So this is a mail client that by default deletes all the messages off of the mail server. So your privacy is still dictated by the mail server you choose to use, and then also your data integrity is 100% on you.
I'm not sure I understand how this improves privacy. It also makes things worse by making your email data more susceptible to being lost (which is different than protecting your privacy).
Unless your adversary has a time machine, deleting from the server protects your past e-mails from any server-side compromise.
That's not nothing. :-)
But you're right there are trade-offs. If you don't have good backups, you are indeed increasing the odds of data loss by managing the data yourself. That is also true of encryption of data at rest, you are increasing the odds of data loss to buy some protection against unauthorized access. There are always trade-offs.
I had grand visions for how Mailpile could help mitigate such issues by encrypting the mail and re-uploading back to an IMAP server. But I haven't gotten that written, so for now it's just an idea. Someday, I hope.
I'm going to go out on a limb, and assert that THE most common attack performed against peoples' e-mail, is a jealous person who knows their partner's password logging on to their e-mail and reading their mail.
I know people who have done this. You probably do too.
People trust each other, people routinely tell their loved ones their passwords. And relationships routinely fall apart and trust is routinely violated.
Deleting from the server mitigates this problem and greatly reduces the window of opportunity for the attacker.
The privacy cost/benefit ratio for routinely deleting from the server probably beats every other privacy enhancing technique out there. Super simple, super effective.
Techies too often forget that privacy isn't just about the NSA, APTs and TLAs. The fact is, the people most interested in violating your privacy are the people who know you personally...
It means they can not be subpoenaed for a message that you have already received. That is an important distinction, since much of the time, not having received a given communication is a defense against its incriminating effect.
> It means they can not be subpoenaed for a message that you have already received
How so? Even if you delete a message in Gmail they can still be subpoenaed for it. And usually the subpoena is for metadata anyway, like who sent you a message and when. They still have all that data whether you delete the messages or not.
There’s some ruling that any mail left on the server for more than 60 days or so is considered abandoned and is essentially an all-you-can-eat buffet for law enforcement, even if you search/read it every day.
> In enacting the ECPA, Congress concluded that customers may not retain a "reasonable expectation of privacy" in information sent to network providers. . . [I]f the contents of an unopened message are kept beyond six months or stored on behalf of the customer after the e-mail has been received or opened, it should be treated the same as a business record in the hands of a third party, such as an accountant or attorney. In that case, the government may subpoena the records from the third party without running afoul of either the Fourth or Fifth Amendment.
I'd hesitate to implement it though, because of secondary risks. It would need to be thought through very carefully, and there are a whole bunch of abuse scenarios that would need to be avoided or mitigated.
As a rule, Mailpile does very little when it receives a mail - until the user has interacted with it, we have to assume the mail is junk and/or potentially hostile.
This applies not only to cryptographic attacks, but also to more pedestrian exploitation of bugs in the app itself, or silly things like turning Mailpiles into DDoS attack robots.
It be better if it were actually a native application rather than a web 'app' that uses a local webserver instead of headless chrome. They've traded security for ease of cross platform development. That's not a great choice for software that markets itself based on those traits.
There are already scores of email clients with support for GPG, etc. However more and more people (probably an overwhelming majority nowadays) use webmail only. I suppose they're the intended target.
I myself plan to migrate all of my data to my own services at some point, I already moved away from DropBox to Nextcloud. That could be a good solution to move my family out of the evil gmail, for instance.
Now what I'd like to know is which is better of MailPile, RoundCube, Zimbra, and the many other webmails available...
which essentially provide the whole email stack in a relatively nice bundle it seems (I have not yet forced myself to migrate).
I think mailpile and roundcube are just the "webmail" part of the stack.
It seems like this is designed to be accessed across multiple devices, say a desktop and a phone -- how would you implement something like that without a local or self-hosted webserver? The data has to sync somehow.
I just went to the download page and it says: "Mailpile packages are currently available for recent Debian-derived distributions, including Ubuntu. The packages are architecture-independent and should be compatible with most desktops, servers and embedded hardware (such as the Raspberry Pi). They have been tested on Debian 8, Debian 9 and Ubuntu 16.04 LTS."
So sounds like it will run on the Librem 5 at least.
I like this, but it looks tricky to setup. There is an old dogma that has existed for a long time where people are advised not to run their own mail client because it's rife with show-stopping quirks that require lots of heavy Googling to fix and amend.
Interesting that their FAQ says it's easy to setup, but I don't buy it, at least from previous experience of setting up clients. (I once had to harden my VPS server rather substantially because they are juicy targets for hackers)...And I also once had to make it survive a reboot incase of too many connections were made by people trying to boot the machine offline (DDOS)
from what I’ve read in threads on hn, I thought there was a large chance that your email gets blocked by gmail when hosting your own mail, and that you have to worry more about availability.
I would love to host my own mail though. Am I mistaken, or does mailpile solve those for you?
I'm not sure I understand how this improves privacy. It also makes things worse by making your email data more susceptible to being lost (which is different than protecting your privacy).