Our support emails are now moving to self-hosted and Mullvad-owned hardware.
A week or so ago, a blog post was posted in this Community calling out Mullvad for using GMail as their email provider. Wasn't the greatest blog post in the world and didn't approach Mullvad for comment or explanation. Anyway, looks like Mullvad heard about it and responded.
Mullvad doesn't mention a blog post, I think this has been in the works a lot longer than that blog post was.
These servers run from RAM, with fully encrypted disks mounted to store the backend PostgreSQL database. We cannot fully run our servers from RAM due to requiring a persistent database, but that was a trade-off we had to make.
These servers run the same OS and kernel configuration as the rest of our infrastructure that runs from RAM, and we have had this service audited pre-production by Assured AB. The issues found by Assured have since been resolved.
Auditing takes time, as does fixing issues found during audits. This wasn't in response to a blog post. This was because Mullvad is a company that is trying to do right by their customers (a shocker, I know).
That's really great news, and hopefully an inspiration for other companies to follow suit. Tearing the Google email monopoly into smaller pieces bit by bit :)
I think they probably did it at first as its quick and easy to set up. And they did strongly recommend anyone mailing them encrypted the emails. I would also assume it was always the plan to self host them but it was the least important part of the whole system so they left it until last to address.
I don't think that's a good argument though. Any other email provider is as easy to set up an account with and is more privacy friendly: proton, skiff, posteo. If they made a big blunder like that, I can only expect them to use other big tech stuff in the background like google DNS servers etc. Unti someone points it out