Well folks, I did it. I jumped ship from Gmail while I still could.
But to be honest, it’s not quite there yet. My goal is to delete my Gmail officially by the end of 2025. There are a couple accounts that are a particular pain in the ass, and some personal contacts that I need to make sure are updated on the change.
I’m really tired of the whole process, so I will keep this one mostly short. I’m also still testing the waters in terms of my replacement workflows. There will be changes, I’m sure, but the first massive step has been taken now.
The last month or so has been a deep dive into what my email strategy should look like. Here’s an overview of what I landed on:
- ProtonMail (pay for premium) for encrypted mail storage somewhere out in the cloud with reputable mail servers (I decided that I wasn’t ready for self-hosting email just yet)
- SimpleLogin to manage email aliases for all stupid accounts that I still need to receive email from. (I preferred addy.io from my testing in all honesty, but since SimpleLogin is included with Proton, I made the jump. SimpleLogin doesn’t seem anywhere near as polished as other ProtonMail services. Not that I’m the biggest fan of Proton’s first-party apps, but they certainly look and perform better. SimpleLogin feels like a shoddy WordPress plugin.)
- ProtonMail Bridge on a local server, using
socatto expose the ports to the LAN, and accessible remotely via Tailscale-connected devices. - K-9 Mail on my phone in addition to Thunderbird (Betterbird actually) on my desktop, connected to the same PM Bridge IMAP/SMTP server.
- One-time import from Gmail to bring over my existing emails, just in case.
- Automatic forwarding from Gmail to an email alias with a rule to file in a dedicated folder, for the time being. (So that I can log out of my Gmail entirely for now, and so that I have a copy of new emails coming into the Gmail until I finish the remnants of migration.)
The difficult part, really, was the existing account migration. I somehow have hundreds. I decided to combine a different project I had been planning to do with this project: setting up a Yubikey as a second-factor on my KeePassXC databases and reorganizing the passwords.
Here’s the general approach I took:
- Log into service. Determine if it’s an account that I need to keep.
- If yes:
- Change email address and username, if possible.
- Enable 2FA - preferably an authenticator app - if at all possible.
- Change password.
- Update the entry in KeePassXC to reflect the new information, add any missing information (mainly login URL), and file it accordingly.
- If no:
- Can I delete it?
- If yes: nuke it from orbit.
- If no: double check to be sure. If still no, anonymize it as much as possible. Change the email to a temporary email address, remove whatever personal information is possible to remove, change the password, and throw away the key.
- Can I delete it?
- Repeat ad nauseam.
- Lock the database down with Yubikeys:
- Add the same challenge-response to both (primary and spare) Yubikeys.
- Test that both work with a new blank password database with a hardware key enabled.
- Lock the existing database down with a hardware key after making a backup.
This took an entire weekend, up into the wee hours of the morning every night. The level of account creep is absurd, and every single damn service wants your phone number and email generally at minimum. The kicker is, I had done this once before several years ago when I removed all my social media and initially migrated to KeePass - the fact that I’m back to where I started, if not worse, compounds the absurdity.
Going forward, anywhere that will accept an email alias is getting an email alias (if not just a throwaway email). Assuming that I sign up for an account at all. I’m getting closer to digital sovereignty. Only 3 apps remain on my phone that aren’t at minimum source-available - most at this point just connect into my self-hosted services.
Next project, and I think this may happen over my winter vacation again…FOSS replacement for Todoist. CalDAV might just be able to do it…
EOF