On Fri, 9 Nov 2012 12:59:55 -0500 george torwell <bpmcontrol@xxxxxxxxx> wrote: > i have a few unrelated questions, if i may. > ive noticed that you have your own mail server, which is cool. I don't have my own mail server. I use GMail's servers with my own domains. You can determine this easily from the public DNS: $ host -t mx yon.org.uk yon.org.uk mail is handled by 10 aspmx.l.google.com. yon.org.uk mail is handled by 20 alt1.aspmx.l.google.com. yon.org.uk mail is handled by 20 alt2.aspmx.l.google.com. yon.org.uk mail is handled by 30 aspmx2.googlemail.com. yon.org.uk mail is handled by 30 aspmx3.googlemail.com. yon.org.uk mail is handled by 30 aspmx4.googlemail.com. yon.org.uk mail is handled by 30 aspmx5.googlemail.com. > and i want to set up one myself for privacy reasons. just for me and > a few friends. > would you recommend that? can you share how you did it? In future I'd appreciate it if questions like this could go to the list instead of to me personally. I don't mind sharing my thoughts with the wider community, who can then either learn from them or criticise them (which of course I learn from). But direct communication feels a bit too much like consultation, and as this is my profession and I have children to feed I don't really want to do it for free. This is why I'm replying on-list. If you want to run your own mail server, you need either to hire a VPS or dedicated server, or colocate a machine of your own in a datacentre. While in theory you could run a server off a cable or DSL line, I wouldn't recommend it. Even if your ISP is friendly towards the idea they're unlikely to guarantee you the uptime you need for a reliable service. Never mind that it'll be your home the police are sniffing around if you're doing anything illegal with it. On the server you want to run a Unix-type system. GNU/Linux and FreeBSD are the most popular options, though NetBSD is a good candidate too. (OpenBSD has many advocates but I'm not personally a fan). You then will need to configure an SMTP server. Postfix is included with many distributions and is a reasonable choice. But whichever you choose, configuring a mailserver is not trivial. One mistake you don't want to make is to end up running an open relay, as it'll get you blacklisted by the major providers pretty quickly. To be able to receive mail to your server, you need one or more domains that you can create DNS records for. For mail to foo@xxxxxxxxxxx to be correctly routed, you need to add an MX record in example.com pointing at your server. If you only have the one server, then you'll only need one record, but if your server is down or unreachable then other servers will probably either bounce or blackhole incoming mail. They're under no obligation to queue it for you. So if you don't want that to happen, you should consider running a backup server on a different network (and add a lower priority MX record for it). Note that the need for DNS records precludes foo@xxxxxxxxxxxxxxx as a practical address format. Your mail will have to be routed off-Tor. Would I recommend it? No. Unless you want to do so for the learning experience. SMTP is insecure by design; running your own server doesn't do anything to prevent interception of messages, it merely gives you another system to administer. For security purposes you will achieve more by learning how to use GnuPG to encrypt your mail. You can use this with any email provider, either with tools built into (or added onto) your mail client, or using the standalone tools and C&P. It doesn't solve every problem (e.g. mail headers are plaintext) but it does mean that the body of encrypted messages is not revealed if communication is intercepted, or the server is seized. Julian -- 3072D/F3A66B3A Julian Yon (2012 General Use) <pgp.2012@xxxxxx>
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk