Linked by Thom Holwerda on Mon 8th Aug 2016 20:08 UTC
Internet & Networking

Fast forward to July 15, 2016 (there’s that lab journal again…) when, after receiving an email from Google asking me to indicate how exactly I would like them to use my data to customise adverts around the web, and after thinking for a bit about what kind of machine learning tricks I would be able to pull on you with 12 years of your email, I decided that I really had to make alternative plans for my little email empire.

Somehow FastMail came up and in one of those impulsive LET'S WASTE SOME TIME manoeuvres, I pressed the big red MIGRATE button!

The rest of this post is my mini-review of the FastMail service after almost 3 weeks of intensive use.

I'm pretty sure at least some of you are contemplating a similar migration, away from companies like Google, Microsoft, and Apple, to something else.

Order by: Score:
No real point
by darknexus on Mon 8th Aug 2016 20:27 UTC
darknexus
Member since:
2008-07-15

Unless you cut off all communication with people who do use the big services, you're only fooling yourself if you think they won't still get data on you.

Reply Score: 6

RE: No real point
by Wondercool on Mon 8th Aug 2016 20:53 UTC in reply to "No real point"
Wondercool Member since:
2005-07-08

That doesn't mean that you should give carte blanche to Google to mine your life?!

Gmail is the only thing that connects me right now to Google. I don't use G+, Google search. I don't log in to any Google services (youtube) and I filter near all Google domains in my web browser.

But as long as I keep using Gmail it's bloody easy for Google. It seems Fastmail is quite nice, I really like their plain English privacy policy too:
https://www.fastmail.com/about/privacy.html

Maybe I should fork out 40 dollars and give it a try. Seems it's easily worth the price.

Reply Score: 8

FM.fm
by joekiser on Mon 8th Aug 2016 20:57 UTC
joekiser
Member since:
2005-06-30

Long-time Fastmail user here. I think using Fastmail to avoid Google is doing it wrong. You still access it through Chrome or Android, and anybody you communicate with who has an @gmail.com address would be giving the entire conversation away to Google's scans.

The best features are one-time logins for untrusted computers, Sieve filters, multiple aliases, and actual product support. Maybe GMail has these features, maybe not. I'm ignorant to what's available with GMail anymore, but it was the lack of support (long story that I'm not going to repeat here due to probably forgetting half of it and then everybody going to try to nit pick the story like they were there) that lead to me going to Fastmail exclusively.

TL;DR - use Fastmail for its own merits, not because you hate Google.

Reply Score: 9

RE: FM.fm
by Alfman on Mon 8th Aug 2016 21:49 UTC in reply to "FM.fm"
Alfman Member since:
2011-01-28

joekiser,


Long-time Fastmail user here. I think using Fastmail to avoid Google is doing it wrong. You still access it through Chrome or Android, and anybody you communicate with who has an @gmail.com address would be giving the entire conversation away to Google's scans.


Yep, that's part of the problem. If a large portion of your associates are on google, it's going to be very difficult not to send the data to all-seeing google. GPG helps, but it seems to fit in the "too little too late" category and has never managed to reach critical mass. Ironically a company like google has enough clout to make GPG a universal defacto standard, but at the same time their business interests are maligned with it.

but it was the lack of support (long story that I'm not going to repeat here due to probably forgetting half of it and then everybody going to try to nit pick the story like they were there) that lead to me going to Fastmail exclusively.


They don't want to spend any money on service, and it shows. That's google's business model. No seriously, making it extremely difficult to get service is by design.

Reply Score: 4

RE[2]: FM.fm
by nesur on Tue 9th Aug 2016 02:33 UTC in reply to "RE: FM.fm"
nesur Member since:
2005-07-07

Interesting, I might try Fastmail.

I have been using namecheap's email service (privateemail.com). I know it's not very private being in the US, but still I was tired of having everything in gmail. I took me a few months to complete the transition, but I like it a lot. It's based on openxchange, so I get EAS on my phone (so I can use Nine in Android, the best client I've seen on a phone). On my desktop I use Thunderbird with IMAP. In the rare event I need to use the web interface, it's actually very pleasant to use.

I just wish they had stuff like 2FA.

Reply Score: 2

RE[2]: FM.fm
by joekiser on Tue 9th Aug 2016 04:21 UTC in reply to "RE: FM.fm"
joekiser Member since:
2005-06-30

They don't want to spend any money on service, and it shows. That's google's business model. No seriously, making it extremely difficult to get service is by design.


You know what I was just thinking? I would gladly pay a monthly fee to have on-demand support for Google products and to get rid of all the tracking and advertisements. I already pay something like $10/month for the ad-free Youtube thing.

Maybe $20/month, no ads on my cell phone or in the browser, no scanning my emails/Google Drive docs or selling my info to trusted partners, and a number that I can dial for any support issues. Just a quick search revealed that they did an invite-only demo of this back in 2014; no idea if that is still available now.

Google, please tell us what the break even price for such a service would have to be.

Reply Score: 3

RE: FM.fm
by ssokolow on Tue 9th Aug 2016 04:52 UTC in reply to "FM.fm"
ssokolow Member since:
2010-01-21

You still access it through Chrome or Android


Speak for yourself. I may not have finished my preparations to self-host my e-mail yet (I have a specialized milter I want to write), but I run Firefox on both my desktop and my OpenPandora palmtop (which runs a custom variant of Ångstrom linux).

That's what I've almost always done. I migrated off Internet Explorer to pre-1.0 Mozilla Suite, followed it through to Firefox (switching to Linux along the way), spent a little time on Chrome around Firefox 2.0 era when it finally came to Linux, and then switched back to Firefox because the extension API was too crippled. Since then, Chromium has only been present on my machine for testing websites I develop.

Edited 2016-08-09 05:09 UTC

Reply Score: 2

RE[2]: FM.fm
by dionicio on Wed 10th Aug 2016 20:41 UTC in reply to "RE: FM.fm"
dionicio Member since:
2006-07-12

A long time making the effort to stay out of The Fields, ssokolow.

Reply Score: 2

RE[2]: FM.fm
by dionicio on Wed 10th Aug 2016 20:46 UTC in reply to "RE: FM.fm"
dionicio Member since:
2006-07-12

Started with 0.X Opera, old Opera. Attached to an ancient UK magazine.

Reply Score: 2

Hosting Independently
by Alfman on Mon 8th Aug 2016 21:37 UTC
Alfman
Member since:
2011-01-28

If people are serious about leaving gmail over privacy, I think indy hosting should be on the list. Unlike most new services coming out, I'm thankful that email is federated. Admittedly it takes some effort to set up and get everything working correctly, but once it's up and running it doesn't need much maintenance and you can't beat it for privacy.

Reply Score: 3

RE: Hosting Independently
by cpuobsessed on Mon 8th Aug 2016 21:43 UTC in reply to "Hosting Independently"
cpuobsessed Member since:
2009-06-09

Zentyal comes with a *.zentyal.me domain and complete groupware suite. I've been using the Zimbra suite for a few years, takes a little more work than Zentyal
https://www.zimbra.com/open-source-email-overview/
http://www.zentyal.org/server/

Reply Score: 2

Run your own mail server
by laffer1 on Mon 8th Aug 2016 22:20 UTC
laffer1
Member since:
2007-11-09

Another option if you really care about privacy is to run your own mail server.

Advantages:
1. Emails between family stay private (it's on your mail server) With TLS enabled, you and your family can communicate privately without spying eyes.
2. You can tune spam filtering to your tastes
3. Your little server isn't as juicy a target as Gmail, etc.
4. unlimited disk space (up to what you can afford) I had 20GB of email way before Gmail
5. Works with mailing list software. This can be useful for many things.
6. Your email address never needs to change. Providers like hotmail, gmail and so on aren't guaranteed to last forever. You may lose your email address. If you buy your own domain, it's yours. I've had the same address since 1998.

Disadvantages:
1. Large providers are colluding to block mail from small mail servers thinking it's all spam.
2. Lots of sys admin time to set it up and periodic work to maintain spam filtering at acceptable levels.
3. Blacklists - sometimes you get flagged because someone marked something junk in one of the big providers. Bad security can cause this too
4. Security patches need to be kept up to date and you have to watch for malicious activity.
5. Network traffic is a lot more than you think it's going to be with all the spam sent. Even if you reject it or filter it, it's still traffic.

Reply Score: 7

RE: Run your own mail server
by WorknMan on Tue 9th Aug 2016 00:05 UTC in reply to "Run your own mail server"
WorknMan Member since:
2005-11-13

Another option if you really care about privacy is to run your own mail server.


If you REALLY cared that much about privacy, why use a communication medium (email) that is inherently insecure in the first place? I mean, it's plain text, for christ's sake.

Reply Score: 1

RE[2]: Run your own mail server
by Alfman on Tue 9th Aug 2016 00:43 UTC in reply to "RE: Run your own mail server"
Alfman Member since:
2011-01-28

WorknMan,

If you REALLY cared that much about privacy, why use a communication medium (email) that is inherently insecure in the first place? I mean, it's plain text, for christ's sake.


I'd be interested in hearing other people's opinions about binary versus text protocols, but that in and of itself doesn't imply something is secure or not. The SMTP protocol is text, so is HTTP, both can use crypto with certificates. Email can use GPG on the client to keep message contents private even from the server admin. The problem isn't that these aren't available, it's that they're not default and not enough people use them.

If anything I think this move toward web apps makes security much more challenging because HTTPS only protects the transport between you and the server, virtually nothing is kept secret from the service provider.

Edited 2016-08-09 00:45 UTC

Reply Score: 2

RE[3]: Run your own mail server
by l3v1 on Tue 9th Aug 2016 09:39 UTC in reply to "RE[2]: Run your own mail server"
l3v1 Member since:
2005-07-06

The problem isn't that these aren't available, it's that they're not default and not enough people use them.


It's OT, but this just reminded me, that one of our business partners actually has a setup where they reject GPG-signed (not even encrypted, just signed) e-mails. I only send signed work-related e-mails for many many years now, and it's sad that not everyone does the same, but this was my first time that I actually ran into someone actively blocking it :[ A cure for stupidity might be more important than for cancer...

Reply Score: 3

RE[2]: Run your own mail server
by WereCatf on Tue 9th Aug 2016 01:28 UTC in reply to "RE: Run your own mail server"
WereCatf Member since:
2006-02-15

I mean, it's plain text, for christ's sake.


No. Email-traffic between any properly-configured servers is protected by SSL/TLS these days, just like HTTPS is HTTP protected by SSL/TLS. Sure, if the destination-servers you're sending email to don't support SSL/TLS then the protocol falls back to plain-text, but many/all of the big ones, like Google, Microsoft and Apple, do support it, and many smaller ones do it these days, too.

I mostly just use my email for receiving mail, but I haven't seen a server in ages now that didn't support SSL/TLS.

Reply Score: 6

RE[2]: Run your own mail server
by fmaxwell on Tue 9th Aug 2016 06:17 UTC in reply to "RE: Run your own mail server"
fmaxwell Member since:
2005-11-13

"Another option if you really care about privacy is to run your own mail server.


If you REALLY cared that much about privacy, why use a communication medium (email) that is inherently insecure in the first place? I mean, it's plain text, for christ's sake.
"

Because plain text sent to my locally hosted server is completely secure. No one is trying to intercept my email as a man in the middle attack.

Reply Score: 1

RE: Run your own mail server
by Wondercool on Tue 9th Aug 2016 10:54 UTC in reply to "Run your own mail server"
Wondercool Member since:
2005-07-08

I have tried to setup my own mail server a couple of times but never got very far (and I am quite technical).

Do you know any good guide that also guides you through firewalls, setup with sqlite rather than mysql/postgress and how to handle MX records, host files etc?

I remember looking at an Ubuntu guide and scratching my head on the first couple of lines.
It said to name my server something like mail.wcool.org. Does that clash with wcool.org if I want to run a webserver on the same server? It doesn't describe the consequences, just the steps.

Also how reliable has your mail server been?

Would really love to do this though.

Edited 2016-08-09 10:55 UTC

Reply Score: 2

RE[2]: Run your own mail server
by Alfman on Tue 9th Aug 2016 12:43 UTC in reply to "RE: Run your own mail server"
Alfman Member since:
2011-01-28

Wondercool,

I have tried to setup my own mail server a couple of times but never got very far (and I am quite technical).

Do you know any good guide that also guides you through firewalls, setup with sqlite rather than mysql/postgress and how to handle MX records, host files etc?


I'm sure they are out there, but off the top of my head I don't really know of one. And from experience I know that getting everything running well initially and diagnosing problems can be challenging particularly with the more sophisticated setups involving SPF/SRS.


Also how reliable has your mail server been?


Once setup it generally runs itself, although I use third party spam blacklisting. That's not something I would inhouse because I think it would be a full time job.


Would really love to do this though.


I'd be willing to help if you want.

Edited 2016-08-09 12:45 UTC

Reply Score: 2

Wondercool Member since:
2005-07-08

Thanks for that Alfman

I hope I can make some time in the comings weekends to give it another go and if I am stuck I will contact you.

Reply Score: 2

RE[2]: Run your own mail server
by laffer1 on Tue 9th Aug 2016 13:24 UTC in reply to "RE: Run your own mail server"
laffer1 Member since:
2007-11-09

I've had a few problems with mail delivery to specific servers over the years because of the address space (use comcast busniess and run it from home on static ips). Most people would probably just get a virtual private server or aws ec2 or something and that would be fine.

I'm at a loss with the mysql vs sqlite comments. While some mail servers and web mail programs require storing settings or data in a database, it's not required for most SMTP/IMAP setups.

Here are the parts you need:

1. DNS. This can be something like BIND or you can use a hosted DNS solution like amazon's route 53 which is web based. A mail server needs an A record and a MX record. The MX record announces where to deliver mail and that's about it. I read DNS & BIND which is a good book and covers MX records well.

2. SMTP software. I used sendmail because it was considered good at the time. Now most people setup with postfix. There are many guides on this subject and postfix is a bit easier to configure than sendmail. There are also tons of books on this.

3. IMAP or POP software. Personally, I always like IMAP and that's what you get by default with Google. I recommend Dovecot for IMAP or POP3 software. It's reasonably easy to configure. It works with all common SMTP servers too.

4. Optional: spam filtering. I use spam assassin which is a perl program. It can be complex to setup but once it's working it's ok. This can use a database or files for configuration. I did it with files.

5. Optional: Web mail. This allows you to check your email from a browser. If you do this, please use a SSL/TLS certificate with it. For simple mail setups, i use squirrelmail. Roundcube is a good choice for a more modern web mail interface, but it requires a database. Both need php

6. Optional: antivirus. I have clamav setup with a milter (plugin) in sendmail. There are other ways to use it and depending on OS, you may have commercial AV available too.

7 Optional but recommended: TLS/SSL certificates for dovecot and your SMTP server. These can be generated with openssl or you can buy one. Many people just generate a self signed cert and they work ok with most email clients. If you use Macs, you have to get it to trust your cert so you don't get prompted all the time in Mail. The certificate should be configured for the mail server domain name e.g mail.foo.com. It's a good idea to name the box the name that you publish for your MX record. it also does not have to be named mail.

8 optional: greylist milter or similar. There are many add-ons for mail servers that can do different filtering. greylist delays accepting mail to stop spammers. It makes any domain wait. The problem is that if a service uses a lot of servers, it won't come in. Facebook is a problem for instance. it will cut spam a lot but at a cost of mail you may want.


You're right there is a lot to learn, but you don't have to do all of it at once. It's also much easier now with services like amazon web services and azure. You can actually get a server running half the software, and setup dns from a browser.

You need the DNS, SMTP and IMAP to get started. Everything else is an add on and you can do it over time.

Reply Score: 4

RE[3]: Run your own mail server
by Alfman on Tue 9th Aug 2016 14:47 UTC in reply to "RE[2]: Run your own mail server"
Alfman Member since:
2011-01-28

affer1,

2. SMTP software. I used sendmail because it was considered good at the time. Now most people setup with postfix. There are many guides on this subject and postfix is a bit easier to configure than sendmail. There are also tons of books on this.


SMTP is one of those things where it's difficult to know what software to choose. I used postfix for a while because it came with the default install, but I found it to be heavy on resources. It can spawn thousands of processes if you are sending email in large batches, you can set a hard limit on processes but then the emails start to queue and don't make efficient use of the network. None of this matters in personal cases like this though and in the end they are all viable.


8 optional: greylist milter or similar. There are many add-ons for mail servers that can do different filtering. greylist delays accepting mail to stop spammers. It makes any domain wait. The problem is that if a service uses a lot of servers, it won't come in. Facebook is a problem for instance. it will cut spam a lot but at a cost of mail you may want.


IMHO this technique isn't very good because the costs outweigh the benefits. In theory it's argued that spammers will give up on slow connections, but I don't know if that assumption carries any weight. On my servers I've never seen additional delays cause disconnects, spammers or otherwise. Now this might be simply because other blacklists preemptively filtered these guys out, but regardless it doesn't seem to be useful and it can hurt legitimate but inefficient SMTP servers that fork per connection far more than spammers with software optimized for spamming.

Consider that the cost of keeping a socket open and idle in custom spam software is negligible. With a few dozen bytes you can park an idle socket using epoll with almost no overhead under a modern linux kernel. A spammer using efficient software is not going to flinch at the delays.

Another technique I've seen is for some SMTP servers (google in particular) to abort email sessions and wait for the email to get resent automatically. I think this is more likely to be effective against spammers than a simple delay because they might not be programmed to retry the way a legitimate SMTP daemon would. Although a competent spammer should be able to handle this case as well, in which case you've added alot overhead for yourself without stopping the spam.

IP based blacklisting is pretty effective and spam is kept to a minimum that way, but I really wonder about the feasibility of blacklisting in the future with ipv6 where the address space would technically allow for a new IP for every email.

Edited 2016-08-09 15:01 UTC

Reply Score: 3

RE[4]: Run your own mail server
by ssokolow on Tue 9th Aug 2016 20:06 UTC in reply to "RE[3]: Run your own mail server"
ssokolow Member since:
2010-01-21

The approach I'm planning to self-host to enable is a setup where I dedicate an entire subdomain to myself and then assign each sender a specific incoming alias to act as a revokable API key, restricted to their SPF-verified From address.

(eg. That way, I can bounce any mail resulting from eBay sellers adding PayPal or eBay addresses to their mailing lists without asking.)

Much more deterministic than traditional spam filtering and, if I implement it properly, it should ALSO have greater accuracy.

Edited 2016-08-09 20:08 UTC

Reply Score: 2

justanothersysadmin Member since:
2011-06-09

I went that route initially with per-sender aliases. It becomes a bit of a bitch to maintain, as it's just one more step to do when e.g. signing up for a service, or especially if providing an email address in person for something (at a doctor's office or whatever). In those cases, I basically have to ensure I set up the alias when I get home before they might actually email me.

I bailed on that and just used plus-addressing now by default. It's not a true alias, but at least enough of a deviation to be able to filter on. Sure: sender's could get wise to it and write parsers to strip plus-addressing out and hit the bare local part, but plus-addressing is such a tiny minority on the web that I doubt the likelihood of that.

The annoying part of that is web devs that use braindead JS libraries for email address validation and tell you that an address with a '+' in it is invalid. Read the damned RFCs, lazy punk! And get off my lawn!

Reply Score: 1

RE[6]: Run your own mail server
by ssokolow on Sat 13th Aug 2016 09:30 UTC in reply to "RE[5]: Run your own mail server"
ssokolow Member since:
2010-01-21

I went that route initially with per-sender aliases. It becomes a bit of a bitch to maintain, as it's just one more step to do when e.g. signing up for a service, or especially if providing an email address in person for something (at a doctor's office or whatever). In those cases, I basically have to ensure I set up the alias when I get home before they might actually email me.

I bailed on that and just used plus-addressing now by default. It's not a true alias, but at least enough of a deviation to be able to filter on. Sure: sender's could get wise to it and write parsers to strip plus-addressing out and hit the bare local part, but plus-addressing is such a tiny minority on the web that I doubt the likelihood of that.

The annoying part of that is web devs that use braindead JS libraries for email address validation and tell you that an address with a '+' in it is invalid. Read the damned RFCs, lazy punk! And get off my lawn!


I currently use SpamGourmet for my unimportant stuff and a paid MX-level forwarding service for my important stuff, so I know how much friction is dependent on UI design.

My plan is to whip up a quick Firefox extension analogous to a password manager where "Create new alias for this site and paste" is added to the context menu for text fields.

The alias would then be in a sort of "training mode" for the first 48 hours or so where, if the first message which arrives isn't from the expected domain, the system will assume the site is using a secondary domain for mail exchange and update its records.

Edited 2016-08-13 09:32 UTC

Reply Score: 2

justanothersysadmin Member since:
2011-06-09

I have tried to setup my own mail server a couple of times but never got very far (and I am quite technical).

Do you know any good guide that also guides you through firewalls, setup with sqlite rather than mysql/postgress and how to handle MX records, host files etc?


There used to be a great "getting started" guide at http://www200.pair.com/mecham/spam/spamfilter2.html that I used years ago. That doesn't appear to be up anymore, but I had a copy of the raw HTML and pulled together copies of some of the referenced config files and scripts and have posted a copy to https://bamboo.slabnet.com/~hslabbert/spam/spamfilter2.html

Note that guide should be used only as a "getting started" / reference guide, and not considered complete, as some of the info is quite old. Still, it runs through the concepts and provides good defaults in terms of configs, and I found it very helpful as a reference guide.

Ars also had a decent series on this a while back:

http://arstechnica.com/information-technology/2014/02/how-to-run-yo...

Also:
You don't need a database to run a mail server. You can use one of it you want to, e.g. for spam retention/training/etc. or more generally for webmail config data, but you really don't need to.

I remember looking at an Ubuntu guide and scratching my head on the first couple of lines.
It said to name my server something like mail.wcool.org. Does that clash with wcool.org if I want to run a webserver on the same server? It doesn't describe the consequences, just the steps.


No. You can have multiple FQDNs pointing at the same server; that doesn't cause any problems. So, wcool.org, www.wcool.org, mail.wcool.org, and somerandomname.wcool.org can all resolve to the same IP and server. Also: Web servers run on TCP port 80 (HTTP) and/or 443 (HTTPS). Mail servers run on TCP ports 25 (SMTP MTA) along with any of 110 (POP), 143 (IMAP), 465 (SMTPS submission), 587, and/or 993 (IMAPS). If you want to run webmail on the same box, then generally you would either stack that on a different IP on the same server, do it on the same IP and server but with e.g. HTTP only on the regular web page and HTTPS only on the webmail site, or run it as a subdirectory on the same mail server, e.g. regular web is at http(s)://www.wcool.org, with the webmail at http(s)://mail.wcool.org, with both of those resolving to the same IP/server.

Also how reliable has your mail server been?


There are occasional issues, but nothing major. You can't just completely forget about it.

Personally, the bigger issue I had on my personal mail server was around some openldap issues that broke authentication and recipient verification. Aside from that, there was an Ubuntu server amavisd packaging issue at some point that meant I had to put a workaround in place, updates for a set of custom clamav rules I was referencing was no longer available to I had to tweak that, but I think that's pretty much it.

That all said, my background is in the sysadmin world and I currently still work in the neteng space, and I spun this up to keep a pulse on little bits and pieces in the mail world. My setup is also a bit more involved (e.g. ldap for central auth; SPF/DKIM config'd properly; dual stack; did have access to personally set PTR records for v4 and v6; groupware/PIM with horde set up with caldav/carddav; etc.).

Would really love to do this though.


Personally I think we need less centralization and to make this more accessible. I think it's a bit of an uphill battle, but a more decentralized set of federated protocols is good for the Internet as a whole.

Reply Score: 1

justanothersysadmin Member since:
2011-06-09

Also:

There is TLS wherever feasible (though I still need to get to DNSSEC, TLSA and DANE), DKIM in place, and I sign every email I send with PGP using a published key unless there is some recipient-side issue preventing it. Does that mean people actually send me encrypted email? Very rarely, but we do what we can ;)

Reply Score: 1

justanothersysadmin Member since:
2011-06-09

The original author replied to me; they've moved the content to:

http://verchick.com/mecham/public_html/spam/ or more specifically to http://verchick.com/mecham/public_html/spam/spamfilter20110303.html

Reply Score: 1

RE[3]: Run your own mail server
by Alfman on Sat 13th Aug 2016 02:29 UTC in reply to "RE[2]: Run your own mail server"
Alfman Member since:
2011-01-28

justanothersysadmin,

It's nice to hear from others who do this too.

Personally I think we need less centralization and to make this more accessible. I think it's a bit of an uphill battle, but a more decentralized set of federated protocols is good for the Internet as a whole.


Wholly agree. Less centralization is important to the survival of the internet as a democratic medium (ie in the hands of people and not just powerful corporations). Federated protocols are ripe with innovative potential, even for commercial use. But the trouble is that every significant internet shaper is shaping the internet towards centralized services to reinforce their business models. Consequently federated protocols are stagnating. I feel like I'm loosing out both as a consumer and as an admin.

Reply Score: 2

Comment by Orisai
by Orisai on Tue 9th Aug 2016 04:53 UTC
Orisai
Member since:
2012-06-18

Privacy conspiromaniacs will be happy to make the switch

Reply Score: 1

Not secure unless everyone is
by nojiz on Tue 9th Aug 2016 07:30 UTC
nojiz
Member since:
2016-08-09

When I tell people using "secure mail" the following obvious fact, their head turns green.

Fact: Every mail you have in your secure mailbox also resides at least one more place (the recipient or sender), but usually three more places (you and your peers account on some mail provider server, typically replicated across the world)

Reply Score: 1

Administering my email server sounds scary
by benoitb on Tue 9th Aug 2016 12:18 UTC
benoitb
Member since:
2010-06-29

Spam, downtime, getting my mail blocked because I'm too small.

I host quite a lot of services for myself but I never hosted my email myself. Should I ? If so, what is a good guide with best practices (I use Debian, have my own domain and a public IP address) ?

Reply Score: 2

justanothersysadmin Member since:
2011-06-09

Spam, downtime, getting my mail blocked because I'm too small.

I host quite a lot of services for myself but I never hosted my email myself. Should I ? If so, what is a good guide with best practices (I use Debian, have my own domain and a public IP address) ?


Above at http://www.osnews.com/permalink?633061

Unless you have a sysadmin background and experience running a mail server, dealing with DNS, etc., you may want to take a pass, though. I heavily support a greater number of smaller servers than a select few clusters of Internet giants, but mail is a bit of a spacial animal.

Likely you won't have issues receiving email, but unless PTR records, SPF, DKIM etc. are acronyms in your vernacular, you may have a hard time with having your email be reliably accepted.

Reply Score: 1

Proton Mail
by 4nntt on Tue 9th Aug 2016 14:20 UTC
4nntt
Member since:
2009-02-12

Does anyone here use ProtonMail for secure communication? I was wondering how their service is, and how it works with people not using Proton Mail.

Reply Score: 1

Just moved (almost!) everything off Google
by Utumn0 on Tue 9th Aug 2016 16:32 UTC
Utumn0
Member since:
2016-08-09

... to my own VPS + Postfix + Dovecot setup. It took quite some time to configure Spamassassin (I got very surprised at the amount of spam I am getting, after all those years in GMail where that's not a problem!), get my IP off some blacklists, SPF, DKIM, set up a Web client (RoundCube), but now everything is working nicely ;)

Remaining problem: I still need to have 1 GMail account hanging around because I have uploaded quite a few videos to Youtube (AFAIK I need a GMail account to host videos in Youtube?).

I would like to completely nuke my connections to Google including Youtube. Question: what do you guys recommend instead?

Edited 2016-08-09 16:36 UTC

Reply Score: 1

Alfman Member since:
2011-01-28

Utumn0,

I would like to completely nuke my connections to Google including Youtube. Question: what do you guys recommend instead?


Youtube seems to get the lions share of visitors, but here are some others. Who knows, they might become more popular if the popular channels on go behind the youtube red curtain later this year. Apparently the motivation for that is to counteract all the adblocking users.

http://www.freemake.com/blog/top-7-free-video-sharing-sites/

Reply Score: 2

To host or not to host ...
by -pekr- on Tue 9th Aug 2016 19:04 UTC
-pekr-
Member since:
2006-03-28

I am debating myself if I should continue to host my own solution for ages. We are a small local wi-fi ISP (cca 800 clients) and of course we had to provide our own smtp server.

Man, what a journey it was. Endless times on the black list, because of the wrong settings, clients nervous, myself having headaches. So here we go ...

I always wanted to have some kind of ISP panel, so that more ppl from the company of my brother (after all, it is not a paid job for me) could admin new users, change settings.

Hence I tried ClarkConnect, which later on became ClearOS. Divorced with them, as those guys are crazy enough to claim, that if I want multi-domain setup, I should run multiple virtual servers. No, thank you. The other one, was/is a Zentyal. I really easily set-up, what I've needed. Well, those guys (or their investors) have changed the business plan - they started to remove module by module - FTP, Webserver, making it absolutly unacceptable for old-timers. It was like snap in the face. Instead they do provide MS like server, based upon Openchange, or something like that.

Well, we still run (on the older) Zentyal, using Thunderbirds or Roundcube webmail. No blacklist for few years (as we run on separate IP, implemented sfp records, etc.). I am still NOT a Linux/email expert. Proper email rules are a very sophisticated discipline, which should be treated with a respect.

Because of low volume we need, I am thinking to move my small server to Synology - it can host websites, including php, postfix, Roundcube is there, you've got it on a raid setup and have some home media server too.

But - when I am consulting some even small business clients, I warn them - you either have a proper IT guy/company knowing the email related stuff, or you can get burned! Clients want more nowadays - they want their calendar, share office files and want it being mostly failure free and reliable. I don't hesitate to suggest big guys - Google, Office 365. And the privacy factor? Come on ;-)

Sorry for the long post ...

Reply Score: 2

RE: To host or not to host ...
by Alfman on Tue 9th Aug 2016 20:05 UTC in reply to "To host or not to host ..."
Alfman Member since:
2011-01-28

-pekr-,


Because of low volume we need, I am thinking to move my small server to Synology - it can host websites, including php, postfix, Roundcube is there, you've got it on a raid setup and have some home media server too.


It's impressive what those cute boxes can do, I've use them for everything from serving files and VPN to VOIP, but all too often your options become very limited once the manufacturer stops supporting them. As much as I enjoyed hacking on the embedded NAS devices (in my case Buffalo Linkstations), nothing I did was scalable because the next model would be different. Sourcing and supporting old models is tedious and I just didn't have the time to fuss with it any more. Now I try to stick with PC hardware that I know can be supported out of the box with a stock distro and no fuss. It's not as cool, but I know I can be up and running again on nearly any generic PC.


But - when I am consulting some even small business clients, I warn them - you either have a proper IT guy/company knowing the email related stuff, or you can get burned! Clients want more nowadays - they want their calendar, share office files and want it being mostly failure free and reliable. I don't hesitate to suggest big guys - Google, Office 365. And the privacy factor? Come on ;-)


Hey I'm always looking for paying clients, I can do hosting and I can custom build you whatever you want ;) /plug

Reply Score: 2

RE[2]: To host or not to host ...
by -pekr- on Tue 9th Aug 2016 20:11 UTC in reply to "RE: To host or not to host ..."
-pekr- Member since:
2006-03-28

Thanks for the reply. You know - Synology is here for long. Not sure how stable their modules are, but ... Zentyal have changed in 2 years completly, ruining everything many ppl planned.

I simply don't belive in anything long term. Maybe to go with some Ubuntu LTS and hand tuning everything.

But then I am missing some GUI toolkit above it. I looked into the ISP panel for eg., but it seems kind of complicated - doing something in GUI, I always looked into configs, what did the GUI do underneath.

Maybe I should write those few of dialogs for my colleagues in some simple GUI creation language like Red for e.g :-)

Reply Score: 2

RE: To host or not to host ...
by dionicio on Wed 10th Aug 2016 21:32 UTC in reply to "To host or not to host ..."
dionicio Member since:
2006-07-12

Many, may years ago Suse Linux had an e-mail specialized distro. Full stack. They used to take care of a lot of the nuances, like Spam lists.

Reply Score: 2

e-mail @ serious issue...
by dionicio on Wed 10th Aug 2016 19:57 UTC
dionicio
Member since:
2006-07-12

e-mail has all of the characteristics to become the best battle front to define the future, at the Individual-Privacy|State-Security issue.

It is THE exemplar, by excellency.

Reply Score: 2