Slashdot Mirror

← Back to Stories (view on slashdot.org)

Desperately Seeking Secure and Reliable Email?

Posted by Cliff on from the when-your-ISP-just-isn't-good-enough dept.

mkcmkc asks: "I've recently switched to my local monopoly (ugh) provider of high-speed Internet access, and discovered that their email reliability is about as good as my previous ISP's--i.e., -not good enough-. Who provides the kind of email drop that Slashdotters would drool over? I want: secure access (SSH+POP, or something as good), drop dead reliability (meaning a setup designed and administered by a sharp crew that really cares), timely status reports on outages, a shell account (accessible via SSH), an organization that has respect for the principles of privacy and liberty, and that will at least consider not just rolling over at the first subpoena (if not before). I'd certainly pay several hundred bucks a year for quality. Any suggestions?"

4 of 328 comments (clear)

  1. Mailvault? by Arker · · Score: 5

    MailVault

    a Laissez Faire City service, sounds like what you are looking for. Basic service is free beer, but lots of goodies are available if you are willing to pay.

    Disclaimer, this is hearsay, I don't actually use the service. Since I'm a little less worried about security than you sound to be, MailandNews.Com has served my needs fine. Secure connections, pop, imap...

    --
    =-=-=-=-=-=-=-=-=-=-=-=-=-=-
    Friends don't let friends enable ecmascript.
  2. Re:DIY by casret · · Score: 5

    My set up: postfix as the MTA. Courier IMAP to provide IMAP. I actually tunnel my IMAP connection over an href="http://www.openssh.com">OpenSSH connection, but courier IMAP supports SSL as well. The guy that writes Courier, also writes SqWebMail,(webmail) and maildrop(pleasent alternative to procmail) which I have found to be useful. FWIW I use mutt as my mail client.

  3. Security not to be found in a provider or in DIY. by bziman · · Score: 5
    <paranoia>

    It doesn't matter how secure your provider is or whether you host your own server. The messages are only ever as secure as the recipient keeps them.

    I don't care, use every security trick in the book... but if the recipient reads the mail in plain text off hotmail.com, it isn't secure.

    To do secure email:

    1. Make sure your box is secure enough for your purposes -- i.e. lock the screen when not sitting at the console. No security is ever perfect, but make it as good as required to protect your secrets.
    2. Make sure your recipient is as smart as you -- namely, don't email your plan to nuke Boston to someone who you aren't absolutely sure understands basic security principles.
    3. Use public key encryption like PGP or GnuPG with rediculously long keys.
    4. Don't send the messages over plain text, anywhere. Type the message on your own box, and encrypt it there before it goes out on the wire. If your box can't do that (and there's usually only laziness to blame if this is the case), make sure you use ssh to connect to your shell account. In this case, you're only as secure as that box's administrator has made it. I would say make sure to use ssl if you're using web based email, but I simply cannot imagine a web based email system that provides what any truly paranoid hacker would trust as secure.
    5. Double check step 2.
    </paranoia>

    --brian

  4. Re:DIY by Anonymous Coward · · Score: 5

    Doing it yourself sounds like a good idea - at first. It helps some of the human concerns: the privacy policy, your amount of access to the machine, etc. But running a single machine isn't a good idea at all in this situation, for the following reasons:

    • It won't get you the reliability you want. You just can't get absolute reliability from one machine, no matter how well it's administered. Read my other post for my idea of good reliability.
    • It could also be prohibitively expensive. I've looked at colocation costs...they are $70-$120 for the basic one-machine, one-IP deal. If you want more bandwidth, addresses, rack space, etc, the prices go up. Having someone else just provide you mail is a lot cheaper.
    • It requires a lot of knowledge and work. You have to be on the security mailing lists to see if there are any new exploits out, etc. It's not easy to maintain a server with the kind of security he wants.

    Running a single machine isn't enough. To do the job right, you have to have more than one machine. You have to have a few different machines and they can't all be in the same place, rely on the same power, or rely on the same network connection. To be really reliable, they should have someone always physically nearby to fix problems. You can accomplish this yourself (I'm well on my way toward doing so) but it's not as simple as throwing Linux on a box and throwing a DSL link at it. ISP services really are worth it.

    Get your own domain and to be the administrative & billing contacts. This way, if you switch ISPs, you keep the same email address. You have final control. Most people have to change email addresses when they move, switch local ISPs (modem->cable, for example), switch employers, etc. If you don't tie yourself to a specific ISP, you don't have to. Never use an address tied to a specific ISP if you're concerned about reliability.