[RCU] Point of information

Oliver Welter mail at oliwel.de
Thu Feb 19 23:00:28 CET 2015


This is getting very off-topic, but I will try to explain.

1) If you just want to make your own mailserver that is "somewhat 
secure", any VPS or hosted solution will likely fit as long as you dont 
run any really confidential or illegal/abusive stuff. Choosing a 
provider in a state with friendly law (Germany, Swiss, Skandinavia) will 
give a bit better feeling. No provider will read you mail "for fun" as 
long as they are not visited by officials.

2) If you need to run a *really* confidential service, the "guys" will 
find ways to sniff your mail as long as you dont provide E2E encryption. 
Yes you are right, its a tedious task to push your contacts to use 
crypto, but its definitly the best chance to make it as hard as possible 
to any adversary.

regards

Oliver

Am 18.02.2015 um 12:49 schrieb jfmxl:
> Ain't that the truth. The difficulty is my correspondents. But it has to
> be done, doesn't it. And there's no time like the present.
>
> I guess a special gpg key-pair for each mail account, and a carefully
> crafted email containing the relevant public key together with a
> description of what to do with it, and how to reciprocate is the way to go?
>
> Do you have any experience to share in switching both yourself and your
> correspondents to encrypted email?
>
> Thanks for nudging me in the obvious direction.
>
> On 2015-02-18 13:51, Oliver Welter wrote:
>> Use Mail encryption, anything else is snakeoil as there are lots of
>> possibilities for others to get into your mail.
>>
>> Oliver
>>
>> Von Samsung-Tablet gesendet
>>
>> -------- Ursprüngliche Nachricht --------
>> Von: jfmxl <jfmxl at SDF.ORG>
>> Datum: 18.02.2015 02:40 (GMT+01:00)
>> An: Roundcube Users mailing list <users at lists.roundcube.net>
>> Betreff: Re: [RCU] Point of information
>>
>> I'll look into it. Although I have little to no money and no means of
>> paying for anything other than by international money order if I went
>> for this. I had a vps with ... what turned out to be viaverio, after
>> several rounds of merger ... for twenty years. But I never trusted
>> them
>> ... once it occurred to me to consider whether I did or not. Then I
>> could no longer afford them, or pay them in any case, anyway.
>>
>> Why should I trust FileMedia? If I could afford them. I'll try to look
>>
>> them up.
>>
>> What I have now is a shell account and limited webserver, and mail as
>> described, from this outfit, for a one-time fee of one dollar. I
>> bought
>> a buck and mailed it to him/them. I asked lots of questions, like are
>> you the NSA? Got zero answers. I have to assume it's an NSA honeypot.
>>
>> But so may FileMedia be. Well not a honeypot, but a 'cooperative'
>> commercial provider as are Google and the rest. At least the NSA won't
>>
>> bother to sell me out to the TNCs ... the sell-out traffic is all in
>> the
>> other direction.
>>
>> Maybe there's a way to run mail over i2p myself. I had a mail account
>> there ... still based on trust ... but one day they just just me down.
>>
>> No notice, no nothing. They're a pretty arbitrary bunch of geek
>> gatekeepers. And there's still the connection to the 'real' darpanet
>> to
>> negotiate.
>>
>> Oh well, there is no such thing as privacy, certainly not security,
>> any
>> longer in this web worldwide. I might as well stick with what I have.
>> With those bastards from the NSA looking over my shoulder. collecting
>> everything I do on the web 'for future reference'. At least with the
>> NSA
>> I'm not commercially compromised. Not so with Google.
>>
>> On 2015-02-18 07:59, Noel Butler wrote:
>>> Then get that unmanaged VPS, you will control it, although since
>> it's
>>> not located locally there still exists a small risk, I use FileMedia
>>> for my personal offsite, reliable, and friendly service, you can
>> then
>>> pop3 from it, keeping bulk of your mail local, and since you'd only
>>> need it for light storage, you could get away with the smallest
>> plan,
>>> you wont need bells and whistles.
>>>
>>> On 18/02/2015 10:17, jfmxl wrote:
>>>
>>>> Thanks for the advice. I tried to run my own mail server, tried
>>>> dynamic dns, but my ISP won't allow it, apparently. Couldn't make a
>>>> connection to an smtp port.
>>>
>>> _______________________________________________
>>> Roundcube Users mailing list
>>> users at lists.roundcube.net
>>> http://lists.roundcube.net/mailman/listinfo/users
>> _______________________________________________
>> Roundcube Users mailing list
>> users at lists.roundcube.net
>> http://lists.roundcube.net/mailman/listinfo/users
>>
>> _______________________________________________
>> Roundcube Users mailing list
>> users at lists.roundcube.net
>> http://lists.roundcube.net/mailman/listinfo/users
> _______________________________________________
> Roundcube Users mailing list
> users at lists.roundcube.net
> http://lists.roundcube.net/mailman/listinfo/users


-- 
Protect your environment -  close windows and adopt a penguin!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4074 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.roundcube.net/pipermail/users/attachments/20150219/7a3cec34/attachment.p7s>


More information about the users mailing list