paritybit.ca

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

commit 45d53e47bf19d59edcb52bbbcbf2c203696910ab
parent 16f783e8e6d91f53cd5851893bc58e535cd3452e
Author: Jake Bauer <jbauer@paritybit.ca>
Date:   Fri,  3 Jul 2020 03:04:42 -0400

Publish new blog post

Diffstat:
Mpages/blog.md | 6+++++-
Mpages/blog/a-month-and-a-half-of-self-hosted-email.md | 79+++++++++++++++++++++++++++++++++++++++++++++++++------------------------------
Mpages/home.md | 4++--
Mpublic/feeds/sitewide-feed.xml | 22++++++++++++++++++++++
Mpublic/sitemap.xml | 1+
5 files changed, 79 insertions(+), 33 deletions(-)

diff --git a/pages/blog.md b/pages/blog.md @@ -4,7 +4,7 @@ [//]: # "main.min.css" -[//]: # "2020; sub:May; sub:April; sub:February; 2019" +[//]: # "2020; sub:June; sub:May; sub:April; sub:February; 2019" <a class="rss-icon" href="/feeds/sitewide-feed.xml"> <img src="/img/feed-icon.png" width="15" height="15" alt="Click for RSS"/> @@ -20,6 +20,10 @@ href="https://social.paritybit.ca/@jbauer">Mastodon</a>. ### 2020 <ul> + <li>2020-07-02 <a href="blog/a-month-and-a-half-of-self-hosted-email">A Month-and-a-Half of Self-Hosted Email</a></li> +</ul> +#### June +<ul> <li>2020-06-28 <a href="blog/how-i-keep-my-home-directory-clean">How I Keep My Home Directory Clean</a></li> <li>2020-06-27 <a href="blog/my-first-ctf">My First CTF</a></li> <li>2020-06-26 <a href="blog/use-syncthing-to-sync-things">Use Syncthing to Sync Things</a></li> diff --git a/pages/blog/a-month-and-a-half-of-self-hosted-email.md b/pages/blog/a-month-and-a-half-of-self-hosted-email.md @@ -1,6 +1,6 @@ ## A Month-and-a-Half of Self-Hosted Email -[//]: # "META_TEXT" +[//]: # "There's been a lot of talk in my Internet neighbourhood lately about the state of email and whether it's broken or not. Here's why I think email is just fine as it is, from the perspective of someone self-hosting. [//]: # "main.min.css" @@ -8,17 +8,17 @@ <div class="byline"> <b>Written By:</b> Jake Bauer | - <b>Posted:</b> [DATE] | - <b>Last Updated:</b> [DATE] + <b>Posted:</b> 2020-07-02 | + <b>Last Updated:</b> 2020-07-02 </div> There's been a lot of talk in my Internet neighbourhood lately about the state of email and whether it's broken or not. I previously posted about how I think [email is the best discussion platform](https://www.paritybit.ca/blog/self-hosted-mail-now-live) so you can -probably infer my position but I want to add the perspective of someone -self-hosting email to the discussion since the two major points people are -talking about are spam and privacy. +probably infer my position already. However, I wanted to add the perspective of +someone self-hosting email to the discussion since the two major points people +are talking about are spam and privacy. I went live with my self-hosted email server on 2020-05-19; almost a month and a half ago. Since then, I've been using it daily for all of my email-based @@ -26,19 +26,21 @@ communications through IMAP (there is no web interface). As I discussed in my [blog posts about setting up email](https://www.paritybit.ca/blog/preparing-to-self-host-email), I am using OpenBSD with OpenSMTPD, Dovecot, and Rspamd which is holding up well as a solid, -reliable software stack. I have had no issues sending email to any domain, I -haven't had to do any maintenance on the server except for needing to ssh in a -couple of times to run `doas sysupgrade` when a patch for the base system was -released. I've signed up to the OpenBSD mailing list which notifies me when -these updates are released, so it's a simple matter of logging on, running the -update, and rebooting the server which takes all of 5 minutes to do. In fact, I -just ran `uptime` and the server says it's been `up 27 days, 23:16`. -Additionally, I have package updates run as a daily cron job and I force TLS -certificate renewal in a monthly cron job. I get daily and monthly emails about -the output of both of those commands so I can quickly make sure that everything -is running as it should. +reliable software stack. -Regarding spam, the number one complaint I hear across the internet when +I have had no issues sending email to any domain and I haven't had to do any +maintenance on the server except for needing to ssh in a couple of times to run +`doas sysupgrade` when a patch for the base system was released (I've signed up +to the OpenBSD mailing list which notifies me when these updates are released, +so it's a simple matter of logging on, running the update, and rebooting the +server which takes all of 5 minutes to do). In fact, I just ran `uptime` and the +server says it's been `up 27 days, 23:16`. Additionally, I have package updates +run as a daily cron job and I force TLS certificate renewal in a monthly cron +job. I get daily and monthly emails about the output of both of those commands +so I can quickly make sure that everything is running as it should. Maintenance +is a non-issue for me. + +Regarding spam, the number one complaint I hear across the Internet when self-hosting email is that spam is unmanageable for someone self-hosting their own email. I am someone who readily posts [mailto:jbauer@paritybit.ca](mailto:jbauer@paritybit.ca) links on my site and in @@ -47,8 +49,8 @@ junk emails instead of outright blocking them (unless they come from a dynamic IP address, then they're outright blocked), and I haven't received *a single* piece of spam email directed at me. The only actual spam that has landed in my junk folder is the very occasional message that slipped past a mailing list's -filter. I can count on one hand the number of those messages that I have -received. +filter (usually from a Linux mailing list). I can count on one hand the number +of those messages that I have received. I'm not sure what it is, but somehow after leaving a big mail provider (in my case it was ProtonMail), I now receive less spam despite using the exact same @@ -58,23 +60,40 @@ the creator of OpenSMTPD: > I take absolutely no precaution hiding my e-mail address, gilles@poolp.org, > and I sometimes get one or two spam e-mails per day in the junk folder. Not > only is that not a daily nightmare, but it’s less than what I actually receive -> on my own Big Mailer Corps account [...] ([source for the -> quote](https://poolp.org/posts/2019-08-30/you-should-not-run-your-mail-server-because-mail-is-hard/)) +> on my own Big Mailer Corps account [...] ([source for the quote](https://poolp.org/posts/2019-08-30/you-should-not-run-your-mail-server-because-mail-is-hard/)) As far as privacy is concerned, I don't have to worry about a company analyzing my every inbound and outbound email to gather data on me because I am my own provider. Many of my emails still grace Google's and Microsoft's servers with their presence, but I recognize that any email not end-to-end encrypted is not -truly private (though they are still encrypted in transit). If I'm sending -sensitive data, I would encrypt my message with GPG or use a different medium -such as Matrix. +truly private (though they are still encrypted in transit with TLS). I'm not +going to be discussing intimate details or credit card information with someone +via email because I know the limitations of the medium. If I'm sending sensitive +data, I would encrypt my message with GPG or use a different medium such as +Matrix. -If you're running your own mailserver, privacy really becomes a non-issue. I'm -not going to be discussing intimate details or credit card information with -someone via email because I recognize the limitations of the medium and I don't -need to worry about my provider datamining my emails, because my provider is me. +Back in the early days of the Internet (back before it even _was_ "the +Internet"), [email was used as a collaboration +tool](https://youtu.be/zqcoPrvXSqg) ([invidio.us +link](https://invidio.us/watch?v=zqcoPrvXSqg)) and it still excels at that +purpose. Many people still [find email better to use for +collaboration](https://nhaehnle.blogspot.com/2020/06/they-want-to-be-small-they-want-to-be.html), +as do I. As much as it might seem natural to compare electronic mail to regular +snail mail, it really isn't a replacement for that, only a loose analogy. Sure, +email is a much faster way to send a letter-like message to someone and we get +newsletters and whatnot from corporations just like with snail mail (although +with an easier way to opt-out), but governments, banks, and other institutions +which deal with things such as financial information, licensing, insurance, and +highly sensitive personal information still use snail mail because of the legal +guarantees and the known security model of that system. -Really, email was built to be a collaboration tool. Back in +I know the others talking about this weren't saying exactly this, but I do want +to make the point that just because email doesn't provide the same security +guarantees as snail mail, Matrix, or Signal, doesn't mean it's a broken system; +it just means that it's not built for use cases where those other technologies +excel. Email excels at being a collaboration tool, a way to quickly disseminate +information and announcements, and a way to get in contact with people with whom +you're not close friends. For those purposes, email is working just fine. _This is my fifty-eighth post for the [#100DaysToOffload](https://social.paritybit.ca/tags/100DaysToOffload) diff --git a/pages/home.md b/pages/home.md @@ -20,6 +20,8 @@ extent)! Access through `gopher://paritybit.ca` or `gemini://paritybit.ca`. src="/img/feed-icon.png" width="15" height="15" alt="Click for RSS Feed"/> </a> </div> +2020-07-02 <a class="feed-item" href="blog/a-month-and-a-half-of-self-hosted-email">A Month-and-a-Half of Self-Hosted Email</a> + 2020-06-28 <a class="feed-item" href="blog/how-i-keep-my-home-directory-clean">How I Keep My Home Directory Clean</a> 2020-06-27 <a class="feed-item" href="blog/my-first-ctf">My First CTF</a> @@ -37,8 +39,6 @@ extent)! Access through `gopher://paritybit.ca` or `gemini://paritybit.ca`. 2020-06-20 <a class="feed-item" href="blog/how-to-create-an-rss-feed-for-your-blog-3">How to Create an RSS Feed for Your Blog — 3 — Automating Updates</a> 2020-06-19 <a class="feed-item" href="blog/how-to-create-an-rss-feed-for-your-blog-2">How to Create an RSS Feed for Your Blog — 2 — The Basics</a> - -2020-06-18 <a class="feed-item" href="blog/how-to-create-an-rss-feed-for-your-blog-1">How to Create an RSS Feed for Your Blog — 1 — Why?</a> ### What is a Parity Bit? It is a bit (in the 1's and 0's sense) used in checking for errors in digital diff --git a/public/feeds/sitewide-feed.xml b/public/feeds/sitewide-feed.xml @@ -7,6 +7,28 @@ <description>The feed that covers all notable additions, updates, announcements, and other changes for the entire paritybit.ca website.</description> <item> + <title>A Month-and-a-Half of Self-Hosted Email</title> + <link>https://www.paritybit.ca/blog/a-month-and-a-half-of-self-hosted-email</link> + <guid>https://www.paritybit.ca/blog/a-month-and-a-half-of-self-hosted-email</guid> + <pubDate>Thu, 02 Jul 2020 21:48:12 -0400</pubDate> + <description><![CDATA[<h2 id="a-month-and-a-half-of-self-hosted-email">A Month-and-a-Half of Self-Hosted Email</h2> +<div class="byline"> +<p><b>Written By:</b> Jake Bauer | <b>Posted:</b> 2020-07-02 | <b>Last Updated:</b> 2020-07-02</p> +</div> +<p>There’s been a lot of talk in my Internet neighbourhood lately about the state of email and whether it’s broken or not. I previously posted about how I think <a href="https://www.paritybit.ca/blog/self-hosted-mail-now-live">email is the best discussion platform</a> so you can probably infer my position already. However, I wanted to add the perspective of someone self-hosting email to the discussion since the two major points people are talking about are spam and privacy.</p> +<p>I went live with my self-hosted email server on 2020-05-19; almost a month and a half ago. Since then, I’ve been using it daily for all of my email-based communications through IMAP (there is no web interface). As I discussed in my <a href="https://www.paritybit.ca/blog/preparing-to-self-host-email">blog posts about setting up email</a>, I am using OpenBSD with OpenSMTPD, Dovecot, and Rspamd which is holding up well as a solid, reliable software stack.</p> +<p>I have had no issues sending email to any domain and I haven’t had to do any maintenance on the server except for needing to ssh in a couple of times to run <code>doas sysupgrade</code> when a patch for the base system was released (I’ve signed up to the OpenBSD mailing list which notifies me when these updates are released, so it’s a simple matter of logging on, running the update, and rebooting the server which takes all of 5 minutes to do). In fact, I just ran <code>uptime</code> and the server says it’s been <code>up 27 days, 23:16</code>. Additionally, I have package updates run as a daily cron job and I force TLS certificate renewal in a monthly cron job. I get daily and monthly emails about the output of both of those commands so I can quickly make sure that everything is running as it should. Maintenance is a non-issue for me.</p> +<p>Regarding spam, the number one complaint I hear across the Internet when self-hosting email is that spam is unmanageable for someone self-hosting their own email. I am someone who readily posts <a href="mailto:jbauer@paritybit.ca">mailto:jbauer@paritybit.ca</a> links on my site and in a handful of blog posts, I have my Rspamd configuration set up to conservatively junk emails instead of outright blocking them (unless they come from a dynamic IP address, then they’re outright blocked), and I haven’t received <em>a single</em> piece of spam email directed at me. The only actual spam that has landed in my junk folder is the very occasional message that slipped past a mailing list’s filter (usually from a Linux mailing list). I can count on one hand the number of those messages that I have received.</p> +<p>I’m not sure what it is, but somehow after leaving a big mail provider (in my case it was ProtonMail), I now receive less spam despite using the exact same email address and publicly advertising my email. My experience matches that of the creator of OpenSMTPD:</p> +<blockquote> +<p>I take absolutely no precaution hiding my e-mail address, gilles@poolp.org, and I sometimes get one or two spam e-mails per day in the junk folder. Not only is that not a daily nightmare, but it’s less than what I actually receive on my own Big Mailer Corps account […] (<a href="https://poolp.org/posts/2019-08-30/you-should-not-run-your-mail-server-because-mail-is-hard/">source for the quote</a>)</p> +</blockquote> +<p>As far as privacy is concerned, I don’t have to worry about a company analyzing my every inbound and outbound email to gather data on me because I am my own provider. Many of my emails still grace Google’s and Microsoft’s servers with their presence, but I recognize that any email not end-to-end encrypted is not truly private (though they are still encrypted in transit with TLS). I’m not going to be discussing intimate details or credit card information with someone via email because I know the limitations of the medium. If I’m sending sensitive data, I would encrypt my message with GPG or use a different medium such as Matrix.</p> +<p>Back in the early days of the Internet (back before it even <em>was</em> “the Internet”), <a href="https://youtu.be/zqcoPrvXSqg">email was used as a collaboration tool</a> (<a href="https://invidio.us/watch?v=zqcoPrvXSqg">invidio.us link</a>) and it still excels at that purpose. Many people still <a href="https://nhaehnle.blogspot.com/2020/06/they-want-to-be-small-they-want-to-be.html">find email better to use for collaboration</a>, as do I. As much as it might seem natural to compare electronic mail to regular snail mail, it really isn’t a replacement for that, only a loose analogy. Sure, email is a much faster way to send a letter-like message to someone and we get newsletters and whatnot from corporations just like with snail mail (although with an easier way to opt-out), but governments, banks, and other institutions which deal with things such as financial information, licensing, insurance, and highly sensitive personal information still use snail mail because of the legal guarantees and the known security model of that system.</p> +<p>I know the others talking about this weren’t saying exactly this, but I do want to make the point that just because email doesn’t provide the same security guarantees as snail mail, Matrix, or Signal, doesn’t mean it’s a broken system; it just means that it’s not built for use cases where those other technologies excel. Email excels at being a collaboration tool, a way to quickly disseminate information and announcements, and a way to get in contact with people with whom you’re not close friends. For those purposes, email is working just fine.</p> +<p><em>This is my fifty-eighth post for the <a href="https://social.paritybit.ca/tags/100DaysToOffload">#100DaysToOffload</a> challenge. You can learn more about this challenge over at <a href="https://100daystooffload.com">https://100daystooffload.com</a>.</em></p>]]></description> + </item> +<item> <title>How I Keep My Home Directory Clean</title> <link>https://www.paritybit.ca/blog/how-i-keep-my-home-directory-clean</link> <guid>https://www.paritybit.ca/blog/how-i-keep-my-home-directory-clean</guid> diff --git a/public/sitemap.xml b/public/sitemap.xml @@ -3,6 +3,7 @@ <url><loc>https://www.paritybit.ca</loc></url> <url><loc>https://www.paritybit.ca/home</loc></url> <url><loc>https://www.paritybit.ca/blog</loc></url> + <url><loc>https://www.paritybit.ca/blog/a-month-and-a-half-of-self-hosted-email</loc></url> <url><loc>https://www.paritybit.ca/blog/how-i-keep-my-home-directory-clean</loc></url> <url><loc>https://www.paritybit.ca/blog/my-first-ctf</loc></url> <url><loc>https://www.paritybit.ca/blog/use-syncthing-to-sync-things</loc></url>