[arch-general] Suggestions for email for a paranoid Archer
Recently, my paranoia levels have been ratcheted up by reading about companies' treatment of their users, along with an increasing awareness of my powerlessness with respect to most content providers. I therefore curbed most online activity and have attempted to host those services I used on my own server, in most cases living without when I didn't succeed. Two months ago, I attempted to install postfix and dovecot on my Arch box in order to be able to host my own mail. Naively I thought that all I needed was the right software and a dynamic DNS address. In other words, I thought it would be as simple as setting up a web server. Naturally, I found out that most anti-spam software is leery of mail from dynamic DNS hosts who do not have rDNS and PTR records set up, that they preferred DKIM mail, etc. Seeing as these involve even more effort, I thought to ask the enlightened members of the Arch community which solution they would suggest me to use, because I trust you to have made intelligent decisions in this matter and believe you understand this outlook. Also, I've seen many users with email addresses issued by their own domain, which leads me to believe some of you may have gone through this before. The alternatives I'm aware of are: 1) Do what most people do, and just sign up for webmail, paranoia demanding me to download all email every day. Possibly alias the domain by routing everything through postfix first. 2) Host my own server, paranoia demanding multiple redundant backups. 3) No email - Knuth style Pros: 1) Very reliable, better support, and non-crazy 2) Gain vast amounts of power over my email 3) Less distraction, no effort at all Cons: 1) Less control, more black box. Is aliasing even possible? Too many providers - which to choose? 2) Hard to maintain, can crash at any moment, will drive me to early grave 3) Harder to keep in touch with people this way, harder to check what's going on Which do you suggest? Do you have an alternative? Thanks in advance, Gesh
Le Thu, 11 Oct 2012 13:23:32 +0200, Menachem Moystoviz <moystovi@g.jct.ac.il> a écrit :
Recently, my paranoia levels have been ratcheted up by reading about companies' treatment of their users, along with an increasing awareness of my powerlessness with respect to most content providers. I therefore curbed most online activity and have attempted to host those services I used on my own server, in most cases living without when I didn't succeed.
Two months ago, I attempted to install postfix and dovecot on my Arch box in order to be able to host my own mail. Naively I thought that all I needed was the right software and a dynamic DNS address. In other words, I thought it would be as simple as setting up a web server.
Naturally, I found out that most anti-spam software is leery of mail from dynamic DNS hosts who do not have rDNS and PTR records set up, that they preferred DKIM mail, etc.
Seeing as these involve even more effort, I thought to ask the enlightened members of the Arch community which solution they would suggest me to use, because I trust you to have made intelligent decisions in this matter and believe you understand this outlook. Also, I've seen many users with email addresses issued by their own domain, which leads me to believe some of you may have gone through this before.
The alternatives I'm aware of are: 1) Do what most people do, and just sign up for webmail, paranoia demanding me to download all email every day. Possibly alias the domain by routing everything through postfix first. 2) Host my own server, paranoia demanding multiple redundant backups. 3) No email - Knuth style
Pros: 1) Very reliable, better support, and non-crazy 2) Gain vast amounts of power over my email 3) Less distraction, no effort at all
Cons: 1) Less control, more black box. Is aliasing even possible? Too many providers - which to choose? 2) Hard to maintain, can crash at any moment, will drive me to early grave 3) Harder to keep in touch with people this way, harder to check what's going on
Which do you suggest? Do you have an alternative?
Thanks in advance,
Gesh
I chose the 2d alternative, but I have a fixed IPv4 adress since I host my contents on a dedicated server, so I didn't met theses dynamic DNS problems. For the backup part, a simple script using rsync in crond.whatever will take good care of it. Sometimes, your IP can be registered as "spam adress" on some DNSBL, but most of the time you can ask to be removed from this list by proving you own that IP. If you tend to be paranoïd, this solution has some drawbacks : - Security will sometimes make you sweat (Unless your are a security pro) - What guarantees you that your provider doesn't peek in your hard drive? To answer to the second problem, when I have some really critical files I save them on an encrypted partition that is closed most of the time. Hope this helps -- Garrik
I believe first question you need to answer is: what is your threat model? Are you afraid of losing all your mails (backups)? Losing control over your email address? What are you going to do if you can't login to your mailbox tommorow? How much do you mind if someone else gain access to your old mails? Computer criminalists, government, rouge google admin, google scanning your emails content for targeted advertising (privacy / security)? Are delays in delivering mail acceptable? (there are more questions) backups: getmail or imapsync and backup them like files control over mail address: buy your own domain, setup on your own server or something like google apps privacy / security: computer criminalists: good unique password, 2-factor authentication, use only trusted devices, don't do anything stupid privacy / security: government and google: use gpg to encrypt / sign your mails or setup your own server (with luks; remember, government can just steal your server from datacenter and there is nothing you can do about it) I think your own domain + backups + google apps is pretty good setup. Secure, reliable, cheap and you can switch to other hosting without changing your email address. If you don't trust google or government (well, you shouldn't :P) then setup your own email box. 2012/10/11 Menachem Moystoviz <moystovi@g.jct.ac.il>:
Recently, my paranoia levels have been ratcheted up by reading about companies' treatment of their users, along with an increasing awareness of my powerlessness with respect to most content providers. I therefore curbed most online activity and have attempted to host those services I used on my own server, in most cases living without when I didn't succeed.
Two months ago, I attempted to install postfix and dovecot on my Arch box in order to be able to host my own mail. Naively I thought that all I needed was the right software and a dynamic DNS address. In other words, I thought it would be as simple as setting up a web server.
Use cheap vps with static ip, it will be much easier. I doubt anyone keeps their mail server in home with dynamic ip. -- Krzysztof Warzecha
Thank you. The questions posed were quite enlightening, and showed me that this needs a bit more thought.
I believe first question you need to answer is: what is your threat model?
Are you afraid of losing all your mails (backups)? Losing control over your email address? What are you going to do if you can't login to your mailbox tommorow? How much do you mind if someone else gain access to your old mails? Computer criminalists, government, rouge google admin, google scanning your emails content for targeted advertising (privacy / security)? Are delays in delivering mail acceptable? (there are more questions) Off the top of my head, the most basic fears are loss of emails and access, and people who aren't me or who haven't received specific authorization from me reading my emails. Delays are fine, as long as the mail gets out there.
backups: getmail or imapsync and backup them like files control over mail address: buy your own domain, setup on your own server or something like google apps Is buying the domain necessary? I can get five free subdomains on freedns. I do own a server, which is, for a lack of a better place to put it, in my room. privacy / security: computer criminalists: good unique password, 2-factor authentication, use only trusted devices, don't do anything stupid Sound advice. Bit of an issue since I don't control most devices available to me and the other people using the devices I do control would be annoyed at the measures I would take to secure it. privacy / security: government and google: use gpg to encrypt / sign your mails or setup your own server (with luks; remember, government can just steal your server from datacenter and there is nothing you can do about it) Signing emails is something I've been wanting to set up for a while now. How do I encrypt the mail on google's servers? It seems like my best choice in this arena is trying to minimize the window of attack on google's servers and strongly securing my own. I think your own domain + backups + google apps is pretty good setup. Secure, reliable, cheap and you can switch to other hosting without changing your email address. If you don't trust google or government (well, you shouldn't :P) then setup your own email box. Doesn't google apps require you to install their apps on your server? How would you migrate from them? Use cheap vps with static ip, it will be much easier. I doubt anyone keeps their mail server in home with dynamic ip. Problem - as a high school graduate, I don't exactly have a steady source of income. I could try to find income sources, but I'm not aware of what cheap VPSs exist.
-- Krzysztof Warzecha
Again, thanks a lot. You have certainly clarified some of the issues I need to think about. Gesh
Problem - as a high school graduate, I don't exactly have a steady source of income. I could try to find income sources, but I'm not aware of what cheap VPSs exist. in the wiki, you can find some vps provider providing arch. check their
prizes, some are below 10€/month. as i'm in germany, i use netcup (maybe not an option for you). its pretty cheap. [1] https://wiki.archlinux.org/index.php/VPS
Use cheap vps with static ip, it will be much easier. I doubt anyone keeps their mail server in home with dynamic ip.
Why should you doubt that, I've read many a blog where that is the case. A few also block any dsl ip even though there are far better ways of detecting spamming viruses which often connect from corporate networks anyway. If your provider blocks for this reason, they don't know what they are doing and you should change. Still, you can't fix the world in a day. Has your ISP refused a static IP? -- _______________________________________________________________________ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) _______________________________________________________________________
On 10/11/2012 07:23 AM, Menachem Moystoviz wrote:
Also, I've seen many users with email addresses issued by their own domain, which leads me to believe some of you may have gone through this before.
The alternatives I'm aware of are: 1) Do what most people do, and just sign up for webmail, paranoia demanding me to download all email every day. Possibly alias the domain by routing everything through postfix first. 2) Host my own server, paranoia demanding multiple redundant backups. 3) No email - Knuth style
I do a combination of #1 and #2. I have a (cheap!) web hosting account (with Dreamhost) which also provides me with an email address on their mail system. I have the DNS entries for my domain point to Dreamhost, so any mail for my domain gets delivered there. But I only use Dreamhost as a mail drop-off point - I don't store my mail there. I have a cron job that runs fetchmail every few minutes which pulls the mail down to my home server, where I'm running dovecot, exim, and squirrelmail (webmail), and I access my mail there. (As well as make periodic backups of all the mail stored there.) For outgoing mail I do the same in reverse. I have exim on my home server set up to relay any outgoing mail up to dreamhost's SMTP server. That gets me around the issue of not being able to send mail from a dynamic IP. HTH, DR
I do a combination of #1 and #2.
I have a (cheap!) web hosting account (with Dreamhost) which also provides me with an email address on their mail system. I have the DNS entries for my domain point to Dreamhost, so any mail for my domain gets delivered there.
But I only use Dreamhost as a mail drop-off point - I don't store my mail there. I have a cron job that runs fetchmail every few minutes which pulls the mail down to my home server, where I'm running dovecot, exim, and squirrelmail (webmail), and I access my mail there. (As well as make periodic backups of all the mail stored there.)
For outgoing mail I do the same in reverse. I have exim on my home server set up to relay any outgoing mail up to dreamhost's SMTP server. That gets me around the issue of not being able to send mail from a dynamic IP.
HTH,
DR
That sounds more or less like what I intended to do before asking for advice here... Thanks. Gesh
Menachem Moystoviz, Thu 2012-10-11 @ 13:23:32+0200:
Which do you suggest? Do you have an alternative?
I use Postfix + Dovecot on an Arch Linux Linode VPS and I'm pretty happy with it.
2) Hard to maintain, can crash at any moment, will drive me to early grave
It is a bit of a pain to initially configure, but after spending a couple hours getting it set up, I've almost never had to touch the configuration, except when I added SpamAssassin and, later, procmail to the stack.
On Thu, Oct 11, 2012 at 3:56 PM, Taylor Hedberg <tmhedberg@gmail.com> wrote:
Menachem Moystoviz, Thu 2012-10-11 @ 13:23:32+0200:
Which do you suggest? Do you have an alternative?
I use Postfix + Dovecot on an Arch Linux Linode VPS and I'm pretty happy with it.
2) Hard to maintain, can crash at any moment, will drive me to early grave
It is a bit of a pain to initially configure, but after spending a couple hours getting it set up, I've almost never had to touch the configuration, except when I added SpamAssassin and, later, procmail to the stack.
Aye, but I have the following concerns regarding hosting the server myself: - Only have one server - no redundancy or reliability - No source of income -> no possibility of VPS AFAIK - DKIM, PTR, SPF, rDNS all require money and static IP (more money) Will keep this option in mind. Gesh
Menachem Moystoviz, Thu 2012-10-11 @ 17:50:20+0200:
Aye, but I have the following concerns regarding hosting the server myself: - Only have one server - no redundancy or reliability
You can set up more than one if you're that worried about reliability, but it's almost certainly overkill for a personal mail server. Also, Linode offers automatic backups for an additional $5/mo.
- DKIM, PTR, SPF, rDNS all require money and static IP (more money)
Basically any VPS provider will assign you a static IP address as part of the standard package. Linode gives you easy to configure PTR records; most other providers probably do the same. And I've never set up DKIM, SPF, etc. and yet I've never had problems with people receiving mail from my domain. Results may vary, of course, but I don't think it's a big deal as long as you aren't hosting your MTA on a PC in your basement with a dynamic address from your ISP or something.
Basically, the suggestion I'm seeing here is: go, work, get a VPS - can probably get one for cheap - and setup Arch on it. Sounds good. Will only have to figure out how to get money... Gesh
On Thursday 11 Oct 2012 18:18:10 Menachem Moystoviz wrote:
Basically, the suggestion I'm seeing here is: go, work, get a VPS - can probably get one for cheap - and setup Arch on it. Sounds good. Will only have to figure out how to get money...
seen this on G+ today. no idea if it can help you, but it might, depending on many different things... http://www.wikihow.com/Make-Money-Fast -- phani.
On Thu, Oct 11, 2012 at 6:29 PM, phanisvara <listmail@phanisvara.com> wrote:
On Thursday 11 Oct 2012 18:18:10 Menachem Moystoviz wrote:
Basically, the suggestion I'm seeing here is: go, work, get a VPS - can probably get one for cheap - and setup Arch on it. Sounds good. Will only have to figure out how to get money...
seen this on G+ today. no idea if it can help you, but it might, depending on many different things...
http://www.wikihow.com/Make-Money-Fast
-- phani.
:-S I will try other methods, plus I'm looking for something on the order of at least a year's worth of VPS. Thank you in any case. Gesh
On Thu, 11 Oct 2012 18:39:17 +0200 Menachem Moystoviz <moystovi@g.jct.ac.il> wrote:
On Thu, Oct 11, 2012 at 6:29 PM, phanisvara <listmail@phanisvara.com> wrote:
On Thursday 11 Oct 2012 18:18:10 Menachem Moystoviz wrote:
Basically, the suggestion I'm seeing here is: go, work, get a VPS - can probably get one for cheap - and setup Arch on it. Sounds good. Will only have to figure out how to get money...
seen this on G+ today. no idea if it can help you, but it might, depending on many different things...
http://www.wikihow.com/Make-Money-Fast
-- phani.
:-S I will try other methods, plus I'm looking for something on the order of at least a year's worth of VPS. Thank you in any case.
Gesh
I think you are confusing 3 things: privacy of your communications, security of your email account, and reliability of the storage. None of the proposed solutions properly address these issues. (1) Privacy Even if you did all things properly, your email will have to be read by someone. Do you trust their system/email provider? If yes, use GPG and/or certificates to fully encrypt a message. This is the only solution which ensures complete privacy. If no, don't send anything private. (2) Security Use strong passwords and ideally never enter them. If you are really paranoid, avoid using smartphones and other systems you don't control. Do not use web interface, but a mail client which stores password encrypted. (3) Reliability Fetch mail from an imap server to an external HDD or cloud like dropbox/ubuntu one. Nothing special here. Regarding (2) and (3) and public email like gmail/hotmail/yahoo, remember that Google, Microsoft and Yahoo actually maintain quite a robust infrastructure with lots of redundancy. It is highly unlikely that you'll do better than them with your home server. Doing so is a waste of resources unless you have very specific requirements. You may find instructive that most universities, at least in the US, do not maintain their own email servers any more, but switch to gmail.com/outlook.com for their official email accounts. HTH, -- Leonid Isaev GnuPG key: 0x164B5A6D Fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
Reading through the responses, I find that my previous evaluation of my options was correct. The most reliable and easiest solution, by far, would be to set up a standard account, and to download a copy of all emails. The only problems with this are the lack of control and privacy. My other option is to host my own mail server, either at home or on a VPS (which would cost more), which means much lowered reliability, a couple of days' worth of time setting up a rudimentary system, and sleepless nights wondering whether it was being compromised or used to relay spam. Benefits: control and semi-ascertained privacy. Therefore, I think I should go with the first route, possibly searching for ways to ensure end-to-end encryption and to make the email address's domain my own. However, to those who support using a VPS or hosting at home - how do you deal with the lessened reliability, costs and headache? Is it as bad as I think it is, or is it possibly a fruitful and useful endeavor? Thank you all, Gesh
On 10/11/2012 07:35 PM, Menachem Moystoviz wrote:
Therefore, I think I should go with the first route, possibly searching for ways to ensure end-to-end encryption and to make the email address's domain my own.
Both are easy to do. Fetchmail supports SSL encryption on your connection to the hosting company's POP server. And it's quite easy to point your DNS entries to a hosting company's servers. HTH, DR
On Thu, Oct 11, 2012 at 06:18:10PM +0200, Menachem Moystoviz wrote:
Basically, the suggestion I'm seeing here is: go, work, get a VPS - can probably get one for cheap - and setup Arch on it. Sounds good. Will only have to figure out how to get money...
Gesh
Yes, and then spend the rest of your nights worrying about the security and stability of your own server. Seems like a lovely waste of time and money for someone who, by their own word, has little of each to spend. Really, just add two-factor auth to a gmail account and be done with it. Google has no interest in singular people. Moreover, Googlers who take an interest in data or logs belonging to singular people find themselves no longer working at Google. d
On Thu, Oct 11, 2012 at 02:13:54PM -0400, Dave Reisner wrote:
Really, just add two-factor auth to a gmail account and be done with it. Google has no interest in singular people.
It should be noted that Gmail's two-factor authentication provides no extra security if you're planning on using it with a mail client. You will have to set up an "application specific password", which is a fixed-length alphanumeric password given to you by Google. Despite the name, it is simply another password that can be used to log in via IMAP/POP through any client (`openssl s_connect`, etc), without the out-of-band verification.
Moreover, Googlers who take an interest in data or logs belonging to singular people find themselves no longer working at Google.
This is true, but if you were really very paranoid, you would notice that you don't have any control over how long Google keeps "deleted" email on the server, and that any unencrypted emails on a server can be obtained by governments with relative ease. If you control the server and mailserver, you can encrypt your drive and also have all incoming email encrypted with your public key, so that your mail isn't just sitting around on a box for the taking. Neither of these things would stop a truly determined government-level attacker (unencrypted mail is still vulnerable in-flight for instance), but it would be useful if you have not yet been identified as someone of interest. guns
On Fri, Oct 12, 2012 at 8:49 AM, <sungpae@gmail.com> wrote:
Neither of these things would stop a truly determined government-level attacker (unencrypted mail is still vulnerable in-flight for instance), but it would be useful if you have not yet been identified as someone of interest.
guns
Being ON the Internet in itself means you cannot truly stop a 'determined government-level attacker', unfortunately. Especially true in some countries (China, for instance). My own government, for instance, probably has more reason to snoop on my communications than most criminals, all other governments, and Google/Microsoft/Apple/Facebook. Obligatory slightly-related xkcd ref - http://xkcd.com/538/ In the end, the price of being connected (and convenience) is a loss of privacy and anonymity. You could always do a John Conner and live off-the-grid, though.
On Fri, Oct 12, 2012 at 11:23:08AM +0800, Oon-Ee Ng wrote:
On Fri, Oct 12, 2012 at 8:49 AM, <sungpae@gmail.com> wrote:
Neither of these things would stop a truly determined government-level attacker (unencrypted mail is still vulnerable in-flight for instance), but it would be useful if you have not yet been identified as someone of interest.
guns
Being ON the Internet in itself means you cannot truly stop a 'determined government-level attacker', unfortunately. Especially true in some countries (China, for instance). My own government, for instance, probably has more reason to snoop on my communications than most criminals, all other governments, and Google/Microsoft/Apple/Facebook.
Obligatory slightly-related xkcd ref - http://xkcd.com/538/
Keeping things in perspective is always important, but if the OP wants to play cypherpunk, more power to him. Should his government come at him with a rubber hose, I won't begrudge him for revealing his private keys, because at least he will have offered some resistance to the current slide into a surveillance society.
In the end, the price of being connected (and convenience) is a loss of privacy and anonymity. You could always do a John Conner and live off-the-grid, though.
This is true, but the choice isn't binary. There are instances where we can use our tools to retain our privacy, yet enjoy much of the convenience. Yes, this requires work, but if someone is up to the task, I don't see any reason to discourage him from climbing out of the tar-pit. guns
On Thu, Oct 11, 2012 at 07:49:00PM -0500, sungpae@gmail.com wrote:
On Thu, Oct 11, 2012 at 02:13:54PM -0400, Dave Reisner wrote:
Really, just add two-factor auth to a gmail account and be done with it. Google has no interest in singular people.
It should be noted that Gmail's two-factor authentication provides no extra security if you're planning on using it with a mail client. You will have to set up an "application specific password", which is a fixed-length alphanumeric password given to you by Google. Despite the name, it is simply another password that can be used to log in via IMAP/POP through any client (`openssl s_connect`, etc), without the out-of-band verification.
Sure, what I had in mind was actually to take advantage of it. Disable POP/IMAP access and use OTP with webmail. This is true two factor auth and *does* provide added security.
Moreover, Googlers who take an interest in data or logs belonging to singular people find themselves no longer working at Google.
This is true, but if you were really very paranoid, you would notice
No, if you were really very paranoid, you'd realize that you just need to stay off the Internet.
that you don't have any control over how long Google keeps "deleted" email on the server, and that any unencrypted emails on a server can be obtained by governments with relative ease.
Well, I happen to know the retention policies, so this doesn't apply to me. I'll further point out that Google in particular is extremely transparent about what they give out to the government: http://www.google.com/transparencyreport/removals/government/ I'm not sure what you're trying to imply about unencrypted email and government bodies, but it sounds rather silly. Perhaps I don't drink enough koolaid.
If you control the server and mailserver, you can encrypt your drive and also have all incoming email encrypted with your public key, so that your mail isn't just sitting around on a box for the taking.
Receive encrypted email? How are you going to ensure that this always happens? I suppose you could simply deny anyone who isn't relaying over TLS (and just accept that you're going to miss out on a lot mail), but how do you control the sender's environment? There's equally many things on the sender's side (assuming they're vulnerable) that could potentially implicate you in whatever it is you're trying to hide. To expand on this, how do you control what happens to a message that you forward or write? You need to equally paranoid friends.
Neither of these things would stop a truly determined government-level attacker (unencrypted mail is still vulnerable in-flight for instance), but it would be useful if you have not yet been identified as someone of interest.
Again, if you're really going to be paranoid, just stay off the Internet. What we have here is an OP who's merely "waking up" to the realization that the definition of freedom is a bit different between meatspace and cyberspace. d
>From the responses I've received, I gather the following:
- Crypto is only going to get me so far, unless I can coerce all
incoming email to use TLS
- Until I have a steady income, my best bet is to use Google Apps for my domain
and to download all incoming mail - probably deleting it from
Google's servers while I'm doing it
- Once I have a steady income, I can afford to pay for a VPS, on which
it will be more likely
that a mail server set up on it will be able to send and receive mail
I really appreciate the help you guys gave. Thank you.
Gesh
P.S. I'm aware of the fact that, given a determined enough attacker
with enough resources, anything is hackable.
However, this does not, in my opinion, absolve us from our
responsibility to try and secure our systems
to the extent of our abilities
2012/10/12 Menachem Moystoviz <moystovi@g.jct.ac.il>
From the responses I've received, I gather the following: - Crypto is only going to get me so far, unless I can coerce all incoming email to use TLS - Until I have a steady income, my best bet is to use Google Apps for my domain and to download all incoming mail - probably deleting it from Google's servers while I'm doing it - Once I have a steady income, I can afford to pay for a VPS, on which it will be more likely that a mail server set up on it will be able to send and receive mail
I really appreciate the help you guys gave. Thank you.
Gesh
P.S. I'm aware of the fact that, given a determined enough attacker with enough resources, anything is hackable. However, this does not, in my opinion, absolve us from our responsibility to try and secure our systems to the extent of our abilities
Even if you delete the messages right away there is a a chance someone can recover it. By default most mail providers won`t really delete your messages but put then in a queue to be deleted. This is used in the case you loose a valuable email or so on. I work in a governmental company on the mail infrastructure and by default we retain any mail for 45 days which is vacations + a buffer in case someone deletes something and needs it when coming back from vacations. Of course the mail won`t be on your inbox but the goverment or google will be able to look on it upon request.
On Fri, Oct 12, 2012 at 3:19 PM, Kevin Chadwick <ma1l1ists@yahoo.co.uk> wrote:
My other option is to host my own mail server, either at home or on a VPS (which would cost more), which means much lowered reliability, which means much lowered reliability
Sending to you directly as this mail was rejected by the list!!! That's a pity, this mail is informative, however the mods might disagree with the tone you used with respect to Yahoo and Microsoft. Not that I disagree that it is an objectionable practice to misinform one's customers. It's just that saying it the way you said it could insult some people.
That's debateable, DOS sure, but you have much greater control and speed of access with a local mail server and past mail will still be accessible during any attack. I wasn't referring to DOS/DDOS-style reliability. In my mind, reliability ~= uptime > 99.999% Of course, you're correct in noting that the fact that a VPS is, by definition, distant from me, means that in case of a network outage or DOS attack, email is inaccessible and therefore a server at home is better in this respect.
For other parts of the thread, it's worth noting that Google is the only one of the largest three providers that offers encryption between MTAs though it's SSL is also incompatible with some/possibly many servers and falls back to plain text. You can only check that on your own server of course. So basically, you're saying that when I send email through Google's SMTP services, they try their best to keep the connections secure? Shouldn't that be, you know, standard?
The fact Yahoo and Microsoft offer ssl to pop clients without telling them they don't offer SSL between MTAs for performance reasons is actually quite disgusting. If this is true, then it is definitely an objectionable practice, and should be widely published. It would be like an electrical company claiming they provide energy from clean, renewable sources, when the greenhouse gasses emitted by constructing the power plant exceed those emitted by a similarly scaled coal plant over its entire lifetime
Basically, as far as I can see, my options - my own server at home, a VPS or Webmail - are ordered on several related scales of varying degrees of abstraction, responsibility, required trust, ease of implementation and guaranteed quality of implementation. In sum, this means that my best option now, given my limited budget, is to start out with Google Apps for my own subdomain (gesh.uni.cx, provided by freedns.afraid.org), and from there, as my budget and time will allow, upgrade first to a VPS and from there to a server at home. Unless someone offers a better path, this is the path I see for myself. Thank you all for your time and help. Gesh Now, to find a GPG server on which to host my public key (and to figure out how to generate one) and to find a good backup solution (my siblings use Crashplan, and therefore I could backup onto their boxes. However, I've heard good stuff about SpiderOak... Maybe I should use a combined Crashplan-SpiderOak solution? Decisions, decisions, ...)
[2012-10-14 00:21:15 +0200] Menachem Moystoviz:
On Fri, Oct 12, 2012 at 3:19 PM, Kevin Chadwick <ma1l1ists@yahoo.co.uk> wrote:
Sending to you directly as this mail was rejected by the list!!! That's a pity, this mail is informative, however the mods might disagree with the tone you used with respect to Yahoo and Microsoft.
The problem isn't Kevin's tone, it's that he never gives any single reference to support his claims. He assumes people will just believe him and gives them no means to search for more information.
That's debateable, DOS sure, but you have much greater control and speed of access with a local mail server and past mail will still be accessible during any attack. I wasn't referring to DOS/DDOS-style reliability. In my mind, reliability ~= uptime > 99.999% Of course, you're correct in noting that the fact that a VPS is, by definition, distant from me, means that in case of a network outage or DOS attack, email is inaccessible and therefore a server at home is better in this respect.
So to access your emails when your server is being DDOS'd, you need to sit at home where you are virtually cut off from the Internet. Clearly, in this respect, a VPS is much better as its connection will withstand much larger DDOS attacks than your home DSL.
For other parts of the thread, it's worth noting that Google is the only one of the largest three providers that offers encryption between MTAs though it's SSL is also incompatible with some/possibly many servers and falls back to plain text. You can only check that on your own server of course. So basically, you're saying that when I send email through Google's SMTP services, they try their best to keep the connections secure? Shouldn't that be, you know, standard?
The fact Yahoo and Microsoft offer ssl to pop clients without telling them they don't offer SSL between MTAs for performance reasons is actually quite disgusting. If this is true, then it is definitely an objectionable practice, and should be widely published.
I asked Kevin for references regarding his above claims of Google, Microsoft, and Yahoo practices. He couldn't give me any. So you can decide to believe him or not, that's about it. Your "If this is true" really shows what the problem here is... This list should not be a vector for unsupported claims. -- Gaetan
That's debateable, DOS sure, but you have much greater control and speed of access with a local mail server and past mail will still be accessible during any attack. I wasn't referring to DOS/DDOS-style reliability. In my mind, reliability ~= uptime > 99.999% Of course, you're correct in noting that the fact that a VPS is, by definition, distant from me, means that in case of a network outage or DOS attack, email is inaccessible and therefore a server at home is better in this respect.
So to access your emails when your server is being DDOS'd, you need to sit at home where you are virtually cut off from the Internet. Clearly, in this respect, a VPS is much better as its connection will withstand much larger DDOS attacks than your home DSL.
So in essence, what you're proposing is to only upgrade from VPS to private hosting when the resiliency of my private server is good enough - i.e. not most naive setups? It does make sense, and would make backups more urgent and important. However, at this point these discussions are starting to get academical, as it would take at least a year, if not five, for me to have enough spare time to work. Many thanks, Gesh
[2012-10-14 10:19:10 +0200] Menachem Moystoviz:
So in essence, what you're proposing is to only upgrade from VPS to private hosting when the resiliency of my private server is good enough - i.e. not most naive setups? It does make sense, and would make backups more urgent and important.
Backups are a must regardless of your setup. Next comes the question of reliability: how much downtime are you willing to trade for convenience? Here is what I do: I nearly exclusively use my official email addresses (professional, university alumni, Arch Linux) because there are people who will notice and fix any issue 24/7, and I care deeply that every email sent to me reaches its destination; whenever I feel like reading emails, I pull them from those accounts onto my machine (and send a copy to gmail automatically - I only use them as a backup service); I read my emails comfortably using mutt and have a unison regularly synchronize the (encrypted) copy of my emails I have on all my machines. I also run postfix on my home server but only use it to run a couple of silly mailing lists that I am perfectly willing to lose for a few weeks if it so happens that I am travelling and my server breaks down. I would not trust a private VPS more, nor any server that has a single admin. Cheers. -- Gaetan
On Sun, Oct 14, 2012 at 10:45 AM, Gaetan Bisson <bisson@archlinux.org> wrote:
[2012-10-14 10:19:10 +0200] Menachem Moystoviz:
So in essence, what you're proposing is to only upgrade from VPS to private hosting when the resiliency of my private server is good enough - i.e. not most naive setups? It does make sense, and would make backups more urgent and important.
Backups are a must regardless of your setup. Next comes the question of reliability: how much downtime are you willing to trade for convenience?
Here is what I do: I nearly exclusively use my official email addresses (professional, university alumni, Arch Linux) because there are people who will notice and fix any issue 24/7, and I care deeply that every email sent to me reaches its destination; whenever I feel like reading emails, I pull them from those accounts onto my machine (and send a copy to gmail automatically - I only use them as a backup service); I read my emails comfortably using mutt and have a unison regularly synchronize the (encrypted) copy of my emails I have on all my machines.
I also run postfix on my home server but only use it to run a couple of silly mailing lists that I am perfectly willing to lose for a few weeks if it so happens that I am travelling and my server breaks down. I would not trust a private VPS more, nor any server that has a single admin.
Cheers.
-- Gaetan
So basically, your setup is something like: Use corporate mail, pulling email onto your machine each time you read it, plus some backups and your own mail server for hobbyist stuff? Sounds quite similar to what I had in mind. Thanks. Gesh
On Thu, Oct 11, 2012 at 02:13:54PM -0400, Dave Reisner wrote:
Google has no interest in singular people. Moreover, Googlers who take an interest in data or logs belonging to singular people find themselves no longer working at Google.
I would believe that googlers who are "caught" peeking at people's data are fired, though this would apply to other service providers too, not just google.
On 10/11/2012 09:14 AM, Taylor Hedberg wrote:
And I've never set up DKIM, SPF, etc. and yet I've never had problems with people receiving mail from my domain. Results may vary, of course, but I don't think it's a big deal as long as you aren't hosting your MTA on a PC in your basement with a dynamic address from your ISP or something.
I have had occasional, but rare, problems with people receiving mail from my domains (almost all my mail originates from parts-unknown.org, which I've had for quite a long while) and I am running from static IPs (actually both IPv4 and IPv6) on a Linode. What I have abjectly failed to do successfully is get a functional DKIM setup (and right now, I'm not even running SPF). It's been a couple years now since the last time I broke my postfix trying to set this up, but all the documentation I found in this area at that time was seriously out of date. -- David Benfell benfell@parts-unknown.org
Aye, but I have the following concerns regarding hosting the server myself: - Only have one server - no redundancy or reliability - No source of income -> no possibility of VPS AFAIK - DKIM, PTR, SPF, rDNS all require money and static IP (more money)
Easydns is cheap for spf but charges per year and offer email redundancy when down. I'm not sure DKIM and SPF will help as those that block dsl connections are unlikely to be that savvy and likely drop the connection at the ip layer. I'd be interested in evidence/references to the contrary though. The RFCs say as long as your connection is down for less than 4 hours any mail shall be queued, though hotmail only waits an hour!!. In any case, any important mail will usually (some automated mail may be an exception?) be phoned through or resent due to failure notices. -- _______________________________________________________________________ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) _______________________________________________________________________
On 10/11/2012 11:50 AM, Menachem Moystoviz wrote:
Aye, but I have the following concerns regarding hosting the server myself: - Only have one server - no redundancy or reliability
This was a big concern for me. It's nice that when my server is down emails just collect over at Dreamhost until the server comes back up. One other big concern for me that led me to choose not to run my own POP server was worrying about having to keep my server configured properly so that a) it wouldn't get tricked into doing spam relaying, and b) so that it would properly reject incoming invalid/spam emails (e.g., invalid return domain, etc.) I'm much more comfortable having someone else's mail server do both of those for me. DR
On Thu, 11 Oct 2012, Menachem Moystoviz wrote:
Recently, my paranoia levels have been ratcheted up by reading about companies' treatment of their users, along with an increasing awareness of my powerlessness with respect to most content providers. I therefore curbed most online activity and have attempted to host those services I used on my own server, in most cases living without when I didn't succeed.
Two months ago, I attempted to install postfix and dovecot on my Arch box in order to be able to host my own mail. Naively I thought that all I needed was the right software and a dynamic DNS address. In other words, I thought it would be as simple as setting up a web server.
Naturally, I found out that most anti-spam software is leery of mail from dynamic DNS hosts who do not have rDNS and PTR records set up, that they preferred DKIM mail, etc.
Seeing as these involve even more effort, I thought to ask the enlightened members of the Arch community which solution they would suggest me to use, because I trust you to have made intelligent decisions in this matter and believe you understand this outlook. Also, I've seen many users with email addresses issued by their own domain, which leads me to believe some of you may have gone through this before.
The alternatives I'm aware of are: 1) Do what most people do, and just sign up for webmail, paranoia demanding me to download all email every day. Possibly alias the domain by routing everything through postfix first. 2) Host my own server, paranoia demanding multiple redundant backups. 3) No email - Knuth style
Pros: 1) Very reliable, better support, and non-crazy 2) Gain vast amounts of power over my email 3) Less distraction, no effort at all
Cons: 1) Less control, more black box. Is aliasing even possible? Too many providers - which to choose? 2) Hard to maintain, can crash at any moment, will drive me to early grave 3) Harder to keep in touch with people this way, harder to check what's going on
Which do you suggest? Do you have an alternative?
Thanks in advance,
Gesh
I took the fourth way - I gave up. Acclimated myself to the idea that no, all of my email won't be reliably archived, and it will be neither private nor particularly reliable, and stuck with acme webmail. (Gmail in this case, as you can see.) It's still preferable to no email whatsoever, and I fetch email with fetchmail, read it with alpine, and save those bits that I know need saving. Barring that, I found this to be a good guide: http://www.codinghorror.com/blog/2010/04/so-youd-like-to-send-some-email-thr..., although it's obviously targeted towards those automating the sending of massive volumes of email. -- Scott Lawrence Linux jagadai 3.5.4-1-ARCH #1 SMP PREEMPT Sat Sep 15 08:12:04 CEST 2012 x86_64 GNU/Linux
On Thursday 11 October 2012 13:23:32 Menachem Moystoviz wrote:
The alternatives I'm aware of are: 2) Host my own server, paranoia demanding multiple redundant backups.
Pros: 2) Gain vast amounts of power over my email
Cons: 2) Hard to maintain, can crash at any moment, will drive me to early grave
Which do you suggest? Do you have an alternative?
Not sure about my level of enlightenment, but here's my solution that has worked well for a year now. I wouldn't say that is's very hard to maintain once you get it running, which was the part that took by far most of the time. I have a VPS running on Linode [www.linode.com], but naturally any VPS provider will do as long as you get full access to the machine. Then I have a .eu domain to have a name for the server. As for the OS the server is running Debian stable. Debian was the choice because there is a very through guide on setting up your own email server at: http://workaround.org/ispmail/squeeze That is a long document, but very good reading. If you end up going this path do read the whole thing first to get an idea what you're about to do. Of course running your own service needs backing up. Linode provides quite a cheap backup service of their own, which propably would be the easiest. However, as I'm already using SpiderOak [www.spideroak.com] for whom security and privacy are main selling points, with a little bit of scripting, I simply started using their service on my server as well. Anyways, that's the outline of my currrent setup that has been reliable for a year now. I did not have previous experience on setting up mail servers, so it took some time to set it up, but was all in all a good learning experience...and most definitely fun. -- Vesa Muhonen <vesa.muhonen@iki.fi>
participants (19)
-
Dave Reisner
-
David Benfell
-
David Rosenstrauch
-
G. Schlisio
-
Gaetan Bisson
-
Garrik
-
gt
-
Kevin Chadwick
-
Krzysztof Warzecha
-
Leonid Isaev
-
Menachem Moystoviz
-
Oon-Ee Ng
-
phanisvara
-
Scott Lawrence
-
Sung Pae
-
sungpae@gmail.com
-
Taylor Hedberg
-
Vesa Muhonen
-
Victor Silva