[ art / civ / cult / cyb / diy / drg / feels / layer / lit / λ / q / r / sci / sec / tech / w / zzz ] archive provided by lainchan.jp

lainchan archive - /sec/ - 2089



File: 1477567771007.png (1.57 MB, 300x198, ry81RK0.png)

No.2089

i'm toying with the idea of running a clone of something like riseup or cockli on my own colocated hardware.

anyone have any advice or interest in the topic?

  No.2098

Keep in mind that most mainstream providers will discard every mail you send as spam.

  No.2102

>>2098
Is cock.li discarded as spam by Gmail?

  No.2103

>>2102
as far as I remember (I tested it on a throw-away gmail account months ago), yes

  No.2104

>>2103
>>2102
curious to see the results here.

  No.2128

What about a privacy focused XMPP / Jabber server to go along with your email server? Setting up the server itself is pretty easy with postfix.

  No.2130

pretty much don't do it.

being an e-mail provider is paywalled because all of the biggest email groups use ptr record lookups and automatic range bans to blacklist all isps, smaller registrars and pretty much everyone

  No.2132

>>2128
i will actually be running a matrix.org instance

  No.2133

There's a lot of bad information in this thread.

It is quite possible to host your own email server on collocated equipment, or even a VPS.

I used the guides published by St├ęphane Caron:

https://scaron.info/blog/debian-mail-postfix-dovecot.html
https://scaron.info/blog/debian-mail-spf-dkim.html

to set up Postfix and Dovecot, and to get everything working with DKIM and SPF. I am able to send emails to Gmail and other major providers, and my emails pass all of the tests at the services Caron links to.

A few caveats:

1. I said it was "quite possible", not "quite easy". Getting everything set up is a bit of a pain in the ass, and you WILL have to modify the instructions in Caron's guides if you're using anything other than Debian or perhaps Ubuntu. In addition, depending on your domain registrar, host, and DNS situation, you may have to fiddle with your DNS setup to get it to work. I have to host my own BIND server to get everything to work.
2. Running any machine with internet-facing daemons is a pain in the ass. The internet is a nasty place.
3. This probably won't work from a home connection. Most ISPs block port 25 and other mail ports on consumer lines.
4. If you allow other people to use your service, and you are not diligent about clamping down on abuse, emails from your service will eventually be filtered or blocked by most email providers, even if you have DKIM and SPF set up and you're otherwise doing everything right.

If you've never hosted an email server before, try that for just yourself and perhaps a few friends before offering a service that might become difficult or expensive to run.

  No.2134

>>2133
sweet, thanks for the info

I was planning on using dovecot and opensmtpd

what's the difference with say, exim and postfix?

  No.2135

File: 1477633267607.png (4.86 MB, 200x112, ainsleyspoopy.webm)

>>2134

I've never used exim, but I'm sure Caron's instructions could be adapted to it or other SMTP daemons.

I used OpenSMTPd a few years ago on Linux. At the time, I thought that the documentation was poor, and I had a difficult time getting it to behave correctly, and actually ran into a couple of portability bugs. If I ran OpenBSD, I'd probably use OpenSMTPd, but the "portable" versions of software from the OpenBSDsphere are, frankly, not up to snuff when compared to the native OpenBSD versions. I've also had problems with the portable OpenSSH on Linux, for example, although to be fair, it was with new features (albeit in a released version, not a CVS version). Again, this was several years ago, so it may no longer be relevant information.

You might also want to check in to the support for virtual users and database backends for the various SMTP daemons, too. I know that Postfix, for example, supports virtual users with a MySQL or sqlite backend.

  No.2138

>>2130
> all of the biggest email groups use ptr record lookups

This.

If you get (the right) tiny soykaf ISP they will set up a PTR record for free. Otherwise, you probably have to pay for business class internet or else you're fuarrrked and can't email half of the world.

  No.2147

>>2130
even the MIT was blacklist for spam IIRC

  No.2160

>>2138
how to social engineer soykafty isp into free ptr record?

  No.2176

>>2102
not that I know of, I've always gotten my mails
>>2130
gmail and outlook have always accepted my mails from vps-hosted email servers, so I dunno what you're talking about

  No.2179

Hope you like dealing with law enforcement.

  No.2180

File: 1477853575287.png (402.42 KB, 200x150, image.png)

>>2179
This more than anything.

You'll lose all anonymity by default, and you'll have to fuck around with court orders and such.

  No.2187

>>2176
>vps hosted email
lol whats even the point? there's no privacy in that.

  No.2191

>>2187
>lol whats even the point? there's no privacy in that.
This.

  No.2192

I had some really stupid ideas for an alternative to email, most of these are extremely limited, not really possible due to current tech or physical issues, or just as I said, stupid.

One idea I had was a robot courier. At first I thought I would just write a note on a piece of paper and then give it to the robot who travels to a set location but then if someone attacks the robot and steals the paper then the attacker will know I'm asking my grandma to lend me a cup of sugar. So what if I type out the message on an encrypted harddrive which is airgapped to any network and then I type the location it needs to stop at. Then the person who is receiving the message would verify themselves with the robot with a predetermined password. Only real issue with this is time, in the time it takes to send a robot to travel across the country or even to the other side of the city I live in to send a message, I could have just walked to my neighbor to get some sugar or drove to the store.

  No.2194

>>2192
LOL jesus christ anon

  No.2196

>>2194
Funny, that's the response I get from my family whenever I get a more... out there idea.

  No.2304

>>2098
Not if you do the necessary changes like automatically signing e-mail with opendkim.

Send an e-mail from your server to this server
https://www.mail-tester.com/

It will tell you the necessary steps for your mail to stop being labeled as spam. It's kind of tedious but if you want your own mail server it's worth it.

  No.3920

>>2103
no it isn't. I just tested it with my cock.li email

  No.3929

>>2089
Here is Neutron, a third-party ProtonMail clone made by a ProtonMail developer: https://github.com/emersion/neutron.

  No.3931

File: 1485820070446.png (214.32 KB, 200x119, Stamping the pigeons wings.jpg)

>>2192
Your hole is deep - you may as well use line of sight long range IR lasers (& relays?) for your data transmission needs... I doubt they will ever be detected or intercepted (still encrypt tho, just to be safe). - or pic related?

Good luck anon

  No.3932

>>2192
This post is made of love <3

  No.4023

gain some experience running a mailserver first.
and then gain some experience running a mailserver for other people than yourself.

public mailserver is a whole other thing, if you just start from scratch without prior experience, you'll likely fuarrrk up or get fuarrrked up.

  No.4030

>>3931

You know I'm not so sure about that. I mean more and more surveillance cameras and consumer cameras come with 'night vision' which picks up IR really well. Not that a laser would be picked up, but let the weather get somewhat occluded and that laser will light up light crazy.

Maybe a longshot, but I think it'll get easier to stumble upon this set up, not that it's bad.