If You're Learning About It From Slate, Running Your Own Email Server Is A Horrendously Bad Idea
from the don't-do-this dept
So, Slate has a weird article by Nat Meysenburg suggesting that everyday people should run their own email servers. He admits up front that he doesn't think Hillary Clinton should have run her own email server, but for lots of other people he declares it to be "a good idea."For years, I’ve been trying to convince people that there is value in having an email server in your closet. But few seemed to really get it, so I often found myself wishing for a high-profile example to illustrate why it is a good idea. That wish has, in a way, come true: The casual news consumer has had the pleasure of hearing about a “private email server” quite a lot over the past year.Except, beyond that, he's basically wrong. Yes, if you're really technologically savvy and want to do it, you can absolutely run your own email server. Though, honestly, it's probably going to be kind of a pain, because you'll need to constantly be patching it and protecting it, and even then it will probably be significantly less secure than if you use an online provider. Meysenberg is right on only one point, barely, and it's that if you run your own email server, and the government wants to get access to it, at least you'll know about it:
When your emails reside on a cloud provider’s server, the owners of that server are ultimately who decide when to let the government, or any other party, access those emails. In the case of your work’s server, those choices are made by your employer. In the case of Gmail (or any other cloud provider), this choice is typically made by the company’s legal team, based on its evaluation of the government’s demands. Most of the big companies, including Google, do have a policy of notifying users about demands before they hand over the requested data, which would give you an opportunity to assert your rights in court. However, there are many cases in which the government’s demand will be accompanied by a gag order forbidding the company from providing that notice.And, thus, he notes:
Having a private server in your home side steps these uncertainties. At home you as a private individual have the ability determine who has access to your email inbox—just like you have a right to determine who has access to that box of old love letters from high school. By owning the server, all requests for data have to go through you (and/or your lawyers), and any confiscation of the physical hard drives on which your emails are stored requires a search warrant for your home. And unlike with email stored in the cloud, it will always be obvious if and when the police seize your email server.But, of course, none of that stops the government from getting your server if they want it... it's just that in this one case you'll know about it.
And for what tradeoff? Well, there are some pretty big ones. If you're not particularly skilled and experienced with online security issues, your personal email server is almost certainly significantly less secure than the big companies that have strong security teams and are constantly making it stronger and on the lookout for attacks. If you're that good, you're not learning about the issue of hosting your own email server for the first time in... Slate.
The article insists that it's a myth that running your own server is a security nightmare, but I've yet to see an online security expert who agrees with that even remotely. Even the comments to the Slate piece are filled with IT folks screaming about what a bad idea this is.
In the end, this seems to be an issue of tradeoffs and skills. If you're quite skilled with online security and you think the government might want secret access to your email, then maybe in some limited cases, it might make more sense for you to run your own server -- though, even then you're exposing yourself to being hacked by the government too, because, you know, they do that kind of thing also in some cases. Otherwise, you're almost certainly opening yourself up to a home IT nightmare and a lot more trouble than it's worth for significantly less security.
In short, even if you're not Hillary Clinton, running your own email server is a bad idea. And if you're just now getting the idea from Slate... then it's a really bad idea.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: email, email server, privacy, security, warrants
Reader Comments
Subscribe: RSS
View by: Time | Thread
Well, only one way to respond to that: Shut down the comments and claim that they're doing so because they care so much about their readers that they want to dump them elsewhere.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
If you have to ask how to turn it off, you should leave it on.
If you don't know 100% how to run a home server, any home server, you have more learning to do before you power one up.
[ link to this | view in chronology ]
Re: UAC
And I too turned it off for a few limited times. When setting up my family's computers, I'd have to perform dozens of administrator actions, and each one caused one to three UAC prompts. Ever had to create a new folder in Program Files? That caused 2 that I remember - one to create the folder, and then one to rename it :-/ Even just looking at your own environment variables required administrator permissions. So I would enable the hidden administrator (which isn't bothered by the UAC), set it up, then disable the administrator and reboot.
Eventually MS moved the UAC boundaries to make it much less onerous, and I haven't needed to do that for a while now.
[ link to this | view in chronology ]
Also
All in all - this is definitely not a job for someone who does not know computers. you don't just download a program and start running it. You would have to be extra paranoid to see value in this.
[ link to this | view in chronology ]
Re: Also
[ link to this | view in chronology ]
Re: Also
Once it is set up you spend nearly no energy/time maintaining it other than to do your normal patches that you'd do anyway as part of your computer's update.
I would not recommend Microsoft technologies. Linux technologies I couldn't recommend enough.
[ link to this | view in chronology ]
Re: Also
Most ISPs block inbound SMTP port 25. The workaround would be use a third-party relay service to receive emails on an alternative port (e.g. port 26). Some of providers are Dynu, dnsdynamic. You can use outbound SMTP relay service to send out emails as well. They only send and receive emails for you and do not keep a copy of your emails, so it is more private to some extent.
[ link to this | view in chronology ]
just no
[ link to this | view in chronology ]
Something to look into if you aren't already.
That's only one of a few links I've found recently about this issue.
[ link to this | view in chronology ]
Re: Something to look into if you aren't already.
https://www.techdirt.com/articles/20160610/07561834679/yes-getting-us-government-out-managing -internet-domain-governance-is-good-thing.shtml
[ link to this | view in chronology ]
PGP/GPG
I'd wager its easier to learn PGP/GPG than it is to learn to maintain an email server. And when done right, PGP/GPG has greater potential for maintaining privacy than trying to run your own server.
[ link to this | view in chronology ]
Re: PGP/GPG
No need to wager on that. I think it's easily proven that learning PGP/GPG is SIGNIFICANTLY easier than setting up a home server -- especially these days as newer tools have made email encryption easier.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Now you're talking about some real money though, so you'd better be getting significant benefit.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
I think AC was talking about putting your own server in a data center, not using a virtualized cloud server.
[ link to this | view in chronology ]
Re: Re:
Along with the benefits o access for law enforcement, and concentrated data streams for them to tap.
What I want to know, is why is it so difficult to get a static IP in many of the so called democratic countries, as the lack of such is a majpr reason that true distributed systems for social networking are difficult to get adopted.
It wouldn't the governments not wanting people to be able to communicate without being monitored would it?.
[ link to this | view in chronology ]
Re: Re: Re:
I would guess because of the scarcity of v4 IP addresses. It might become much easier to get a static v6 address, but inertia might cause ISPs to continue to deny or charge for the capability. Or, it could be as simple as it's something they can charge for, so they do. After all, there's little or no competition.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
I don't think so...
[ link to this | view in chronology ]
This is avoiding a much bigger conversation about an existential issue of the internet today: Is it "safe" at all to operate any device on it for anybody? Shouldn't you leave operating your computer and your smartphone and your DVR to the experts, too, if the same security concerns apply? (Spoiler alert: The answer is yes). What about individual pieces of software? Your browser? Your instant messenger? Your spreadsheet? (Still yes).
Is the future of the internet for consumers just giant managed services packages? Do we eventually outlaw free software over security concerns? Do we get rid of the internet as a network of independently managed autonomous systems altogether and replace it something that is much more easily managed and regulated?
Hyperbole? Leap? Imagine for a moment that in the real world, a bunch of small nation states housed a population of mostly criminals that send out robots all over the world to automatically break into your house to steal your wallet. And if they can't find a wallet, they put up advertising posters on every wall of your home and hide cameras in every corner instead. Or imagine living in the old west, if you aren't into absurd speculative fiction. It couldn't be allowed to go on, could it?
I am afraid that if the answer to the actual security problems of the internet is nothing but a laconic, "leave it to the experts and centralize", you can pretty much start a countdown timer on the whole thing. I'm usually not much for the whole entrepreneurial innovator spirit thing, but I'd feel much better if at least a few folks piped up with good technical solutions for the challenge at hand instead. Or at the very least, if folks demanded those solutions, instead of going "hurr durr, just get gmail, idiot".
[ link to this | view in chronology ]
Re: there is a solution to the cloud
I fully agree, but why are we in this sad state of security, one where it takes an expert to run *any* software at home?
It's because our operating systems are designed like that!
Take 1980/90's Unix for example. It was a multi user system where the users where professors and students. They needed a system where they could do whatever they wanted except destroying other people's data. Unix offered exactly that. (And nothing more).
All current operting systems are still based upon that same basic architecture. And this architecture requires *the end user* to be responsible for their own data. The user must decide before running a program if it will be beneficial or harmful, the operating system won't second guess the user.
This is the very reason that every click could lead to malware. And how is a user going to decide if a piece of javascript that is going to be downloaded is beneficial or harmfull before downloading? (That's a mission impossible).
The solution:
There are other architectures for operating systems. These run every process in a sandbox. And programmers would break up monolithic process into separate services so, for example, a malicious jpeg image cannot infect the browser, it just leads to a broken image on the screen.
This German company is getting quite far into putting it into production.
http://genode.org.
[ link to this | view in chronology ]
Re: Don't try this at home...
Better to start with running your own home router using OpenWRT or equivalent. Running your own router software will give you the opportunity to monitor what the rest of "your" devices are telling the world.
Then set up your own Tor hidden service so you can more safely access your own home stuff while traveling.
[ link to this | view in chronology ]
Devil's Advocate
PRISM parses all of gmail for keyword or metadata "selectors". Worrying about the government looking at your stuff is not limited to the government targeting you to begin with. Running your own email server is a huge benefit against government intrusion (unless you're already suspected for a crime big enough that the FBI's after you, in which case ¯\_(ツ)_/¯ ).
Now, SECURITY wise, god no. You'll be popped within the first few hours a 0-day for whatever email server software you're using is publicized.
[ link to this | view in chronology ]
The service is still under development, but is already really nice. Check it out: www.protonmail.com
[ link to this | view in chronology ]
The main reason I want my own e-mail server is simply that I do not want an ad network to read my e-mails and do who knows what with the collected data down the road. Plus I like to own my data, not some company. And even if I would trust a company I might not trust the next owners down the road. Yes, I can encrypt all my e-mail, but then I would need to convince everybody sending me e-mails to do the same, which isn't going to happen anytime soon. So, we're back at square one: I would have to trust a company. Never going to happen. Companies aren't there to make the world a better place for me, they're there to generate revenue.
Apart from that: running your own MX can be tricky. But naming updates as the problem is the wrong issue, since Linux distributions make the updates trivial (just make sure you're subscribed to the security announcement channel and run your distributions update tool afterwards; if you want to be more proactive – never a bad idea – you can also subscribe to other security related channels and often know in advance about attacks and possible mitigations). Far worse is usually the configuration of an SMTP server, which many people get wrong and thus create an open relay. But hey, there are distributions specifically tailored to the "my own home server" case, which make all this very easy.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Lots of how-to guides exist, and adding one more is unlikely to help. Rather than documenting the complex procedure, someone needs to make it actually easy. This is basically the goal of the FreedomBox project—make it easy to run your own server (email and other services, with automatic security updates), in your own home without relying on "cloud" services. Providing 4th-amendment protection was an explicit justification. But I haven't seen a lot of progress.
[ link to this | view in chronology ]
Re:
"Very easy" is a relative term. Easy for someone comfortable with installing and configuring Linux server software? Sure. Easy for the average Slate reader? No way.
[ link to this | view in chronology ]
Re:
You can avoid those problems by paying someone for mail service, and backing up the data (which is easy with IMAP access). Some domain name providers will give you DNS and mail for free when you register a domain.
[ link to this | view in chronology ]
email why not , cloud AND server?
like I said, not an IT guy, but would this be an difficult thing to do?
[ link to this | view in chronology ]
Re: email why not , cloud AND server?
[ link to this | view in chronology ]
Re: Re: email why not , cloud AND server?
[ link to this | view in chronology ]
That's what it's for in the first place. To prevent people in the middle from reading your mail, no matter who they are.
[ link to this | view in chronology ]
Very low wattage
Overlooked in this issue is the fact that plain text emails are just look a snail mail postcard; anyone can read it while in transit. Having your own email server does not stop this.
[ link to this | view in chronology ]
Re: Very low wattage
[ link to this | view in chronology ]
DIY for Dummies
[ link to this | view in chronology ]
Re: DIY for Dummies
[ link to this | view in chronology ]
Re: Re: DIY for Dummies
[ link to this | view in chronology ]
I've run several
Of course, being a home server, it's not trying to handle thousands of email addresses or clients, nor ever having to deal with State communications, FOIA requests, or classified documents.
[ link to this | view in chronology ]
For tech types
It's not for everyone, though. And it's not intended to be.
[ link to this | view in chronology ]
They'll have to pry my mail server out of my cold dead fingers.
[ link to this | view in chronology ]
Re:
Way better why?
[ link to this | view in chronology ]
It's not that hard.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
most people cannot truly afford lawyers to begin with
the thought that by having an email server in your home you'll magically also have access to a lawyer to stop the government from snooping is absurd
[ link to this | view in chronology ]
Horrendous article
Mike is wrong about patching and maintaining the server. In the beginning people used to run their servers with dial up access. That meant that they would dial up in the middle of the night connect and collect their email. Same with news servers. As far as maintenance of the server goes patches are just that and they are no more difficult to do than it would be for someone running Linux as their desktop computer, or someone working on a raspberry pi project. Doing patches is as simple as doing updates that you would normally do to keep a Linux workstation updated. Also, there are Linux distributions for everything you can imagine so it isn't beyond conceiving that a distribution image couldn't be created for an email server where the installer prompts for the necessary credentials providing instructions to make the process simple to setup.
There are a few guides that are very good at covering all the bases. In the end when completed you have a solid secure server capable of eliminating spam and malware.
If you stick with the status quo you are likely to get caught up in the mass breaches and your privacy cannot be guaranteed. When you do it yourself you are a much smaller target and you have control over who can access your server.
I am someone that's been in the industry for over 30 years and it troubles me to no end that everyone doesn't maintain their own email servers. In the time that I have maintained my own email server I have had zero incidents and little to no need for maintenance, except for updates and patches that come as part of my daily routine.
[ link to this | view in chronology ]
Re: Horrendous article
[ link to this | view in chronology ]
Re: Horrendous article
Therefore you are not who Mike is talking about. Picture someone who doesn't know the difference between the internet and a web browser trying to set up and maintain their own email server. It's ludicrous. As an IT professional, it's very easy to lose perspective on the skill and knowledge gap between people like you and people who can barely manage to operate their smartphones. My brother in law asked me to set up Pandora on his Kindle tablet (the only reason he has it at all is because it's a gift) because he had no clue how to do it. And you want this person to set up an email server? He wouldn't even know what the word "server" means.
[ link to this | view in chronology ]
Re: Re: Horrendous article
My point is that everyone should have their own email server. Some people don't set up their own stereo system. They pay someone more experienced. The same goes for email servers. After an email server is properly set up it takes little maintenance.
Frankly, Mike doesn't know who he's talking to/about. He's just wrong.
[ link to this | view in chronology ]
Re: Re: Re: Horrendous article
To even get to that point, you have to understand what an email server is, the fact that it's possible to have one in one's home, that one can pay someone to set it up, and why one might want to. You're still massively overestimating the technical savvy of a whole lot of people.
After an email server is properly set up it takes little maintenance.
And who is going to do that little maintenance? The guy who wouldn't even know how to install antivirus on Windows? He's going to keep a Linux installation up to date?
Besides that, there are reasons not to do it. For example, if you're away from home and any of the following fail, you can't get your email:
- the power at your house (even if it comes back on you have to make sure everything is set up to reboot when power is restored)
- your home internet connection
- the router
- the cable/DSL modem if any
- the server itself or any critical components therein
Use a good third party provider and there's backup for all that stuff.
[ link to this | view in chronology ]
As someone who actually has their own email server
[ link to this | view in chronology ]