

Ask HN: Good 'private' e-mail provider/setup - mosselman

Hi all,<p>A little background:
A while back I stepped away from GMail as my main mail provider because of privacy concerns (now confirmed), but I am still not happy with my current e-mail. Mainly I am hosting with a big US based webhost that includes e-mail.<p>What I&#x27;d like is to host my e-mail in a country like Germany or Sweden or something. I&#x27;d rather not host in my own country (the Netherlands) because I think it might be a good strategy to not do so.<p>My question:
How can I setup e-mail in a rather &#x27;NSA-proof-way&#x27; (as a HN post called it) without (preferably) resorting to self-hosting.<p>Main points of interest (from &#x27;security&#x27; point of view) (feel free to add&#x2F;subtract in comments):
1. SSL&#x2F;TLS (obviously)
2. Some type of encryption on the server (see 3.)
3. Preferably an employee of the company can&#x27;t see my e-mails (hard one it seems?)
4. Country&#x27;s laws should make it hard to gain warrants for the e-mails<p>Apart from this some practical issues come into play:
1. Storage space (2GB &lt;)
2. Number of mailboxes (8+)
3. Number of connections (&#x27;many&#x27; devices)
4. IMAP, SMTP, (Push has lost love?)
5. Reliable service
6. Good support
7. Webmail
8. Either backups or SSH access to do that myself<p>Have I left anything out? (it is late)<p>I understand that encryption on the server is something you can do better yourself (http:&#x2F;&#x2F;sealedabstract.com&#x2F;code&#x2F;nsa-proof-your-e-mail-in-2-hours&#x2F;), but as far as I have understood managing your e-mail server is not much fun and can be a huge pain. I have to somewhat be able to rely on my e-mails working. I also understand that despite me caring about e-mails being encrypted, my recipients probably use GMail anyway, but THAT is outside of my control.<p>Pricing is less important as I&#x27;d first like to find out what the options are.<p>Any help&#x2F;suggestions? Google has not been a great advisor on this one.
======
stfu
Same here, looking to join your quest. In an ideal world there would be out-
of-the-box setups, that one could just smack on any linux based host for
something like that. Ideally (amongst others) also a non-logging vpn setup
also for self-hosting.

~~~
mosselman
Thanks for the support, but I think we are on our own here.

What I am thinking about:

The tricky part, as far as I have read, about managing your own e-mail is that
spam lists are kind of easy to get onto and hard to come off of. So, since I
have accepted the fact that e-mail is insecure once sent (recipients use
Gmail, Hotmail, etc), I could go with sending e-mail through a proper provider
and receiving on my own server with encryption. Though this might be a bit
cumbersome.

Any thoughts?

~~~
pwg
> spam lists are kind of easy to get onto and hard to come off of.

I have been hosting my own email since somewhere around the 1998 time frame,
across four different links and three ISP's, and it still just works. Never
been put on any spam lists that I know about.

~~~
mosselman
Thanks, it is good to hear a different sound with regards to self-hosting.

------
pwg
> but as far as I have understood managing your e-mail server is not much fun
> and can be a huge pain.

Not at all, provided you stay away from "sendmail". Sendmail's config language
is likely why "email hosting" gained such a bad reputation.

Check out postfix ([http://www.postfix.org/](http://www.postfix.org/)). It is
quite easy to setup (all things considered, you will have to learn a little
bit, but such is life) and once setup the only involvement is when you want to
change/upgrade/add something.

