Comment

Comment on Selfhosting Sunday - What's up?

dan@upvote.au ⁨1⁩ ⁨week⁩ ago

I self-host my email and use a VPS for it. I don’t trust my home server to be reliable enough, and the VPS providers have nicer equipment (modern AMD EPYC CPUs, enterprise SSDs, etc). I use a separate VPS just for my emails - it’s the one thing I want to ensure is secure, so I didn’t want any other random software (that could potentially have security issues) running on it…

I also use an outbound SMTP relay to avoid having to deal with IP reputation. SMTP2Go has a free plan for sending <1000 emails per month.

source

Sort:hotnew top

tburkhol@lemmy.world ⁨1⁩ ⁨week⁩ ago
It kind of amazes me that, in this day and age, email has turned out to be the lynchpin of security. Email as a 2FA endpoint. Email password reset systems. If email is compromised, everything else falls. They used to tell us not to put anything in email that you wouldn’t put on a postcard…how did this happen?

source
- dan@upvote.au ⁨1⁩ ⁨week⁩ ago
  That and email protocols are outdated and aren’t too secure. For example:
  
  Neither SMTP nor IMAP have no way to use two factor authentication.
  
  Spam blocking is so hard because SMTP was not designed with it in mind.
  
  SMTP has no way to do end-to-end encryption which is why you need to layer things like GPG on top.
  
  IMAP has a modern replacement in JMAP, but it’s not widespread. SMTP is practically impossible to replace since it’s how email servers communicate with each other.
  
  The “solution” has been for companies to make their own proprietary protocols and apps, for example the Gmail and Outlook apps combined with a Gmail or Microsoft 365 account respectively.
  
  source