Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Server-Side encrypted email options
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Server-Side encrypted email options

etcSudoersetcSudoers Member
in General

!! For the overly paranoid !!

In the wake of this whole NSA garbage... I am looking to self-host my own email. But can one really trust those who host our VPSs?

I was looking at mailpile as they are concerned about big brother looking through your email too, but they problem still exists: The email is stored on server unencrypted.

Is there any solutions out there (even if only webmail based) that offer some sort of locally encrypted storage?

Comments

  • skaska Member
    edited August 2013

    See: https://grepular.com/Automatically_Encrypting_all_Incoming_Email

    Thanked by 2perennate circus
  • twaintwain Member
    edited August 2013

    On front page of HN today:

    https://countermail.com/

    https://news.ycombinator.com/item?id=6182461

    image

  • perennateperennate Member, Host Rep

    For Postfix: http://vpsboard.com/topic/1503-postfix-encrypt-incoming-mail/

  • RaymiiRaymii Member

    EncFS would do, but most of the mail you get (via SMTP) would already be saved by our 'murican agencies because 90% of SMTP is unencrypted.

  • BrianHarrisonBrianHarrison Member, Patron Provider

    @etcSudoers said:
    !! For the overly paranoid !!

    In the wake of this whole NSA garbage... I am looking to self-host my own email. But can one really trust those who host our VPSs?

    I was looking at mailpile as they are concerned about big brother looking through your email too, but they problem still exists: The email is stored on server unencrypted.

    Is there any solutions out there (even if only webmail based) that offer some sort of locally encrypted storage?

    If you want to use webmail, your best bet is to arrange for both the sender and receiver to use PGP encryption (i.e., encrypt on your desktop, paste into webmail form).

  • dnwkdnwk Member

    Just encrypt your server hard drive.

  • c32c32 Member
    edited August 2013

    If you read the news you should know by now that "they" are doing all kinds of nasty and not-really trivial stuff, MITM attacks on SSL, serving java exploit to people browsing to half of the tor "hosted" sites, memory dumps on confiscated servers/laptops over firewire or cold boot attacks, using mouse jigglers to prevent computers from locking up (if they aren't already) and many other things we don't know about.

    Yes, some encryption is better than nothing, by all means, use truecrypt, luks, encfs, whatever. But when somebody comes for your drive and takes the whole server or rack or racks most likely they'll also get your key if it's in the memory. That is even if it is your hardware, if it's just a vps it is 10x easier.

  • MiguelQMiguelQ Member

    Encrypt your server's hard drive and enforce TLS in your MTA config

Sign In or Register to comment.