
Mailpile: Email that protects your privacy - decentralizer
http://www.mailpile.is/
======
jedberg
So this is a mail _client_ that by default deletes all the messages off of the
mail server. So your privacy is still dictated by the mail server you choose
to use, and then also your data integrity is 100% on you.

I'm not sure I understand how this improves privacy. It also makes things
worse by making your email data more susceptible to being lost (which is
different than protecting your privacy).

~~~
HerraBRE
Unless your adversary has a time machine, deleting from the server protects
your past e-mails from any server-side compromise.

That's not nothing. :-)

But you're right there are trade-offs. If you don't have good backups, you are
indeed increasing the odds of data loss by managing the data yourself. That is
also true of encryption of data at rest, you are increasing the odds of data
loss to buy some protection against unauthorized access. There are always
trade-offs.

I had grand visions for how Mailpile could help mitigate such issues by
encrypting the mail and re-uploading back to an IMAP server. But I haven't
gotten that written, so for now it's just an idea. Someday, I hope.

Disclaimer: I wrote Mailpile. :-D

~~~
HerraBRE
To expand on this slightly, and illustrate:

I'm going to go out on a limb, and assert that THE most common attack
performed against peoples' e-mail, is a jealous person who knows their
partner's password logging on to their e-mail and reading their mail.

I know people who have done this. You probably do too.

People trust each other, people routinely tell their loved ones their
passwords. And relationships routinely fall apart and trust is routinely
violated.

Deleting from the server mitigates this problem and greatly reduces the window
of opportunity for the attacker.

The privacy cost/benefit ratio for routinely deleting from the server probably
beats every other privacy enhancing technique out there. Super simple, super
effective.

Techies too often forget that privacy isn't just about the NSA, APTs and TLAs.
The fact is, the people most interested in violating your privacy are the
people who know you personally...

------
Sephr
This doesn't appear to support read receipt privacy, which is when the mail
server caches tracking images on-delivery instead of on-read.

I shouldn't have to expose my email viewing habits just to get auto-displaying
images in my email client.

~~~
HerraBRE
That's an interesting idea.

I'd hesitate to implement it though, because of secondary risks. It would need
to be thought through very carefully, and there are a whole bunch of abuse
scenarios that would need to be avoided or mitigated.

As a rule, Mailpile does very little when it receives a mail - until the user
has interacted with it, we have to assume the mail is junk and/or potentially
hostile.

See the chapter on Oracles here:
[https://research.checkpoint.com/cryptographic-attacks-a-
guid...](https://research.checkpoint.com/cryptographic-attacks-a-guide-for-
the-perplexed/) \- automatically triggering sender-controlled network access
based on the contents of e-mail opens the door for such things.

This applies not only to cryptographic attacks, but also to more pedestrian
exploitation of bugs in the app itself, or silly things like turning Mailpiles
into DDoS attack robots.

------
superkuh
It be better if it were actually a native application rather than a web 'app'
that uses a local webserver instead of headless chrome. They've traded
security for ease of cross platform development. That's not a great choice for
software that markets itself based on those traits.

~~~
wazoox
There are already scores of email clients with support for GPG, etc. However
more and more people (probably an overwhelming majority nowadays) use webmail
only. I suppose they're the intended target.

I myself plan to migrate all of my data to my own services at some point, I
already moved away from DropBox to Nextcloud. That could be a good solution to
move my family out of the evil gmail, for instance.

Now what I'd like to know is which is better of MailPile, RoundCube, Zimbra,
and the many other webmails available...

~~~
dbmueller
Just as a heads-up, you should maybe have a look at mailcow and mail-in-a-box:

* [https://mailcow.email/](https://mailcow.email/) * [https://mailinabox.email/](https://mailinabox.email/)

which essentially provide the whole email stack in a relatively nice bundle it
seems (I have not yet forced myself to migrate). I think mailpile and
roundcube are just the "webmail" part of the stack.

~~~
bpfrh
vote for mailcow.

Have it running about half a year and am really happy about it.

If you have the time imho migrating is worth it.

You can transfer your old mails via imap to mailcow, so migrating is easy

------
dang
Some of the larger threads:

2014
[https://news.ycombinator.com/item?id=8315086](https://news.ycombinator.com/item?id=8315086)

2014
[https://news.ycombinator.com/item?id=7162299](https://news.ycombinator.com/item?id=7162299)

2013
[https://news.ycombinator.com/item?id=6243936](https://news.ycombinator.com/item?id=6243936)

2013
[https://news.ycombinator.com/item?id=6152046](https://news.ycombinator.com/item?id=6152046)

------
amelius
> Mailpile is an e-mail client! Mailpile is a search engine and a personal
> webmail server (...)

Does it run on my phone?

~~~
decentralizer
Yes, it is possible. You need to run as 'mailpile --www=0.0.0.0:33411 --wait'

and go to [https://[Local](https://\[Local) IP of Server]:33411

~~~
arghwhat
No, that is not running it on your phone. That is _accessing_ it on your
phone.

~~~
mike-cardwell
I just went to the download page and it says: "Mailpile packages are currently
available for recent Debian-derived distributions, including Ubuntu. The
packages are architecture-independent and should be compatible with most
desktops, servers and embedded hardware (such as the Raspberry Pi). They have
been tested on Debian 8, Debian 9 and Ubuntu 16.04 LTS."

So sounds like it will run on the Librem 5 at least.

------
HerraBRE
I wrote [most of] Mailpile. I'll check back here now and then and try to
answer any questions folks have.

------
octosphere
I like this, but it looks tricky to setup. There is an old dogma that has
existed for a long time where people are advised not to run their own mail
client because it's rife with show-stopping quirks that require lots of heavy
Googling to fix and amend.

Interesting that their FAQ says it's easy to setup, but I don't buy it, at
least from previous experience of setting up clients. (I once had to harden my
VPS server rather substantially because they are juicy targets for
hackers)...And I also once had to make it survive a reboot incase of too many
connections were made by people trying to boot the machine offline (DDOS)

([https://www.mailpile.is/faq/#int-6](https://www.mailpile.is/faq/#int-6))

> _How hard will it be to install Mailpile?_

> _It should simply be a double-click to launch an installer on Windows, or
> dragging an app to the Applications folder on the Mac._

> _On Linux we hope to provide native packages for most of the popular
> distributions._

~~~
jammygit
from what I’ve read in threads on hn, I thought there was a large chance that
your email gets blocked by gmail when hosting your own mail, and that you have
to worry more about availability.

I would love to host my own mail though. Am I mistaken, or does mailpile solve
those for you?

~~~
bpfrh
As long as you use a VPS with a dedicated IP and configurer DKIM and SPF
correctly gmail doesn't block you.

A easy solution for selfhosting would be mailcow.

Setup is basically a shell script which sets up the docker containers.

Backup and update is also just a shell script. Includes spamfilter and a nice
webgui as well as the sogo webmail.

Mailpile is just a client, it has no bearings on the privacy.

