Topic: Lavabit.com and Tormail Email Alternatives... - page 4. (Read 31109 times)

Self-hosting your own mail server is a short term solution for long term problem. e-mail must be retired because of usability and security problems. Just like BBS or Gopher is no longer used by mainstream.

If you read my post, it's not about trust in Mike. He has done a TON for this community. Trust comes in when you update the client, so you peruse the changes and see if they are up to standard. You trust the code, not the people. Here i am speaking to the hard work mike has put in making bitcoinj possible. You'd do well to remember that.

... he's not a legend ... bitcoin is the trust no-one currency, you'd do well to remember that.

you've got to be kidding. If any changes are made the community disapproves of we won't update our clients, simple as that. Mike Hearn is a legend mate don't be a dick.

Thank you for pointing that out. I was of course aware of Namecoin but not Namecoin TLS. I'm setting up a forum (and probably web-based email) with encrypted storage and SSL-only access, and physical hosting at a location I have control over. I don't have a lot of bandwidth so I'm not making it available to to the public (sorry) but I am concerned about making it work.

What I've done is put the root domain and a subdomain on two different physical servers: one has a Comodo SSL certificate and the other has a certificate generated by my own local Certificate Authority. The root certificate hasn't left the machine with the webserver. The domain with the Comodo cert has one thing on it: a download link to my own CA public cert which can be installed into people's browsers or OSes.

This gets me third-party authentication so you know that the cert came from the controller of the domain, and then encryption where the private keys for the server and CA are only on the server and have only ever been on the server.

And it's *really* kind of convoluted. AND if I were offering it publicly, it still wouldn't be an alternative because all it would take is someone physically stealing the server or arresting me and cutting the lock off the case.

Anyhow, I'd been thinking about registering a dot-bit domain as an alternate means of accessing the site. Now I'm considering that much more seriously. Thank you.

I agree the CA system is flawed and proven to be broken/compromised in some important cases.

Namecoin TLS is now at functional state and the concept has been proven. Now it needs some more work (and devs) to bring it to a level where widespread usage is simple.

http://dot-bit.org/forum/viewtopic.php?f=2&t=552

One more thing: why isn't there (or is there that I don't know about?) a web-of-trust model system for SSL certificates? At this point, it seems like the only secure solution is self-signed certificates, and that is only "secure" if you know the person who runs the server.

At this point I would say anyone who wants web-based secure email had better be running their own web and mail servers. Or else they are more trusting than I am that every Certificate Authority in the world isn't CCing everyone's private webserver keys (which the CA's generate) to every three-letter-agency on Earth.

I feel you bro 

The fact that Bitcoin consists of a google developer already makes me nervous to use Bitcoin.

The fact that Mailpile consists of a google developer already makes me nervous to use Mailpile. 

What about creating a Retroshare network with Namecoin identities ?
Anonymous and encrypted messaging, fileshare and posting would be solved and the network cannot be closed.
http://dot-bit.org/forum/viewtopic.php?f=5&t=1089

It's nice to run your own mail server, but you've got to set it up properly or you'll have problems getting your mail delivered.

Make sure reverse DNS is set on the mail server IP address, and setup SPF records and DKIM.

I've had some issues sending mail from my domain dserrano5.es to localbitcoins:


And that google.com page reads:


There are some additional spam-related steps you should take to improve the trust others will have in your domain.

I don't think it will be temporary.. after all he's been through he wants to stick it up to the gov now, he'll find a way to make it permanent.

About hosting your own mailserver: Technically, this is pretty easy. Probably the easiest way would be to get a somewhat decent NAS, as they nowadays have all software ready-to-go, and just use a few tens of watt.

But, would my ente123.com mailserver be accepted by other, regular mailservers? No blacklisting or the like? At least webservers who are open (send mails without registering) or sending spam will quickly be blacklisted.
So, I guess, it's as simple as installing a mailserver daemon, registering any domain and having a static IP (or dyn-dns)?

Ente

i havent done much research into hosting my own server. i use a combination of gmail and bitmessage depending on who im talking to.

im really excited about MailPile though.

The project is run by 3 developers, 1 from google, 1 a member of the Icelandic Pirate Party, and 1 open source user interface developer.

Its still in the works, but should be useable in 6-12 months.

You can follow their progress and look up details here.

http://www.mailpile.is/

any suggestions for hosting your own server?

that may be a temporary solution, but hosting your own server is more likely the long term solution.

additionally, there is bitmessage, a distributed email protocol, similar to bitcoin in some respects.

Wait for the Kim Dotcom solution? 

They are swiss based. Have you seen Switzerland's privacy laws? no good mate

If you aren't looking to use GPG there are very few (if any) mail providers that can promise to keep your emails safe. Depends on what you are looking for, really.