I was interested in hosting my own mail server that provides a similar level of privacy for users as Protonmail, ie the server admin cannot read any emails, even those which are not E2EE with PGP. Is there a self-hostable solution to this?

I’m aware the server admin can’t read emails that were sent encrypted using the user’s PGP key, but most emails I get are automated emails from companies/services/etc without the option to upload a public key to send the user encrypted email. If you’re with a service like Protonmail, the server admin still cannot read even these emails.

  • foremanguy@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    10 minutes ago

    I don’t like using “encrypted” email because in fact email is really not a secure protocol by default, you can send secure email to each other but if you’re communicating to gmail, yahoo, outlook… You will lost all your privacy. Hosting an email service is good but do not use encryption when talking randomly to gmail accounts.

  • mspencer712@programming.dev
    link
    fedilink
    arrow-up
    2
    ·
    31 minutes ago

    I host my own for mspencer dot net, used this 15-ish step walkthrough from linuxbabe dot com. Only maybe three instances of spam in two years, gmail and outlook receive my messages just fine, etc. (Successful spammers were using legitimate services, and those services took action when notified. Greylist delays emails by a few minutes but it’s extremely effective against most spammers because they never come back to retry messages after a few minutes, while legitimate senders will.) I don’t know if I would accept blanket advice against self hosting.

    Fundamentally if your mail server can see the addressee, it can see the content. SMTPS encrypts both in the same channel. So at the point where you accept messages and store them in a mailbox, the messages have to be readable.

    Encrypting them at rest isn’t something I currently do, but if you’re going to later serve those messages to an email client that expects to receive clear text, your server needs both the keys and the messages. They can be stored in different places.

    Most of your needs could be met with full disk encryption on the box hosting Dovecot. If you’re worried about being compelled to decrypt, there’s always the deck of cards trick: The pass phrase for full disk encryption consists of a memorized portion plus the letters and numbers of the top N cards in this deck of cards you keep by the server. If someone were to shuffle that deck of cards, and the server were powered down, the encrypted volume would be impossible to recover.

    I’m eager to learn what other Dovecot tricks people can recommend to improve security.

    • davidebro@lemmy.ml
      link
      fedilink
      English
      arrow-up
      1
      ·
      19 minutes ago

      I’m curious - do you use email aliases to help reduce spam or block specific senders more easily? I’ve found that aliases can make a big difference in managing privacy and limiting unwanted messages. Startmail, for example, offers aliases as a convenient option without the need for self-hosting.

  • smpl
    link
    fedilink
    English
    arrow-up
    2
    ·
    4 hours ago

    If the mail is sent unencrypted the admin can read it. What I have is a script that encrypt incoming e-mail with the users key, so that they are stored encrypted on the harddrive. That at least protect against an intruder reading past e-mails. I use a Perl script written by Mike Cardwell for that.

    Another service you might like to have for your users is WKD/WKS, so that senders clients can automatically fetch the public key for your users.

  • nerdovic
    link
    fedilink
    Deutsch
    arrow-up
    4
    arrow-down
    2
    ·
    7 hours ago

    As someone who used to maintain an email setup for a small company, I would stay far away from self-hosting Email.

    • smb@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      13 hours ago

      but then the admin can still read the mail while it arrives ;-)

        • smb@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          2 hours ago

          but maybe only for emails from outside, not for emails from within protonmail? haven’t read any specs of protonmail yet…

      • Quail4789@lemmy.ml
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        3
        ·
        12 hours ago

        There’s no such thing E2EE email. The protocol doesn’t support it.

        • smb@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          3 hours ago

          well for e2ee you obviously have to let one e encrypt the data for the other e. (good luck with newsletters then) for usual services kindly asking them to support either s/mime or gpg for outgoing emails, that would at least make them know the wish, but good luck there too.

          i think the already mentioned solution with encrypting incoming messages on your side just before mda to your inbox should be the closest possible to what op wants. one would need to check if the message is already encrypted and skip encryption for those.

          if you only want the admin of that email (imap) server to not be able to read all emails, maybe placing a separate encrypting server (smtp+encrypt+forward) inbetween outside world and your email imap server could be a solution.

          one should have a look into the logfiles too as some mailers might log message subjects and of course sender/recipients along with ip adresses of incoming/outgoing servers which the op might not want to be readable as well (i dont know protonmail that much)

          also gpg IMHO allows for sign-then-encrypt hiding the signature within the encrypted data which could be wanted. also one might want to look exactly what parts of the messages contents and its headers are encrypted or plaintext on the server before feeling safe from the threat one wants to be protected from.

          • XTL@sopuli.xyz
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            8 hours ago

            And gpg, which op mentions. But the devil’s in the details with encryption.