I decided to setup my business email address on protonmail using my own domain. I downloaded the bridge and installed it on my MacBook. Yuk is all I can say. So now I am running a SMTP server and an IMAP server. This then allows my apple mail to communicate.

What can I say? I hate it. I can’t understand why you want to implement secure email in this way. Running the bridge on my laptop provides an obvious point of attack since this is what I would look to infect with malware or subverting your code. Communication on loop back is in clear.

What I want is to allow me to use PGP in my native email client of my choice using my own keyring which I can secure (on an HSM if I wish like YubiHSM2). I want to ensure all email at rest on your mail servers is strongly encrypted and I want the key for my mailbox. I want access to the public keys of all protonmail users (e.g. on LDAP) accessible so that by default all email to other protonmail users is encrypted. I want to be able to apply a data classification label to email that means if the recipient is external to protonmail and the classification is above a threshold I set, and I do not have a public key for them, then they receive a plaintext email asking them to open a web based email client to read the email/download attachments (if I have allowed this).

You should be running an SMTP service and an IMAP service. Access to this should be over TLS with the option to make this more secure by going via proton VPN.

I can’t download my private key from protonmail which I hate, I don’t want you to have a copy of my private key.

How is IMAP or local bridge support going? I would love to be able to use Tutanota in my local clients on my Mac, not least because I'd like to import my mails from my previous provider (ProtonMail - who has had a working bridge for quite some time).

