paritybit.ca

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE
commit 16f783e8e6d91f53cd5851893bc58e535cd3452e
parent f041dabd46dd751d7978f63c3cc49872c593653c
Author: Jake Bauer <jbauer@paritybit.ca>
Date:   Thu,  2 Jul 2020 20:48:24 -0400

Blog post draft

Diffstat:

Apages/blog/a-month-and-a-half-of-self-hosted-email.md | 82+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


1 file changed, 82 insertions(+), 0 deletions(-)

diff --git a/pages/blog/a-month-and-a-half-of-self-hosted-email.md b/pages/blog/a-month-and-a-half-of-self-hosted-email.md
@@ -0,0 +1,82 @@
+## A Month-and-a-Half of Self-Hosted Email
+
+[//]: # "META_TEXT"
+
+[//]: # "main.min.css"
+
+[//]: #
+
+<div class="byline">
+<b>Written By:</b> Jake Bauer |
+ <b>Posted:</b> [DATE] |
+ <b>Last Updated:</b> [DATE]
+</div>
+
+There's been a lot of talk in my Internet neighbourhood lately about the state
+of email and whether it's broken or not. I previously posted about how I think
+[email is the best discussion
+platform](https://www.paritybit.ca/blog/self-hosted-mail-now-live) so you can
+probably infer my position but I want to add the perspective of someone
+self-hosting email to the discussion since the two major points people are
+talking about are spam and privacy.
+
+I went live with my self-hosted email server on 2020-05-19; almost a month and a
+half ago. Since then, I've been using it daily for all of my email-based
+communications through IMAP (there is no web interface). As I discussed in my
+[blog posts about setting up
+email](https://www.paritybit.ca/blog/preparing-to-self-host-email), I am using
+OpenBSD with OpenSMTPD, Dovecot, and Rspamd which is holding up well as a solid,
+reliable software stack. I have had no issues sending email to any domain, I
+haven't had to do any maintenance on the server except for needing to ssh in a
+couple of times to run `doas sysupgrade` when a patch for the base system was
+released. I've signed up to the OpenBSD mailing list which notifies me when
+these updates are released, so it's a simple matter of logging on, running the
+update, and rebooting the server which takes all of 5 minutes to do. In fact, I
+just ran `uptime` and the server says it's been `up 27 days, 23:16`.
+Additionally, I have package updates run as a daily cron job and I force TLS
+certificate renewal in a monthly cron job. I get daily and monthly emails about
+the output of both of those commands so I can quickly make sure that everything
+is running as it should.
+
+Regarding spam, the number one complaint I hear across the internet when
+self-hosting email is that spam is unmanageable for someone self-hosting their
+own email. I am someone who readily posts
+[mailto:jbauer@paritybit.ca](mailto:jbauer@paritybit.ca) links on my site and in
+a handful of blog posts, I have my Rspamd configuration set up to conservatively
+junk emails instead of outright blocking them (unless they come from a dynamic
+IP address, then they're outright blocked), and I haven't received *a single*
+piece of spam email directed at me. The only actual spam that has landed in my
+junk folder is the very occasional message that slipped past a mailing list's
+filter. I can count on one hand the number of those messages that I have
+received.
+
+I'm not sure what it is, but somehow after leaving a big mail provider (in my
+case it was ProtonMail), I now receive less spam despite using the exact same
+email address and publicly advertising my email. My experience matches that of
+the creator of OpenSMTPD:
+
+> I take absolutely no precaution hiding my e-mail address, gilles@poolp.org,
+> and I sometimes get one or two spam e-mails per day in the junk folder. Not
+> only is that not a daily nightmare, but it’s less than what I actually receive
+> on my own Big Mailer Corps account [...] ([source for the
+> quote](https://poolp.org/posts/2019-08-30/you-should-not-run-your-mail-server-because-mail-is-hard/))
+
+As far as privacy is concerned, I don't have to worry about a company analyzing
+my every inbound and outbound email to gather data on me because I am my own
+provider. Many of my emails still grace Google's and Microsoft's servers with
+their presence, but I recognize that any email not end-to-end encrypted is not
+truly private (though they are still encrypted in transit). If I'm sending
+sensitive data, I would encrypt my message with GPG or use a different medium
+such as Matrix.
+
+If you're running your own mailserver, privacy really becomes a non-issue. I'm
+not going to be discussing intimate details or credit card information with
+someone via email because I recognize the limitations of the medium and I don't
+need to worry about my provider datamining my emails, because my provider is me.
+
+Really, email was built to be a collaboration tool. Back in
+
+_This is my fifty-eighth post for the
+[#100DaysToOffload](https://social.paritybit.ca/tags/100DaysToOffload)
+challenge. You can learn more about this challenge over at
+[https://100daystooffload.com](https://100daystooffload.com)._