[arch-general] Suggestions for email for a paranoid Archer

Menachem Moystoviz moystovi at g.jct.ac.il
Sat Oct 13 18:21:15 EDT 2012


On Fri, Oct 12, 2012 at 3:19 PM, Kevin Chadwick <ma1l1ists at yahoo.co.uk> wrote:
>> My other option is to host my own mail server, either at home or on a
>> VPS (which would cost more),
>> which means much lowered reliability, which means much lowered
>> reliability
>
> Sending to you directly as this mail was rejected by the list!!!
That's a pity, this mail is informative, however the mods might
disagree with the tone you used with respect to Yahoo and Microsoft.
Not that I disagree that it is an objectionable practice to misinform one's
customers. It's just that saying it the way you said it could insult
some people.
>
> That's debateable, DOS sure, but you have much greater control and speed
> of access with a local mail server and past mail will still be
> accessible during any attack.
I wasn't referring to DOS/DDOS-style reliability. In my mind,
reliability ~= uptime > 99.999%
Of course, you're correct in noting that the fact that a VPS is, by
definition, distant from me,
means that in case of a network outage or DOS attack, email is
inaccessible and therefore
a server at home is better in this respect.
>
> For other parts of the thread, it's worth noting that Google is the
> only one of the largest three providers that offers encryption between
> MTAs though it's SSL is also incompatible with some/possibly many
> servers and falls back to plain text. You can only check that on your
> own server of course.
So basically, you're saying that when I send email through Google's SMTP
services, they try their best to keep the connections secure? Shouldn't that
be, you know, standard?
>
> The fact Yahoo and Microsoft offer ssl to pop clients without telling
> them they don't offer SSL between MTAs for performance reasons is
> actually quite disgusting.
If this is true, then it is definitely an objectionable practice, and
should be widely published.
It would be like an electrical company claiming they provide energy
from clean, renewable sources,
when the greenhouse gasses emitted by constructing the power plant
exceed those emitted
by a similarly scaled coal plant over its entire lifetime

Basically, as far as I can see, my options - my own server at home, a
VPS or Webmail -
are ordered on several related scales of varying degrees of
abstraction, responsibility,
required trust, ease of implementation and guaranteed quality of implementation.

In sum, this means that my best option now, given my limited budget,
is to start out
with Google Apps for my own subdomain (gesh.uni.cx, provided by
freedns.afraid.org),
and from there, as my budget and time will allow, upgrade first to a
VPS and from
there to a server at home.

Unless someone offers a better path, this is the path I see for myself.
Thank you all for your time and help.

Gesh

Now, to find a GPG server on which to host my public key (and to
figure out how to generate one)
and to find a good backup solution (my siblings use Crashplan, and
therefore I could backup onto
their boxes. However, I've heard good stuff about SpiderOak... Maybe I
should use a combined
Crashplan-SpiderOak solution? Decisions, decisions, ...)


More information about the arch-general mailing list