this post was submitted on 27 Feb 2025
21 points (92.0% liked)

Privacy

1023 readers
1095 users here now

Protect your privacy in the digital world

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be nice, civil and no bigotry/prejudice.
  2. No tankies/alt-right fascists. The former can be tolerated but the latter are banned.
  3. Stay on topic.
  4. Don't promote proprietary software.
  5. No crypto, blockchain, etc.
  6. No Xitter links. (only allowed when can't fact check any other way, use xcancel)
  7. If in doubt, read rule 1

Related communities:

founded 3 months ago
MODERATORS
fxomt@lemmy.dbzer0.com
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
fxomt@piefed.social
21
Isn't it better* to host a mail server at home than to use Proton or Tuta? (lemmy.cat)
submitted 1 day ago* (last edited 1 day ago) by retiolus@lemmy.cat to c/privacy@lemmy.dbzer0.com
16 comments fedilink hide all child comments
 

*With ‘better’ I mean that an encrypted solution is adequate in these cases because the mails are on other servers, and the companies/servers depend on the jurisdiction where they are located. But by hosting a mail server at home, even unencrypted, we are 100% in control of our data.

PS: is there a self-hosting mail server solution that stores everything encrypted? I already self-host almost everything I use, but not email.

you are viewing a single comment's thread
view the rest of the comments
[–] hendrik@palaver.p3x.de 5 points 1 day ago* (last edited 1 day ago)

This topic always gets strong opinions on Lemmy. The truth with security is: it always depends a lot on what you're doing and fighting against, i.e. the threat vectors. There probably are some edge cases where it's better to have physical control over the server. And there will be other cases where it's better to use an established solution.

Just keep in mind, the people over at the good companies do this as a job. They probably have years of experience. Had long meetings to discuss technicalities and what might happen and how to handle it. They've analyzed the threat vectors and put some thought into the exact setup. And they likely constantly improve it. You need to judge by yourself if you can do it as good as them. And you obviously don't want to make any major mistakes.

There are several all-in-one mail solutions available. I don't know which can do encrypt at rest. Stalwart can do it. There is autocrypt.org and some Dovecot plugins, so I guess everyone can do it.

I like selfhosting and having control. What I host probably isn't perfectly secure, though. Since I don't spend all my time doing it and I also haven't had anyone else look at the config and check for potential problems. E-Mail is one of the more complicated things. Due to abuse and spam, a bazillion things got added on top of the original protocol and the other providers are relatively strict with flagging mails as spam or straigt refusing to accept them. So there are lots of things to do, and get right. Even without encryption. And usually the needed ports are blocked on residential internet connections.

(And ultimately, your house also is under some jurisdiction, so if you're worried about your own government, they can come raid your house and take your server. Or bug your phone and laptop. So you need additional security like encryption. And means to ensure they can't circumvent it. And temper-proof devices.)