch-all, but to reply from that address, there needs to be an alias created on the account

Does their Zimbra implementation support 2FA ?

Also docs collaboration, and now video calling as well. And they've just bought Standard Notes, so that'll be next. It's definitely chugging along fast.

proton.me? That is in Switzerland, not the EU.

Don't make the same mistake again, get a domain so that you can keep using the same address when switching between providers. Then set up GMail to forward e-mail to your new address. Then slowly update the E-mail address in your account. You could even set up a label that gets attached to e-mails that arrived through your GMail address. In that way, you can easily see the stuff that still needs to be updated.

Untangling yourself from Google (or Apple, which is similarly hard), doesn't have to be all at once. Break it up in small steps that feel like individual wins.

One more note about using your own domain: avoid provider-specifict features like subdomain addressing (made it more work for me to move off Fastmail).

If you are using a password manager, start by searching for every record with your gmail address. Make a list. Every day, go to the next entry on the list and change your email with that app or service.

Of course, set up gmail to forward messages to your new address and filter them into a folder. Once you have changed all the services you know about, watch for emails coming to the gmail folder, looking for more services that need to be updated. Eventually the only thing arriving in the folder is spam and you can just route it all into the garbage.

There's no point in switching. Most of these people are dealing with a threat that has an extremely low probability of happening. It is not in any practical way going to affect your life and for most of the people here busy switching to EU services they likely don't have any major example of where it has affect them or anyone one degree away from them.

It's mostly an ideal. Like OSS. The practical reality means that such extreme adherence to only EU services doesn't do anything but make your life harder. It's like saying you only use open source, from the CPU to the GPU to your OS and everything else... make it all from open source, how big of a nightmare would that be? The only time it is practical is if you're doing really illegal shit and you need the data protection.

Nowadays, I primarily only use gmail because the mail client is good on Android. But all my accounts have been self-hosted for years now and gmail just reads them via POP3 (never managed to get it happy with IMAP for some reason) and sends via my own SMTP.

Can anyone recommend actually decent and free Android (and also web) mail clients for self-hosted use? Everything I've tried so far (but to be fair, it was a few years ago when I last checked) just felt clunky compared to gmail, so I've ended up sticking with it as a client far longer than I probably should.

Took me a year of slow migration so that my essential emails and connected services don't go over Gmail. Email is the hardest to move because of its central nature as an online identity.

It’s easier than you think when you stop trying to treat it as an all or nothing move and more of a gradual migration. Fastmail makes it really easy to keep the two in sync

Set up the redirect and change the emails of your services one by one whenever you have a minute of time. It took a year for me, and I am free now.

I let my old 4 letter .com domain expire around 2000ish and got suckered into the whole gmail etc thing after sitting on university and hotmail for a while

In 2019 I decided enough was enough and registered a new domain and started moving my accounts over as new ones came up, or I updated addressing

I have very little left on gmail now other than spam from old services I no longer use. Top one in the inbox at the moment is Facebook telling my I have "530 notifications about X". Its sad how desperate they are.

Yes, same here. I tried some EU providers like Mailbox, Tuta and Uberspace. In the end, even though Fastmail is not EU-based, at least it's based in Australia (and not US) and they have a solid track record as a company to make the right decisions and not chase every hype. So, this is good enough for me. For now.

Had a self hosted nextcloud instance runnning on my homeserver, but migrated away two years ago to a Hetzner Storage share. All in all I'm quite happy with that.

There are some downsides, though:

  - No support for collabora online, so no way for collaborative editing of office files
  - Data is not encrypted

I had no idea how cheap this was. Thanks.

I've used https://migadu.com/ before. Not EU, but EEA (Switzerland).

ProtonMail? Not strictly speaking EU, but atleast EEA

It also comes with a whole suite of software that you don't have to find EU alternatives for like Calendar, Drive, Password manager, etc

https://tuta.com/ and Protonmail

https://mailbox.org/

German e-mail service

I'm using Startmail, based in NL: https://www.startmail.com

I love fastmail, but I really wish they had servers close to me.

The high ping kills the throughput on davfs and makes their website hosting a pain to update :(

https://mailcow.email/vps/

Yeah, and ARM is based outside of EU, just across La Manche and Irish Sea.

yeah the blog is about software, not hardware

That ship had sailed long ago.

I guess when the alternative is Trump's vision of the future ... - at least I know what I would choose.

Assuming your assessment is correct, how do you think this will affect the digital sector?

You have no idea what you are talking about, really. We don’t "frequently" pass such laws. Nobody is accessing private messages, even if there have been such attempts.

The EU has still the strongest privacy laws world wide, and in contrast to others a strong ethical foundation. It may be slow, it may be torn, it may be overly beaurocratic, but sure enough not authoritarian.