my own email server

Discussion in 'privacy technology' started by lurningcerv, Jan 15, 2014.

Thread Status:
Not open for further replies.
  1. lurningcerv

    lurningcerv Registered Member

    Joined:
    Dec 27, 2011
    Posts:
    87
    I have read that some people run their own email server. Is there any advantage to doing that? I would think it would give you more control over your emails than having them first go to a third party's (like Google's or AOL's) server and then downloading them. But I'm also seeing some disadvantages, such as if you run your own email server
    1. apparently you have to have your own domain
    2. ip address would appear in the header of all outgoing emails
    3. you would need to publicly register your mx domain (I'm a little unclear on this, I'm thinking your your mx domain then be associated with your own ip address?)

    Is there a way to run your own email server without broadcasting the location of your own computer to the world?
     
  2. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    1. No. Just sign up for a dynamic DNS service and they will give you a "domain" name (it's actually a host name) that you can receive mail to. Ie. xxx@xxx.no-ip.com The "no-ip" part can be different, based on what they offer for options.

    2. Maybe. Depends on what options your email server offers. Mine strips source IP.

    3. You need an MX record, but it isn't tied to your IP (kind of). No-IP gets updated with your IP address from a client or service running on your server (it has to, to be able to find you), but the MX record is just your xxx.no-ip.com name.

    What you forgot:

    4. If your ISP blocks port 25 (HIGHLY LIKELY these days) you will need a mail forward service. Again, No-IP has a mail reflector service that will send incoming email to any port you want. I set my server to listen on 587 for incoming mail.

    **Note** If you don't want to setup a domain, you need to contact No-IP customer support, and have them set the mail reflector to your dynamic dns host name. You can't do this from the website, as they assume that if you are running email, you have a domain. This may have changed, but check first. It took about 10 minutes after I sent the support request.

    5. Sending Mail: Again, 25 is probably blocked. You can use any web host you currently have, to send through, as a "Smart Host". But, since this is about privacy, I'd see if you can get an account on a privacy friendly site, to send through.

    Sounds like a lot, but it's fairly easy. You can look at Axigen or hMail for free servers, or buy one, like Ability. Make sure they offer top notch TLS connection features. Cost is anywhere from $30 for just the services with a free server, to about $150 if you buy a server.

    Why? No one can go through your mail without you knowing. You can shut the server down any time you want, and dismount the TC container it's running on. Serving an administrative subpoena on a private citizen isn't a rubber stamp from a web interface. You are still susceptible to sniffing off the wire of course.
     
  3. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    Is anyone familiar with business class Internet access and the options WRT utilizing multiple IP Addresses? I'm curious to know if it would be possible to have a business class static IP Address (for server, no port blocking, not listed in DUL RBLs) while also having a pseudo-dynamic IP Address that you can make change when you want to (for other Internet activity). Could those coexist on cable? FIOS?
     
  4. lurningcerv

    lurningcerv Registered Member

    Joined:
    Dec 27, 2011
    Posts:
    87
    Thank you to those who replied.
     
  5. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    There are some other options which may or may not fit in with your objectives: cloud server, non-cloud VPS, leased dedicated server, collocating your own server. In such cases your server would end up on a different network and there would be no issues related to sharing an Internet connection for both server and personal use.

    Email is rather insecure and non-private to begin with :( Many individuals and companies don't run their own servers so even if your end is totally private the other end often won't be. Many individuals and companies use servers which don't support STARTTLS and that makes their email (which may be your email too!) open to passive sniffing while in transit between servers. Even end-to-end encrypted email exposes some metadata to servers that process it. A privacy/security oriented person would naturally gravitate towards running their own email server on their own hardware on their own premises. However, after factoring in the broader realities and what specific kinds of email they personally deal with, such a person *might* decide to run on someone else's hardware/hypervisor.
     
    Last edited: Jan 16, 2014
Loading...
Thread Status:
Not open for further replies.