New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Free / Cheap hosted email hosting in switzerland?
Hi Community!
Does anyone knows cheap or free email hosting in switerland, where it's possible to use own domain?
I'd like to be able to use IMAPs/POP3s so no web only stuff with mandatory javascript encryption (like proton when they'll allow you to use your own domain). IP removal from headers is a must.
Cheap shared hosting would work too, of course. But so far I can't find anything cheap (let say less than 20$ a year) in switzerland, coming from a swiss company.
If it doesn't exists, i'll have to get a good KVM and host it myself but.. does it exist?
Thanks for your valuable input!
Comments
It will be difficult to find it for free or even for such cheap price, that's an offshore location
I'm not sure what kind of extra shield you thinks this will give you, but I'm sure it's pointless to plan things this way.
If you're not engaged in criminal activity there are a lot of places that will fight for your data. Sometimes a swiss company is not the one that will fight harder.
If you're engaged in criminal activity I'm sorry, but they will not try very hard to protect you.
Just to give you an example, swiss government, banks and companies had complied a lot more with my country (Brazil) government and authorities than some giants US based tech companies.
http://lowendbox.com/blog/lunarvps-5month-512mb-ovz-and-7month-512mb-xen-or-kvm-in-sweden-or-switzerland/
http://docs.sentora.org/?node=7
Yes, even shared hosting is really expensive in switzerland.
Well, I just want peace of mind knowing that I place my data in a good place & with a good company. I heard good things about swiss privacy laws.
Any place / company you'd recommend?
Cool, but do you happen to know if the company is serious? Can't find much info about them (where they are registred, etc) on their website.
Protonmail
I've been to Switzerland. Its actually on the largest contiguous land mass on the planet, so very much on shore.
Thanks. They did look promising (at least really based in CH) but it's webmail only and they don't plan to change that in the future as their javascript-gpg depends on it.
I'd prefer something I could use my own email client with (and my own domain). I don't need javascript gpg. I can apt-get install gpg if I need to.
Any other suggestion?
There are a bunch of other places that have good privacy laws, but by the end of the day if you're not doing anything criminal they will probably not care enough to look at.
If you're using it to commit crimes or do ilegal stuff most companies would turn you in a heartbeat.
Privacy law in theory exist to protect your privacy, in real world it's only barely existant but it's nice to have on paper.
If they think you're doing something shady they will terminate your service, maybe refund you, and if needed turn you in.
My point is you should not have peace of mind hosting your mail anywhere, doesn't matter how their good is their privacy law.
I believe that you can get atmost something close to what happen to Lavabit, but not better just because the country have 'good privacy law'.
You would probably be more protect with a provider that doesn't care in a jurisdiction that care even less. And this will probably not happen on Switzerland, or Iceland, or any ohter place like that..
No need to be protected from law, I'm just looking for a place where I can sleep knowing I did the best for my email.
If CH isn't the best place for that, any other places and providers I should look into? (IP must be removed from headers, though. I'm used to that and don't want to get back to a provider where everyone I write to can guess the location I connect from easily, don't want to need to use a VPN for daily email use)
Any good provider that offer POP3s/SMTPs/IMAPs and cleaned headers?
Protonmail is broken.
It's been pretty much proven by now that laws mean fuck-all where it concerns privacy.
The only correct solution here is to use GPG or equivalent, and if you want encrypted webmail, you need to host your own. There are no other secure solutions. Anybody telling you otherwise is either uninformed or trying to sell you something (or both).
A possible webmail solution is Mailpile. I haven't audited it, nor do I use it, but from what I've heard it works decently well.
EDIT: To go into a little more detail; your webmail provider can simply ship you compromised code at will, and 'tap' your password or keypair that way, obtaining full (and quiet) access to your e-mails. Cryptography is useless against a provider if that same provider is the party who's sending you the crypto code to begin with.
I agree I see no point in this javascript thing, and regarding protonmail it will be used only to write to protonmail users (for automated encryption) so is kinda useless. If you want to use gpg as an envelope go ahead but then it's probably worth it to learn how to use the tools... I don't see that important as far as webmail goes, as webmail means you might want to check it on the go on some random computer, and if so your passphrase isn't secure.
But a good provider that DOESN'T force you to use javascript encryption and with who you can use your own client should exist...
Probably but I believe that there are exceptions, that every place isn't the same. I don't need bulletproof protection, just a good mail host I can trust with my private data...
Not personal, but you've been told already. Host it yourself and encrypt whatever you can.
I would also say that self hosting on a dedicated server provides the most "privacy" one can get.
But virtually zero anonymity (in combination with own domain anyway)
While Switzerland is rather unlikely to cooperate with the US they are likely to cooperate with EU and their own agencies have deep access without much judicial barriers, especially without any EU oversight/general laws as the EU countries are bound to (ya ya, on paper).
Switzerland cooperates with everyone these days, especially the US, on all levels. Even outside the law. The Swiss government cracks under the slightest pressure.
On-topic:
This guy seems to have cheap email hosting: https://kryutek.net/shared/
Doesn't seem to work..
I'm on this page right now. Works fine here.
Works from Germany, so +1
Works from Chile
While an interesting solution, it's a bit overkill for my needs. And then you have to take care of the security updates and be sure that you don't fuck anything up... An hosted solution is easier, even if it's less private for sure.
Right. Probably the way to go if you want to keep some control over your email, but to host just a personal email address even a small dedi would be a waste of resources
Interesting posts guys. So basically you're sayin that all the "switzerland is the new data paradise" is marketing bullshit and any hosting in the EU is more or less the same (and probably better if the company is really good and cares about your privacy?)
Well I guess some countries are worse than others: UK seem to tap everything, France will setup those strange "black boxes" and who knows how deeply the internet is broken in EU...?
Seems nice, thanks! Seems like the company is from UK. Is the owner a LET member by chance?
1gbps uplink, "fair use flat" -> "2-3TB" \o/
referring to the VPS plans
I'd rely on strong encryption, not on a country. Nowadays it's all the same, they're listening on almost every major network hub and I'm not even wearing my tinfoil hat while I'm posting this.
@2bb3 Not cheap but it's swiss:
https://kolabnow.com
Thanks guys!
No. You HAVE to assume that either the country itself taps it (like UK and France) OR that another country taps it where this is "illegal" (German BND cannot spy on locals, but they can obviously spy on Austrians and Austria can in reverse spy on Germans, then just exchange data which is fully legal).
Seems like it's time to learn to live with it. (But I guess it was like that for years, we just didn't know it)
You should not assume that because you didn't know, everybody else didn't knew either.
It's not like government tapping internet connection is some fancy last year trend.
Yes, it was always clear that the high level agencies with high funding or based in high risk areas (German BND, US CIA/NSA/DoD, Israeli Shin Bet/Mossad/IDF, UK MI5/MI6/GCHQ, Chinese agencies) tap at least some parts of the internet (mostly related to their own country and/or direct enemies, Israel the arabs/Iran, US the Russians and Chinese, BND Eastern Europe etc.) - It was also clear that they likely do this on cable landing stations if they either have no power to force ISPs/Infrastructure owners to cooperate (like BND) or simply don't trust them enough (like the Israelis), which makes sense as no one really goes there anymore (these stations are unmanned and fully automated).
However, the insane size of the Five Eyes operations is a whole other level - Dumping 100% of your own countries internet traffic is already a major operation even if you only store metadata (still need to process that either live or with short delay) but dumping 20%+ of the global internet is just insane.
Right. Most people in the West did know that some country did tap their entire populations, some did know that companies from the West did help them doing that, but not many people did guess (or know) the scale of that within western countries.
Who would have believed that a modern democracy would need or want to put all it's population under heavy automated surveillance? Maybe you (@Aga) did, obviously many of us didn't. And it was even more difficult to believe considering the huge amount of data crossing those countries...
But seems like that's what those in charge consider is needed to protect their population and their industry...
I would be more inclined to say that many people didn't care enough to think about, and when they care they would most like not want to believe that's was the case.
To be honest even when I'm not using my tin-foil-hat I always assume that every box I have may be tapped, logged, owned at anytime with or without government.
If it's online and working I don't consider it safe nor private anymore, it's just not happened yet.
However most people say I'm paranoid.