Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Running a mail server, or not



On 6/23/2018 11:35 PM, Derek Martin wrote:
> On Wed, Jun 20, 2018 at 04:26:14AM -0400, David Kramer wrote:
>> My main motivations for running my own mail server is that I rely
>> heavily on procmail rules to deliver mail to the right folders, and
>> I am also not crazy about third parties scanning and storing all my
>> mail, though that's negotiable.
> I'm in pretty much this situation, but I've kind of given up on the
> idea that no one should be able to read my e-mail.  The fact is your
> e-mail is already being consumed by the great government surveillance
> machine regardless, since both incoming and outgoing mail has to
> traverse multiple ISP backbones (excepting perhaps the case where all
> your recipients are on your own server), and only crazy people like me
> were ever willing to put up with the hastle of encrypting all their
> mail, so... it's a total loss, pretty much.

No matter how effective the NSA and the deep state and the man behind 
the curtain and J. Edgar's ghosts have been at weakening encryption 
algorithms, it's still a good idea to use end-to-end encryption on any 
emails that you want to keep private. In the first place, most of the 
people you want to prevent reading you emails don't have access to any 
decryption capability, and in the second, even law-enforcement agencies 
will be forced to get a a warrant (admittedly an easy task) or poison 
any evidence they gather. Even if you assume that the AES standard has 
custom-made holes in it for the use of government(s), the "equities" 
issue is as good a defense as any lawyer: if Uncle Sam introduces 
decrypted messages as evidence in a trial, then it has ipso facto 
admitted that it _can_ decrypt them, and thus will have compromised an 
invaluable source of information and offended some campaign contributors 
who would like that not to be true.

No matter what, end-to-end encryption buys you time: you can't prevent 
the powers-that-be from obtaining envelope data, but there are ways 
around that problem, too.

Bill

-- 
Bill Horne




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org