All this new excitement with Lemmy and federation has got me thinking that maybe I should learn to run my own instance. What always comes up though is how email is the orginal federated technology.

I am looking at proxmox and see that is has a built in email server, so now I am wondering if it is time to role my own.

I stopped using gmail a long time ago, and right now I use ProtonMail, but I am super frustrated with the dumb limitation of only having a single account for the app. I get why they do it, and I am willing to pay, but it is pricey and I don’t know if that is my best option. I guess it is worth it since ProtonVPN is included. It looks like they are expanding their suite.

Is it worth it? Can I make it secure? Is it stupid to run it off a local computer on my home network?

  • DidacticDumbass@lemmy.oneOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I guess you got to play the game if you want to win. I Google and Microsoft have the same level of trust from me, so it goes to whoever makes it easier.

    • UselesslyBrisk@infosec.pub
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Pretty much. Its kinda nuts. I just host with Google at this point. Its easier though privacy is a disaster. I consider email to be public at this point though after the Snowden stuff. Have considered moving to something like Photon but their lack of support for contact syncing makes it tough, specifically for my wife. She uses Apple Mail as well, which i THINK photon can now support via IMAP or something, but not having contacts synced is hard.

      That said I back up all of my Google workspace stuff, email included, to a local synology using their app. So i have copies of everything should I need it (ie: google decides to suspend me for no reason.)

      • DidacticDumbass@lemmy.oneOP
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Damn. Privacy is something I was hoping would be a benefit from self-hosting.

        I mean, I haven’t taken the bite yet but it is way more than I can chew. I am not keen on basic stuff like encryption.

        Hell, I just want to have both my email accounts on my phone without paying for it. I think privacy is worth paying for, but I need to be smart about what I trust.

        • UselesslyBrisk@infosec.pub
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Here’s the catch with email via privacy. Unless you are gpg encrypting the email even photon doesn’t matter, as whoever you are sending to likely has it unencrypted at rest on their server.

          And while tls in transit is better than it used to be with their smpts or starttls, plenty of mail servers don’t do it. So even transport is an iffy game sometimes.

          At the end of the day, it’s better to

          A. GPG encrypt the email. Which requires both ends to be technically competent. B. Consider it to be quasi public, like talking quietly in a coffee shop. Most won’t hear it but if someone does shrug

          • DidacticDumbass@lemmy.oneOP
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            Right. One of the articles someone linked basically explained this limitation. So, privacy is kind of an illusion, or a half-true marketing gimmick.