0
wowotek
5y

Do you guys have a good encrypted Email Server ? currently checking out Lavabit. maybe you guys have any other options

Comments
  • 4
    E-Mail Security is not something you can buy.
    You have to do end-to-end encryption. And for that to work, you even have to educate your recipients to make them able to do end-to-end encryption too. Otherwise they will not be able to read your encrypted messages and will send you their messages unencrypted and/or unsigned.

    Non-end-to-end Solutions or services wich generate or store the private keys for you, are snake oil.
    You can still buy them for compliance reasons.
    But for actual security you have to do the work yourself.
  • 0
    @Oktokolo i'm not trying to buy, i'm trying to learn how the server works, that's why i'm browsing about Email Server, i want to try to install it if thats possible, etc etc.
  • 1
    @Oktokolo Also i'm asking for Email Server, not Email Service. there is a different in it. i'm trying to learn here bud,
  • 0
    E-Mail server? Postfix and Dovecot with some proper config.

    But use PGP with people. That way, you encrypt messages yourself, and have recipients be anke to decrypt it.
  • 0
    @wowotek
    I would start with the Thunderbird email _client_ and the Enigmail plugin. That is the easiest start into end-to-end email encryption wich actually works.

    If you really want to know what you are doing, lern using GnuPG on the command line though. It is quite a curve and the usability is pretty meh...
    But there are lots of tutorials and background tech articles on the net covering public key cryptography in general and how to use GnuPG.
  • 0
    @Oktokolo yep use GPG before, to sign my Github Commit hehe.
  • 0
    @wowotek
    Then just learn how to do email signing and encryption with it and you are basically done...
    Except that you also have to teach your recipients how to do it (and yes, that is the actual hard part).
  • 0
    very good article
  • 1
    @Oktokolo You don't have to do all the security yourself for this to work. If that would be the case, every company and person in the world would have to do this and that's impossible.

    @wowotek Have a look at Tutanota!
  • 0
    @linuxxx i miss you so much
  • 0
    @linuxxx
    Well, by far the most companies did not even heared about end-to-end email encryption by now. Email is still almost always send in cleartext outside our nerd buble.
    Also, while you don't have to create the software yourself, you still have to do the actual opsec yourself. Generating key pairs, keeping them safe, communicating/verifying public keys with/of your receipients, and teaching everyone involved to not fallback to non-encrypted communication in case the other party claims to something not working aren't trivial (especialy the last thing is absurdly hard) in a company environment.

    But there are solutions, wich claim to do end-to-end encryption but are really only encrypting sender server to recipient server. That is something you can indeed install as or on a server or even buy as a service.
    And it is also not end-to-end encryption, because en/decryption is not done by the client directly controlled by the actual writer/recipient of the message.
  • 1
    @Oktokolo Explain your last sentence, please.
  • 1
    @wowotek Awh haha, whyso?
  • 1
    @linuxxx im here long time ago and you still active as heck. i took a break for a while and now you comment on my post :)
  • 1
    @wowotek Awh fair enough 😊
  • 0
    @linuxxx
    The last sentence refers to that server solutions, where the server does all the Crypto and key management. End-to-end encryption is encryption, where only the end users have control over the used private keys. A solution where the server has the private keys can therefore not actually do end-to-end encryption.
  • 0
    @Oktokolo Okay, fair enough. But what is your main point with this?
Add Comment