Own email server on Rasp Pi and VPN

Discussion in 'privacy technology' started by InconspicuosName, Jan 14, 2016.

  1. InconspicuosName

    InconspicuosName Registered Member

    Joined:
    Nov 9, 2013
    Posts:
    8
    Location:
    EU
    Hi All,

    I've signed up to a higher-end VPN service for more secure & private browsing, but now I'd also like to pull all my emails off Gmail and run my own email server -- using a Raspberry Pi 2 running Raspbian, Postfix, Dovecot, and a few other elements (following this tutorial: https://samhobbs.co.uk/raspberry-pi-email-server). I do have a domain name. The idea is that I'll still be able to access and sync all my (15 years' worth of) email via IMAP from anywhere, 'dialling' into the always-on Pi.

    I'm a little confused how the whole routing thing is going to work. (Still a newbie here!) The Pi will be wired via Ethernet into my Asus RT-66U router, which itself is hooked up to my cable modem, and will be assigned its own static (local network) IP address, with all required ports opened on the router.

    Now I haven't setup the VPN yet, and I assume that sending email from my home network shouldn't be a problem. I would guess it would work something like that:

    Email client on Laptop > Router In > Raspberry Pi > Open VPN > Router Out > Modem > VPN > Internet

    My questions concern the incoming mail:

    1. With the VPN I'll have a changing IP address, so how will emails ever find their way to my Pi if there's no fixed IP?

    2. Do I have to specify my actual (ISP-assigned) IP address? (But wouldn't this completely defeat the purpose?)

    3. Does port forwarding come into play, and if yes, how?

    4. What do I do about the MX record?

    5. And lastly, if for whatever reason the Pi (or my broadband connection) is down and I'm on the move, can I specify another email server (even if hosted on my webspace provider) as a backup? (I presume I'll just need to create a second MX record, correct?)

    Is it actually possible? :)

    Apologies if I'm not making any sense. If I'm missing the glaringly obvious, just tell me to do more of my homework (or perhaps point me to a tutorial with a similar scenario)!

    Cheers.
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    I'm no email expert, but you will need a fixed IP address, and a reachable port. Some VPN services allow port forwarding, but getting port 25 will be very hard. Maybe if you get a dedicated exit IP, but then there's no crowding. There's also the issue that Google, Yahoo, etc may not talk to your mail server.
     
  3. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,150
    Location:
    UK
    I'm not clear why you'd go to this trouble when email is fundamentally broken from a privacy POV. You're normally going to be communicating with other MTAs, and it's not easy to obfuscate source/destination and subject, and you're subject to other peoples' security and privacy expertise.

    There are other server types that would offer more functionality if you're talking about a closed user group or something.

    On top of that, because of the issues of spam, pretty much all providers will want to know who you are, you will need an account.
     
  4. InconspicuosName

    InconspicuosName Registered Member

    Joined:
    Nov 9, 2013
    Posts:
    8
    Location:
    EU
    Hi mirimir and deBoetie,

    Thanks for your comments. Yes, I'm kinda having second thoughts on this myself. The main reason really for my own mailserver is to avoid storing 15 gigs' worth of email in the cloud, especially on US or UK servers, such as on Google's (bless them). It's not so much the emails that can be intercepted whilst in transit, more like it's being analysed when stored. (Then again, having entrusted all my mail to Gmail five years ago, it's a little too late to worry about that now.)

    I'm aware it's probably too much trouble and I might as well find a 'secure' cloud server with encryption.

    Thanks anyway!
     
  5. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,150
    Location:
    UK
    Well, 15 G ain't what it used to be, if stored locally. You should be able to retrieve the Gmail stuff using IMAP to a local email client store (no server required), although the horse has bolted some while ago from the analysis point of view, as you noted. Then, you have various future options for messaging depending on your correspondent's abilities!
     
  6. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    Download 15Gb worth of email to an IMAP database using Outlook. Store the pst file some place safe and delete from the cloud. You can always import a pst into Outlook.
     
Loading...