I am using migadu [1] and am very satisfied, unlimited domains/users for free or $4 if you want to mail without advertisement below the mails you send.
I use pass: https://www.passwordstore.org/ - a password manager for the commandline that can be synced with git and stores the passwords encrypted using gpg
You are right, in this case he can use a salt for the hash - my second point is still valid though, but I guess that is fundamentally so if you want to use passwords
Informations we store [...] Hashed value of your email
okay, so you can easily make a rainbow-table and thus your users are not anonymous anymore + if someone has your database and want to know if [email protected] has an account one can easily find that out, even without the need to bruteforce all emails.
Btw. in this case it makes absolutely no difference if you or the client computes the hash ;)
Okay and how do you choose the key for the encryption? If it is the same for all users (which from what you said it kind of has to be?) you could just decrypt it?
and what are you doing with the random text per user (i.e. the encrypted emails)? Why do you need them?
If they are encrypted by the user, how can you verify their email then? This does not add up.
[1] https://www.migadu.com/en/index.html