New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
known to cooperate with US agencies.
Cooperates with Canadian authorities in Canadian investigations. I have yet to see evidence of their cooperation with US authorities.
Then look harder, because they will (obviously) cooperate as long as the country has an MLAT with Canada:
http://www.wired.com/2007/11/encrypted-e-mai/
I don't think many people know what privacy means. I mean hushmail? Come on!
I know every alternative email service and I have accounts at almost everyone.
I know my stuff but I guess what I'm looking for doesn't exist. Which is sad!
Run your own mail server at home, keep the disk encrypted, use PGP. You're the one looking to host your e-mail on a third party platform, clearly you're willing to sacrifice some security.
Hushmail and similar services ensure that your e-mail remains secure from intrusion not by being "offshore", but with encryption. This can sometimes be undermined by government (e.g. changing the Java applet), but usually it's because of user problem (e.g. using less secure webmail interface).
Pretty much impossible to deliver emails from a domestic connection without a relay (and that would not be "from home" then).
If your government is willing to monitor Internet traffic for your e-mail then it doesn't matter if you're delivering from residential connection or from a relay. At that point the only solution is PGP or similar system. Running the mail server at home and encrypting the disk makes it harder to get stored messages.
It actually does matter since you would probably connect to the relay via SSL and it could be in a different jurisdiction, like it's the case for many users in the EU
Anyway my point was most ISPs will reject mail coming from a domestic IP, so no chance of delivery.
Please don't mention Hushmail again. Next you will recommend Safe-Mail.Net!
You obviously have no idea about privacy if you recommend those two services.
They do nothing to protect you and rat you out at the first possible site of wrong doing
I know what PGP is btw and I use it.
Have you looked into Hushmail? From what I can understand they are one of the few good private email services.
I am sure @hearthbleed is happy to read your comment...
You can't run an email server on a residential connection, no one would accept your mails. Email servers use transport encryption, if both sender and recipient support it. Only transport encryption also hides the metadata from nosy people.
So at the very least you're expecting it to look like you're doing wrong things?
sigh Do you understand what real privacy means?
It means no one can look at your mail except yourself. It obviously doesn't exist.
I am not looking to spam or host CP. I just want real privacy with my email.
Do you mean MX to MX only, or all the way, i.e. sender - MX - MX - recipient? If the latter, care to share how to configure that on Postix/Dovecot?
Then why are you asking for it? You are saying it can't exist with an email provider (which you are right about) yet you keep asking for one
Run your mail server at home, send outgoing mail via a relay. Point is to store your messages encrypted and make it less likely that someone can compromise the server without your knowledge. Assuming relay is in the same country, relay does not make it any easier for terrorist or government to monitor your e-mail (just relay TCP and not SMTP, so your relay never sees plaintext unless the destination mail server doesn't support transport encryption).
So why exactly aren't you getting an offshore VPS (however you wish to define it) and setting it up yourself?
Pick up a KVM VPS and encrypt the file system, even. Your host could in theory make a clone of your VPS whilst unlocked but short of that, your data and emails are private on the server.
Or get a dedicated server with KVM/IPMI and encrypt the file system that way.
The weakest point of any email privacy structure is the recipient and transit points. If your recipient is using Gmail, it's under whatever relevant jurisdiction that particular Google account happens to be.
It is easy to set up with reasonable level of security:
The server can still get hacked though
Hacked how? Via the power supply?
Made my day
Yes, side-channel attacks can be performed via the power supply. However I was refering to the fact that if the server is to be sued for anything, it will have to listen on a public IP address.
OP said "no one can look at your mail except yourself", it's clear that OP just wants to send e-mails to him/her-self (if OP is not both the sender and the recipient, then that implies there's another copy of the message somewhere). In that case OP can use a mail server without Internet connection. I'm not sure what your point is.
Also the only power supply attacks I've heard of are extracting data, not hacking the computer (they're also impractical outside of very specific algorithms). Even if you get a password from the power supply, you still can't use it to login, so you have failed to hack the computer.
http://www.zdnet.com/article/researchers-hack-wired-keyboards-hijack-keystrokes/
They can't read the emails from this of course but they can keylog all outgoing emails and hijack credentials. Better wrap your computer room in tinfoil and magnets. And place it at least 20 meters underground.
Best email security: stop using email
Who cares? They still have to break in to use the credentials.
So @perennate you seriously thinks that the OP just wants to send emails to himself with a mailserver listening on 127.0.0.1? I can't tell if you are trolling or not
What if he puts it in a safe room that is built to block all external signals, the only flow of power is filtered and regulated, and then he has a public computer in another room which he uses to initiate a send, and when he receives mail he can physically walk it to the other computer on a USB drive to add it to the mail server.
Of course, he'll need a safety procedure for the USB drive. Some sort of decontamination room between the public workstation and the air gapped mail server.
When sending cat photos, one cannot be too cautious.
Yes, that's what he asked for.