Seattle Startup Vets Takes on Google with Helm, a New $499 Personal Email Server

A Seattle-area startup is aiming to take on giants such as Google and change the way we do email with a new physical personal email server. From a report: Helm today unveiled its $499 device that lets consumers send and receive email from their own domain, in addition to saving contacts and calendar events. It's a bold bet that aims to provide comfort at a time when privacy and security issues related to personal data hosted by big tech companies in the cloud are top of mind. The idea comes from Giri Sreenivas and Dirk Sigurdson, two entrepreneurs who already sold a security startup and raised a $4 million seed round from top venture capital firms last year.

The device is about the size of a router and looks like an upside-down book placed on a table. It connects to a home network and pairs with a mobile app that lets users create their own domain name, passwords, and recovery keys. Helm support standard protocols and works with regular email clients such as Outlook or the Mail app, with encryption protecting connection between the device and the apps.

lolwut?

[HarrySquatter]

Helm today unveiled its $499 device that lets consumers send and receive email from their own domain,

Is this an April Fools joke that was posted too early? What dumbass would pay that much money for this?

Re:lolwut?

[ole_timer]

yeah, it should cost more like $49 and annually something like $19. Gmail, for all it's privacy issues, is free and uses a browser, hard to beat that. I predict sales of about 1000 and no more.

Re:lolwut?

[ilsaloving]

Are you kidding? Have you ever tried maintaining your own email server? $500 is dirt cheap compared to maintaining your own.

Maybe it was fine in the old days where all you did was install linux and make sure sendmail/postfix was running, but in todays environment maintaining an email server is a bloody nightmare. DMARC records, SPF records, reverse IP mapping... SSL certificates and security rules... And lets not get into arbitrary nonsense rules that some companies set in a misguided attempt at combating spam.

Even when you know what you're doing, it's a PITA. If you're not fully versed in all the intricacies of the various RFPs and SMTP servers in general, then you're going to have a particularly nasty time.

Based on what I know, I can't help thinking that they might be biting off more than they can chew. But if they actually do pull it off, then they are going to make a completely justified mint.

Re:lolwut?

[gweihir]

I have this on a $10 vserver and a secondary MTA on another one, including DNS and webserver.

Re: lolwut?

[backslashdot]

Not the free gmail. You wont be taken seriously as a business if your email is @gmail.com. You have to get the paid gmail which allows you to have email @yourdomain.

Re: lolwut?

[ole_timer]

sure - in addition to my personal email (free) which has the google titan token, i have two xxxx.edu - one has duo 2fa, the other has u/i and p/w and won't let me use my titan token there...they pay google something but it's not $499 plus $99/year per student/faculty...

Re:lolwut?

[JustAnotherOldGuy]

Helm today unveiled its $499 device that lets consumers send and receive email from their own domain,

Is this an April Fools joke that was posted too early? What dumbass would pay that much money for this?

Oh, trust me- there are plenty of dumbasses out there with $499 to burn. Audiophiles come to mind, but the fact is that it's a target-rich environment. No shortage of people who have more money than sense.

Re:lolwut?

[arth1]

Are you kidding? Have you ever tried maintaining your own email server? $500 is dirt cheap compared to maintaining your own.

Yeah, but you still have to maintain this one.
So what makes it better than a much cheaper micro-server with a fully configurable SMTP server? You're basically just paying for pointy-clicky and ropes that are shortened so you have less options.

Re:lolwut?

I have been maintaining my own email server for about 4 years now, easy as pie, mostly hands-off automated updates. I only log in to the machine about once every couple of months. I'm using https://mailinabox.email/, it makes email as easy as it gets. Granted, there isn't much customization, but it has everything I, and most people, need. All it costs is a VPS, mine is 5€ a month from Vultr. There are cheaper ones but for email I wanted something reliable.

Re:lolwut?

[squiggleslash]

Hillary Clinton.

Re: lolwut?

[MachineShedFred]

Yeah, and that $10/month for custom domain hosting from Google will really break the bank if you are a small business. That pegs the ROI on this device at 50 months if everything goes perfectly, and never needs to be upgraded, never has a support agreement, and never has any other costs whatsoever.

Not very good.

Re:lolwut?

[gweihir]

Well, if your IT guy needs 100-200 man hours to set up a simple mail server, then you have another problem...

Re:lolwut?

[sonamchauhan]

Me too

Re:lolwut?

[x_t0ken_407]

It's really not as hard as you're making it out to be. I've run my own personal email server (on a VPS) for several years now. Yeah it can be a PITA to first setup (but not really, I've dealt with much worse) but once you get everything configured properly, maintenance is as simple as making sure all your software is up-to-date and staying on the lookout for vulnerabilities.

Of course, I do this sort of shit for a living so...grain of salt.

Re:lolwut?

[Anonymice]

There's a huge difference in maintaining a personal mail server, and one used by hundreds or thousands of staff.

A big part of the headache of maintaining email infrastructure is trying to control what goes out, without getting in the way of day-to-day operations - much like the challenge of finding the balance in maintaining a secure network without being a hinderance

When I've had problems with email, it's usually because some clueless dev has tried to spam 100k contacts with poorly formed emails with dodgy headers. In this case, rather than try to find a technical solution for stupid(R), I've found it's far easier to just try & train people & enforce some basic rules.

Re:lolwut?

[x_t0ken_407]

There's a huge difference in maintaining a personal mail server, and one used by hundreds or thousands of staff.

100% agree on this :) In the context of the article and GP's comment though (i.e., personal email server), I stand by 'ease of use' comment, heh.

As far as maintaining an enterprise server with 100s to 1000s of staff...yeahhh, that's a whole other beast, and honestly I'd probably peddle that off to a company that spcializes in that, just for sake of my time and agony maintaining the damn thing, lol.

Re:lolwut?

[ilsaloving]

That's the problem. I already do this for my day job. I don't like having to deal with it during my off hours too.

I also currently have a mail server running as well, and yes, day to day it's not THAT bad.

Until something completely unexpected happens and I have to drop everything in order to fix an unexpected calamity.

Or when you discover than your emails are getting turfed because a recipient is doing a reverse ip lookup and trying to get your ISP to configure that is a nightmare.

Or one of the billion other edges cases that you are now responsible for taking care of.

Saying that that's not bad because you've dealt with worse is like saying, "Having sex with a cactus isn't bad because having sex with a chainsaw is so much worse!" While technically true, it's still very far from an enjoyable experience.

I've been looking for options myself for a while now cause I'm fed up running my own server. If this Helm thing turns out to be as good as they claim (I'll wait for an exhaustive reviews first.) then I may well take the plunge.

Re:lolwut?

[ilsaloving]

That looks pretty good, but it's too basic for my needs.

I want a full groupware suite where I can also sync my calendar and contacts as well.

Currently the only packages I've been able to find that fit the bill are fremium systems like Axigen or Zimbra, and you have to pay substantial money for 'advanced' features like proper backups, etc.

So I end up just rolling my own process instead... which is now yet another thing I have to maintain.

Re:lolwut?

[ilsaloving]

It's a microserver that does the majority of the grunt-work for you. Software updates, backups, etc. You don't need to manage the updates yourself. You don't need source your own offsite backup accounts.

Basically you get a well-configured groupware server without the grind.

Re:lolwut?

[x_t0ken_407]

I hear your gripes and the do have merit. In the 5+ years I've run my own sever, I'd say there were 3-4x that I had to sit down and figure out wtf happened and fix some bullshit that came up, in the meantime not have a working email address. I do run on a VPS so I never had to deal with reverse IP lookups or anything, I could imagine how much of a PITA that'd be trying to work with the imbecile front-line techs at your ISP, wouldn't want to deal with it. _But_ I don't think it's bad at all, especially after initial setup -- initial setup was def the worst part. And honestly, I've neglected my mail server a bit due to some things I won't mention here and it does need a lot of TLC, I'll probably end up moving away from my current setup (postfix/maia on FreeBSD) to something a little easier to maintain...it's EXACTLY like your cactus/chainsaw reference actually, lol. I'll give you that hahaha.

Helm

[Luthair]

Why would the kubernetes package manager make a device for email...

Lot's of home IPS block ports that make this not

[Joe_Dragon]

Lot's of home IPS block ports that make this not work.

We called these qmail-toasters back in the day

[Etcetera]

Guess I should bust out my qmail/vpopmail scripts from 2003. Everything old is new again.

Upkeep.

[Ostracus]

Problem with E-mail isn't in the "getting one running". It's the constant maintenance that's needed.

Re:Upkeep.

[jittles]

Problem with E-mail isn't in the "getting one running". It's the constant maintenance that's needed.

The real problem here (assuming that they provide all that upkeep for you in a reliable way) is that no one will accept your mail if you do not have a reverse DNS entry for your IP. Not to mention the fact that ISPs block the necessary ports to run this on a home network. You’d have to have a business service plan to get this to work and you had better have a static IP address also.

Re:Upkeep.

[Solandri]

About 15 years ago, I set up a private email server for our company. I'd been running a private email server for personal use since the 1990s so didn't think it would be that different. Was I ever wrong.

I was called numerous times after I'd gone home from work by employees working a later shift saying email wasn't working. For my personal email I'd just go to sleep and fix it the next morning But these people needed email to do their work, so I had to come back in and fix it ASAP. Then there were the numerous mail servers I had to petition to remove our server from their spam blacklists every month. Other people on our ISP sometimes had their computers compromised and used to send spam, and these servers were blocking the entire IP address range of our ISP. For my personal email, I would never need to send email to a lot of these servers so being blacklisted by them was inconsequential. But multiply it by all the mail servers 50 employees send email to, and suddenly you need to resolve all these blocks.

After a few months of this I threw in the towel, and signed us up for an outside email hosting service. They're staffed 24/7, so when email goes down someone there gets it fixed, usually within a few minutes. And clearing up spam blacklists is their problem - we just have to report the block. If your company is big enough to have IT staff on duty or on call 24/7 then I can see a private email server working out. But if your company is that big you're not going to run your email server on a $500 appliance.

Re:Upkeep.

[Aighearach]

small business is probably the targeted market.

Re:Upkeep.

When I set up an email server for my company, the biggest problem was getting the large email providers to not block all email from us as "spam" (we never sent ANY spam, were not on any spam lists or any server/domain/IP blacklists). We did everything right (DKIM, SPF, reverse DNS, etc., etc.) but because we weren't sending tens of thousands of messages on a regular basis, we couldn't get recognized as a safe sender. The resolution process to get off the "block" and "spam" filters for most ISPs is apparently routed to /dev/null and had absolutely no effect. Eventually we gave up and paid google to host our email. I suspect "encouraging" you to pay for email hosting is at least as much the reason the large companies block messages from small senders as preventing spam is the reason.

Re:Upkeep.

[gweihir]

Get a vserver with a static IP. They usually come with the reverse DNS entry. Starts at $10 or so for a Linux VM.

Re:Upkeep.

Not to mention the fact that ISPs block the necessary ports to run this on a home network.

It can get pretty unbelievable. I went to a different bandwidth tier causing the ISP to revert to its default port 25 blocking. After literally 12+ total hours on the phone trying every variation I could think of, including "please escalate me if you don't know what port 25 is," I was getting nowhere.

I wrote "PORT 25 HELP?" on a piece of cardboard with a Sharpie and stood outside the ISP's offices at morning shift change like a business-casual panhandler. While the security guard was trying to run me off, somebody saw it, asked for my account number, and told me he'd fix it when he got upstairs. Maybe 5 seconds of interaction. It was working before I could walk the 8 minutes back to my own office.

Re:Upkeep.

[shaitand]

All this is true and it all comes down to the spam wars and a concerted effort to hinder end-to-end encryption of email. But for certain types of business it might be worth investing in, it can still be managed reasonably easily by one dedicated "tech guy" in a company of 100 or so employees. Especially since most businesses aren't 24/7 operations.

Sure he'd be on call all the time but calls in an org that size would be infrequent if he is doing his job well. In fact that is the beauty of that type of gig. If your dedicated admin is running around crazy all the time he really sucks. What you want is someone you never see or hear from and are never quite sure what he does. Is he fucking of on your dime? Absolutely. But he can only get away with it because he is good enough at making the tech in your business run so smoothly that is possible. Of course the other possibility is your admin is busy because you interfere with his technology purchases and decisions.

Re:Upkeep.

It is not sufficient to have a correct reverse DNS entry. For example, you cannot send email to one of the big freemailers in Germany, GMX, if
- The PTR-RR states that the IP address was dynamically allocated, or
- The PTR-RR is a generic standard entry of your provider. Please allocate an independent and fully qualified domain name (Fully Qualified Domain Name - FQDN) to your email server and enter the corresponding valid PTR-RR.

Email is a mess. The spammers have almost killed it and the antispammers are finishing the job.

Re:Upkeep.

[Omeganon]

This is exactly how it operates, and also means that whoever works at Helm has access to your email in transit. I for one don't trust a startup to have vetted their employees well, nor to have the security measures in place to protect the systems from compromise.

Re:Upkeep.

[greenwow]

And have a source address that isn't blackholed since most cable and DSL IP addresses are blacklisted.

Re:Upkeep.

[MachineShedFred]

It's also that massive blocks of IPs that are handed out by residential ISPs are blacklisted by lots of SMTP servers to cut down on botnet spam. Unless they are also including a VPN service that it uses to get around that, this thing is a $500 email server that will have most of your email rejected by the intended recipient.

Or pay $5/mo to just host it somewhere and not have that problem. It's unlikely this device would have a 100 month warranty on it, and that this company would still be around 100 months from now (they would have to be for the VPN endpoint) anyway in order to see an ROI over standard private domain email hosting services.

Re:Upkeep.

[MachineShedFred]

Until you plug it into a large ISP that registered their residential IP blocks with the various anti-spam lists just to make sure that you're buying their "business-class" (read: more expensive for exactly the same) service.

Unless this company is acting as a VPN endpoint or a mail relay with this thing, there are very large numbers of (residential) customers where this thing just won't work. And if they are acting as a VPN endpoint or a mail relay, this company has the option to read all your shit, as well as have you dependent on their survival for this thing to not be a $500 paperweight.

No thanks.

Re:Upkeep.

$99 a year after paying the $500 makes the alternative of hosted mail look a lot better. Plus, a mail hosting provider has RAID, redundant machines, and likely decent peering, especially a place like MS or Rackspace.

Appliance-wise, I am not paying $500 for a SMTP server. For $120 and a hard drive, I can buy a low-end Synology or QNAP NAS, have not just full E-mail capability (pop/imap/smtp/http via Roundcube), but have storage, backups, syncing, and many other features, with the ability to have all data encrypted on the device. I personally use one of these machines for mail storage for home stuff. Not for sending/receiving E-mail, but archiving mail via Thunderbird and IMAP, so mail resides there permanently, and not my providers. Of course, the NAS can back itself up to a cloud provider (Wasabi comes to mind) with decent client encryption.

For $500, I can buy a two drive NAS with two 4TB drives, and have RAID 1, email, and a lot of functionality. The $99 a year could go covering costs of remote backups at Wasabi, where they charge $5/month/TB.

Re:Upkeep.

[gweihir]

Indeed.

Re:Upkeep.

[HotNeedleOfInquiry]

The other Big Deal is the bandwidth that gets eaten up by spam. If you have a relatively slow DSL connection, and a lot of people do, the massive amounts of spam received will eat up a substantial amount of your bandwidth.

Re:Upkeep.

It is not sufficient to have a correct reverse DNS entry. For example, you cannot send email to one of the big freemailers in Germany, GMX, if
- The PTR-RR states that the IP address was dynamically allocated, or
- The PTR-RR is a generic standard entry of your provider. Please allocate an independent and fully qualified domain name (Fully Qualified Domain Name - FQDN) to your email server and enter the corresponding valid PTR-RR.

This is why we can't have nice things. Getting a reverse record, and even an MX record, on the public DNS is easy. Getting past the ISP level port blocking, and other implementation's stupid restrictions on "what is a valid mail server" is another.

Almost enough to make you assume that being able to sniff through your email as a consumer by forcing you to use an "approved" mail server is the entire point of the restrictions. Rather than any sane anti-spam effort.

Re:Upkeep.

[thegarbz]

Problem with E-mail isn't in the "getting one running".

Said like someone whose never had to read the sendmail manual. I still sometimes wake up randomly with cold sweats.

Re:Upkeep.

[labnet]

I've been running various versions of ms exchange for 15 years now for 50 people. I now use an external spam filtering service (spamhero). I would average about 2 days a year on it and can't even remember the last time it went down.

Re:Upkeep.

[Agripa]

Unless this company is acting as a VPN endpoint or a mail relay with this thing, there are very large numbers of (residential) customers where this thing just won't work. And if they are acting as a VPN endpoint or a mail relay, this company has the option to read all your shit, as well as have you dependent on their survival for this thing to not be a $500 paperweight.

Using a VPN tunnel is a common way to avoid ISP and SMTP restrictions. It is no more insecure than using email alone because security has to be provided by the connections to the email server anyway so ideally, the VPN only carries encrypted encrypted connections anyway.

Re: Lot's of home IPS block ports that make this n

[yokem_55]

Looks like the device sets up a VPN back to them that they can send mail out from with a static IP and reverse dns.

Let me guess:

[Qbertino]

It needs some obscure cloud service to hook up to do you can configure it. That's attached to a subscription.

How about just building a piece of useful groupware with easy domain configuration and easy ssl cert integration and letting the hardware as a option?

Somehow I feel this will fail just as hard as Protonet.

Re:Lot's of home IPS block ports that make this no

[davidwr]

The port problem is easy to solve by offering optional port-forwarding subscriptions to forward "incoming mail to your domain" ports to a user-selected non-blocked port.

Also, most home users can buy business-contract internet in their homes, which typically allow all incoming ports.

The same people who would pay $500 for this box are the same people who would buy either of the above services.

Not a word about spam filtering capabilities

Spam filtering is what makes e-mail usable nowadays and yet on the official site they choose to ignore it completely.

Re:Not a word about spam filtering capabilities

[ole_timer]

spam filtering - oh that's another $99 per year...ransomware protection - you guessed it - another $99...etc., ad nauseam...

Yep, so wouldn't you just leave all that

[rsilvergun]

to your hosting provider? At the consumer level it's like $5-$10/mo (and you can probably get it cheaper elsewhere).

Re:Yep, so wouldn't you just leave all that

[shaitand]

So that your hosting provider doesn't have your data.

Re: Yep, so wouldn't you just leave all that

[shaitand]

I'm not saying your wrong. It is very difficult to setup and maintain a secure email server, 15yrs ago setting up linux mail servers for small businesses who wanted private mail was a big part of my job. These are all almost certainly going to be spam zombies within a couple years.

All I'm saying is that the reasons to want to do it haven't changed. Putting all your data, even confidential business data, in the hands of a third party is one of the greatest crimes of spammers.

Re:Yep, so wouldn't you just leave all that

[cascadingstylesheet]

So that your hosting provider doesn't have your data.

How do you know that these guys don't have it?

Re:Yep, so wouldn't you just leave all that

[Holi]

Except you are relaying through them so they get all your data as well as $99 a year.

Re:Yep, so wouldn't you just leave all that

[shaitand]

At that point it has no purpose.

Re:Yep, so wouldn't you just leave all that

[shaitand]

I don't, but I certainly would before spending $499.

Re: Yep, so wouldn't you just leave all that

[shaitand]

On your own mail server you don't have to make assumptions like that.

Re: Yep, so wouldn't you just leave all that

[rtb61]

The mail server needs to be built into a firewall router and you simply and an external USB hard disk for data storage. Mail doesn't need to be as secure if it is kept outside of your internal network before delivering a copy of filtered mail. The next thing you ad of course is ........

RasPi

For the amount of email most people do, a few dozens of dollars into a Raspberry Pi would work just fine as an email server. $500 seems like huge overkill.

Re:RasPi

[Areyoukiddingme]

For the amount of email most people do, a few dozens of dollars into a Raspberry Pi would work just fine as an email server. $500 seems like huge overkill.

From the sound of things, they're concealing operating expenses in the price of the hardware, the exact opposite model for inkjet printers. No box "the size of a router" has $400 worth of hardware in it, let alone $(500*0.97) worth (typical 3% margin Asian manufacturers operate on). Not when a cell phone with a capacitive touchscreen and a battery in addition to all the required resources to run a low volume mailserver is $30.

Now if it's 100% redundant hardware, including two independent wall warts for power, externally accessible redundant hot-swappable flash storage, externally accessible redundant hot-swappable CPU/RAM cartridges, and dual embedded externally accessible hot-swappable lithium batteries, then it's worth $500. Basically two cell phones worth of hardware smooshed together in an electrically sensible way, with custom software that can deal with a CPU disappearing and reappearing.

Having described it, that is what I want. Why isn't someone making that? For less than $OUTRAGEOUS_SUM, in less than a 4U form factor.

Re:RasPi

[MachineShedFred]

You're still well below the cost of this thing, without the very real risk that this company goes titsup and you're left with a $500 brick due to them routing all your shit through them.

And $99 per year after that

[damn_registrars]

I can envision a market for that, particularly for people who want to keep their email and calendar data away from google but don't want to manage their own server completely on their own. I won't be lining up to give them any of my money, but I suspect plenty of other people might.

Re:And $99 per year after that

[ole_timer]

yeah, the same morons that pay for credit protection to lifelock...

Re:And $99 per year after that

[damn_registrars]

I suspect there could be some overlap in those sets but I wouldn't expect them to be one and the same. Plenty of people are concerned about companies peeking in on their email but don't want to (or have the technical knowledge to) manage their own email server. The fact that this little appliance does that is somewhat novel as well IMHO as it would likely use less power than what many people would likely set up for an email server (or any time they think of "server").

Just buy their "Business" class

[rsilvergun]

they'll sell it to you, it's often only about $30-$70/mo more and it often comes without data caps for the extra money. I've got Cox business, it's $100/mo for 100 mbps with no data caps. I mostly got it to escape data caps when they started that crap in my area. The downside is you have to sign a contract (mine's 3 years, but I'm an IT worker, I pretty much don't have a job without internet).

Re:Just buy their "Business" class

[DigiShaman]

they'll sell it to you, it's often only about $30-$70/mo more

Or you could for $6 a month ($5 per month on annual contract) you could just get an Office 365 Business Essentials account which is MS Exchange in the cloud with 50GB mailbox and 1TB of OneDrive storage! Way cheaper. Just point your domain's DNS MX records to it; they provide all you need or their wizard can inject the records for you at a major domain registrar (assuming their hosting your DNS too). It's not hard to do at all.

For $12.50 per month, you get all of that plus the entire local Office suite application that can be installed on up to five personal computers you own. Because it's SAAS (Software As A Service), you get whatever version becomes available upon launch. Be it Office 2019, 2020, 20xx whatever.

Let me guess: capabilty.

[Ostracus]

Possibly. What is different from now and then is that consumer hardware has matured. From NASes being more prevalent, to more capable routers, that do more than route. A lot more tasks, formally cloud, can be moved back towards the consumer end, with some help from the other end. e.g. expertise, management, etc.

This is a niche product

[davidwr]

There is a market for this kind of thing, but it's a small one.

If I am a very small company or an individual who needs "in house" email where no third party can be subpoenaed and where I control the encryption keys, AND where it's easy to run with minimal management, that is worth paying for.

But for most companies small enough where this would be worth considering, a completely outsourced email solution is better. For almost all individuals, outsourced email is better.

In the unlikely event that something like this gets more than "niche market" traction, expect the major players to either buy these guys out or come out with competing products. There's not much in this product that is innovative enough that the proprietary features, if any, can't be worked around and/or that customers won't care about them enough to deter competition.

Re:This is a niche product

[WorBlux]

If the tunnel service subscription were a standalone product, it might be worth it for small business, However I'd certainly want more redundancy in the hardware or be able to leverage a VM on an existing machine that already has redundancy and backups running.

Re:This is a niche product

[Comboman]

I suspect they think charging $500 for $50 worth of hardware to gain access to the tunnel service will give them the upfront capital they need to get started. If they already had the startup capital, they'd be giving away the boxes and charging a monthly subscription fee.

Re:This is a niche product

[WorBlux]

That case itself is easily a $50 case, the NVME SSD $80, and the rest of the board is $175 wholesale. (it has ECC ram, and likely a SATA and PCI-E bus, and good wifi). It's still a good margin, but it's far from a 1000% markup.

Re:This is a niche product

[DigiShaman]

You can host your own mail with a Synology NAS unit. Many of the two bay small ones can do it. But as others have pointed out, port 25 (SMTP) is blocked by all major ISP for residential accounts. They do that to stop e-mail worms. That, and they can up-sell on the business accounts (which you need a static IP anyways with a PTR record).

Just the delta cost alone for a business class account can easily exceed the cost of a few mailboxes hosted via Office 365 Business Essentials account. So...kinda defeats the whole purpose of going at it alone with your own local kit.

I wonder

[Hognoxious]

looks like an upside-down book

Anyone else trying to figure out how that looks significantly different from a right-way-up one?

Apart from the line drawing of an obscure animal, of course.

Re:I wonder

[Hognoxious]

So it's like a house? Why didn't they say that?

Will people care enough?

[ruddk]

It seems that (some) people are beginning to realize the cost of “free” services, but I wonder if they care enough to do anything about it.
Getting smtp to your home connection could be an issue for many as that port is usually blocked to prevent malware spamming. Sometimes you can request it opened.
When I ran my own email server, there was a bit of maintenance with spam filters as well as problems with some destinations not accepting emails from servers on xDSL lines.

I don't forsee success.

[WorBlux]

They hide the knobs that would endear them with the tech community, source is not prominent/shared, and you can't subscribe to the serice using existing hardware.

For the average tech user concerned about privacy this may be a good deal, but to actually get SSL securely you need to manage your own domain and control your own certificates, otherwise the domain or certificate manager can be coerced by three-letter agencies to MITM your email. Additionally I see no allowance for hardware failure, if grandma and gramps lose 100GB or photos of their grand-kids, someone is going to be peeved. The subscription needs to include secure backups (anything where the service manages keys is not as secure as their average customer expects they are getting, and making people manage their keys themselves is bound to incur data loss and recovery failure). The only way out of the mess is a cryptographic secured ID system.

And letting the government do it is bound to incur abuse. I see two solutions, everybody use the Estonian E-citizenship and ID and pump enough value into the system that they don't dare subvert it. Or recognize ICANN as a sovereign entity like the red cross or knights of malta, and have them run a digital ID system.

Re:I don't forsee success.

[Obfuscant]

They hide the knobs that would endear them with the tech community, source is not prominent/shared, and you can't subscribe to the serice using existing hardware.

If you are that kind of user, there are existing solutions. They aren't the target market. It's "plug and play", like IoT, for people who aren't tech savvy enough to set up their own.

It appears to be, as someone else commented, just a different third party through whom your email passes and info is harvested.

Re:I don't forsee success.

[WorBlux]

Not quite pure third party. If you manage the certificate, you should get TLS from the sending server to your mailbox. Looks like the heavy lifting and logic is all in the user device, (weather you can trust and examine what it's doing is another issue), while they provide an externally accessible gateway and handle the config needed to talk to the mainstream network of mail servers.

Another issue is the email as a personal correspondence media is dying, chat is displacing the personal and email is more formal/auditable business purposes.

Insert Your Own Hillary Clinton Joke Here

[Nova+Express]

But the market for people who need to set up their own email server to hide their graft from FOIA requests would appear to be fairly limited...

Re:Insert Your Own Hillary Clinton Joke Here

[Comboman]

Not as limited as you might think.

Re: Lot's of home IPS block ports that make this n

[ShanghaiBill]

Looks like the device sets up a VPN back to them that they can send mail out from with a static IP and reverse dns.

Then you still have to trust a 3rd party. So how is this different from trusting any other provider (other than being really expensive)?

Legacy Communication System

[CranberryKing]

We will never get rid of e-mail. It will be necessary for the foreseeable future and have a much longer lifespan than say, fax. But anyone who can see the writing on the wall with respect to privacy will/has started moving away from any public public or even private public messaging system for as much of their important communication as possible.

Using systems like Tox, Signal on your phone, or something that you have control of needs to be a priority in your life -- and as part of that, you will have to become an advocate (evangelist really) for others to get on board.

One big weakness is people using social networks as communication systems purely due to their convenience and ubiquitousness. There are/have been attempts to make privacy oriented social networks (diaspora, etc.), but the nature of shouting from a mountain top does not lend itself well to privacy.

Ummm.... There's a problem here

Preface: https://www.spamhaus.org/pbl/

Substance: I am not normally a betting guy, but I would wager that 95% plus of the US population would not have the ability to get beyond 50% delvierability for "legitimate" emails using such a device. I am ASSUMIng that the outbound connections from the "device" to the recipients MX server would originate from the user's local IP address (unless they also include some kind of outbound relay service, which would seem to be self-defeating in this context). Many (perhaps even a "large majority") email server operators use services which are designed to reduce spam, and one of the most common ways this is done is by blocking incoming connections, either at the MTA or network level, based on a range of "known dynamic IP addresses", i.e. the IP address ranges assigned by an ISP to customers who have not chosen (or do not have the option to chose) a static IP address for their connection. Organizations like Spamhaus publish / provide access to lists of such ranges which email server administrators can use to automatically block or flag messages coming from "standard"/"dynamic"/"non-static"/"consumer and small business" IP address ranges.

While I like the concept, I think any customer of this product is likely going to be disappointed in their message deliverability unless the either A) have the money and the inclination to get a static IP address for their connection (if their ISP even offers that as an option - MANY do not, either at all or for non-business accounts) and deal with the side effects that come along with it, or B) use a third party external relay service to send their messages, thereby eliminating (or at least reducing) the utility of such a device in the first place.

The Whistle InterJet called...

[Hobart]

...from 18 years ago.

Welcome to the Millennial Bro business plan!

[xanthos]

1) Take a piece of well established, publicly available software
2) Throw it on a commodity piece of hardware (optional)
3) Tie it to a proprietary cloud service that requires a subscription
4) Price it so it looks like it has more value to it then it does
5) Profit!!

Trust

[cascadingstylesheet]

The problem when looking for gmail alternative is that you start asking yourself why you should trust anyone else either.

Your ISP? A hosting company? Some startup that sells a box? Some guys in Switzerland?

Who uses E-Mail Anymore?

[Voyager529]

I think this company's bigger issue is their demographic: People who care enough about their e-mail privacy to desire to not-use Gmail, Outlook.com/Hotmail, AOL, or Yahoo, want their own server, and are neither tech savvy enough to set up Zimbra / Mail-in-a-Box / the Synology mail server, nor big enough to use Exchange...and still use e-mail.

This trail was blazed by Microsoft back around 2008-2011 with Windows Home Server - enough server to help manage backups and malware scans (using Live OneCare) and centralize media storage/sharing, enough not-server to prevent it being used for Active Directory or similar. The problem was that it was still "too much server", and they couldn't market it well enough to get average consumers to really want it.

Circling back to the subject line, e-mail is primarily a business form of communication. When was the last time you got a legit, personally-written e-mail from anyone? It's probably been a while, and even if you still correspond with $SOME_PERSON regularly that way, it's far from the de facto form of digital communication it used to be. E-mail is basically for account setup and password resets, bulk mailers, and the occasional business correspondence. Most human-to-human communication tends to take place with Facebook Messenger or WhatsApp or garden variety texting. Though people do still send and receive e-mails, it's been largely supplanted by semi-synchronous messages.

So, to review...an e-server tied to a single provider for the VPN / outbound relay, one or more annual fees to handle spam filtering, runs off Wi-Fi, doesn't fit in a server rack, isn't installable on custom hardware, and is intended to simplify a communications protocol from which home users have largely moved on?

I could be wrong...but it definitely doesn't sound like a winner to me.

Re:Who uses E-Mail Anymore?

[DigiShaman]

WTF is that crap? Dude, 99% of my communications are through e-mail. It's for record keeping of correspondence and ease of searching for sorted content later. It's also provides a chain of contact.

Has the world gone that too fucking ADHD to only chat in IM? I'm sorry, but as a Managed Service Provider (B2B based industry), Anything that requires over a paragraph in communication with the occasional file attachments will **ALWAYS** be e-mail.

E-mail will be around for the next 100+ years. The protocols i'm sure will change as will the underlying technology. But delivered messages that involves an address, subject, body, and signature will be the primary philosophical form of communications within a business. IM is great for short Q and A, but it will never replace the need for multi-paragraph construction.

Re:Who uses E-Mail Anymore?

[Voyager529]

WTF is that crap? Dude, 99% of my communications are through e-mail. It's for record keeping of correspondence and ease of searching for sorted content later. It's also provides a chain of contact.

Oh, I completely agree. It's why E-mail isn't going anywhere in business...On-prem Exchange and O365/G-Suite will have a place in business correspondence for the foreseeable future. This device, however, with no Activesync, the requirement of a VPN tunnel to the upstream provider, a seemingly minimal amount of retention policies or failover capabilities and so forth...is not going to be making inroads in businesses that already have incumbent e-mail solutions in place.

Has the world gone that too fucking ADHD to only chat in IM?

I restate my original question: when was the last time someone personally e-mailed you? Not a business correspondence, not a support request, not a listserv or similar. Compare that with the quantity of text messages you've received over the same period for personal communication.

I'm sorry, but as a Managed Service Provider (B2B based industry), Anything that requires over a paragraph in communication with the occasional file attachments will **ALWAYS** be e-mail.

Agreed, and I work for an MSP as well. You're still focused on business communication, where we agree that businesses will continue to use e-mail. This device is unsuitable for businesses, and for home users, e-mail privacy concerns are rather infrequent to hear about, especially as e-mail itself has waned in popularity in that same demographic.

E-mail will be around for the next 100+ years. The protocols i'm sure will change as will the underlying technology. But delivered messages that involves an address, subject, body, and signature will be the primary philosophical form of communications within a business.

Would you really roll this device out in a business? I wouldn't. That's my point: there is a disconnect between the demographic in which e-mail is still a primary form of communication, and the fact that this device targets a demographic that no longer considers e-mail a primary form of communication.

IM is great for short Q and A, but it will never replace the need for multi-paragraph construction.

No, but Facebook still allows for paragraphs to be transferred. I've sent relatively long SMS messages that probably could have been e-mails. Even if people still send multi-paragraph personal messages via e-mail from time to time, Facebook, texting, and similar services have supplanted enough of it. Privacy is one of the differentiators, but for many people it's one of those things that is desirable until the very first inconvenience crops up. Those who care enough are probably technical enough to utilize options like Mail-in-a-box, Zimbra, and plenty of other host-your-own solutions that don't require a VPN and a service contract.

It's a tent

[Comboman]

They should have said it looks like an upside-down cracked open book. In short, it looks like a tent, or the roof of house without the house. Is there an RTFM equivalent of "Look at the damn photo"?

Re:It's a tent

[DontBeAMoran]

LADP?

Screw That

[SuperKendall]

Will echo the other doubts with my own concerns - for anything that handles important emails like my domain, I need something that is in multiple spatially redundant data centers, not just one device in my home where I'm screwed if the house loses connectivity, or there's a fire or theft... no fun to be out on vacation and have the email box go down with no way to fix it.

So, what’s special?

[Tjp($)pjT]

$499 gets you a new Apple Mac Mini. And add Mac OS server and you’ve got a personal email server. Add the MX records to your domain, and dynamic DNS records if you are lacking a static IP. Many registrars have tools to create all the appropriate dns records for SPF, etc. So what is their secret sauce?

Re:So, what’s special?

[nadass]

So what is their secret sauce?

It runs Ubuntu?

Good luck

[dnaumov]

Being at the whim of Google and Microsoft, regarding which of your outgoing mails they are going accept and which ones they wonâ(TM)t. THAT is not a fun experience at all.

Re: Lot's of home IPS block ports that make this n

[slashmaddy]

Looks like the device sets up a VPN back to them that they can send mail out from with a static IP and reverse dns.

Then you still have to trust a 3rd party. So how is this different from trusting any other provider (other than being really expensive)?

1. Having physical access to your data at all times?
2. Freedom to switch to a different VPN/reverse IP service provider if the current one makes you unhappy or goes out of business?
3. ???
4. Profit

So different

We hear that you don't trust Google to receive and store your email, but
1) You don't want to learn how email servers, domains or the internet works,
2) You don't want to learn how to do the maintenance or worry about security,
3) Your home ISP blocks outgoing email on port 25 or worse anyway

For the sum of $500 we will
1) Funnel all your email through our domain and server (in Amazon's cloud) instead of Google's domain and server
2) Assemble and program a server for you, that we promise does what you want
3) Retain remote admin access to that server to change things without your intervention
4) Regularly run apt-get upgrade without inspecting the code in the new packages because come on now.

Re: Lot's of home IPS block ports that make this n

[MachineShedFred]

Awesome. So this $500 device depends on this company to exist to have any value at all.

Where do I sign up?

Re: Lot's of home IPS block ports that make this n

[MachineShedFred]

It's so precious that you assume they give you the option to change the upstream VPN provider.

Good email appliance?

[PuddleBoy]

While this (Helm) does not sound like the kind of device I would ever buy (too little control, despite all their hype), I would be interested in a piece of hardware that was dedicated to email and nothing else. Easy to use interface (deal-breaker, if it's complicated), supports multiple domains, well-made, supports all the normal protocols and is very stable.

Remove the $99 A Year

[WindowsStar]

Remove the $99 a year charge and I am in. Or give the device to me free with 5TB and just charge the $99 a year and I am in.

Free alternative

[tkrill]

Just to mention, there are completely free and open alternatives https://www.kinguardproject.or... The Kinguard project is an opensource, currently Debian based, solution that incorporates email, calendar, contacts services etc.

How is this "taking on Google"?

[Tony+Isaac]

Google isn't in the on-site email server business, at all. Sure, they have GMail for Business, which one might argue is targeted to the same group of customers. But not really. GMail for Business is targeted at those who don't WANT to have their own on-site server.

I predict that no one will use Help for long, because they will be swamped by spam, and unable to send email because they find themselves on RBLs or because they aren't a trusted domain.

This smells like a slashvertisement.

Alternative

[CanadianMacFan]

For that kind of money spend get something like a Synology NAS which will do your email plus a whole lot more such as backups, cloud, web server, media server, and even WordPress. It'll cost a bit more because you will have to buy the hard drives or SSDs.

Of course as soon as you open up the server to the outside world you become a target. I know that Synology is good at getting the updates out but will the people apply them?

Re: Lot's of home IPS block ports that make this

[Agripa]

I have physical access to all my emails and I use Gmail. Every one has physical access to their email. What was your point?

The point might have been that by operating your own SMTP server, your email is physically secure from others at least in the sense that you will know if it is seized.