[brongondwana]

I figured the "we" after FastMail said that I work here. Quite a lot of our backend source is open too (particularly the Cyrus IMAP server, which makes up the bulk of my work now that I have people with a more dedicated ops role for day-to-day tasks).

We encrypt everything to disk, and everything on the wire that is practical (connecting to other providers still falls back to plaintext if they don't support STARTTLS, because encrypted-only isn't practical yet)

But client connections are ONLY secured now, we don't allow any plaintext channels where you could accidentally send your password.

https://www.fastmail.com/help/technical/ssltlsstarttls.html

So you're stuck trusting us, but only us. The only sane alternative that I can see is to run your own server, on your own hardware, preferably hosted inside your own home for maximum legal protection. Of course, unless you really know your stuff then your data could well be at greater risk from both legal and illegal intercept.

(and that's nice if you're providing it just for yourself - as soon as it's for anyone else, even just family, you become on-call tech support)

Bron.

[noinsight]

> The only sane alternative that I can see is to run your own server, on your own hardware, preferably hosted inside your own home for maximum legal protection. Of course, unless you really know your stuff then your data could well be at greater risk from both legal and illegal intercept.

This is what I do. At home I have a Chromebox with FreeBSD and a fully encrypted disk. I have a VPS with an OpenVPN server and the required ports are forwarded to my own box. IMAP and SMTP submission require TLS so those are fully covered. Like you said though, the only thing you can't reasonably forcibly encrypt is SMTP itself. Most of the mail I receive comes with STARTTLS but not all.

With this setup the VPS provider can't see anything when SMTP happens with STARTTLS. Obviously if they really want to read my mail they can start MITM'ing the STARTTLS away because it isn't forced but this is the best setup that's reasonable.

My ISP for my home can only see encrypted OpenVPN traffic too. In fact the VPS is in another country but that's only a consequence of the silly VPS prices in my country.

Obviously with this setup I don't have to surrender my private key to anyone either, it sits on my own box (and I use a legitimate CA-issued certificate).

[gablegab]

You wouldn't happen to have that set up available via Docker/Packer etc? I like being able to stand on the shoulders of giants :)

[noinsight]

Unfortunately no, I haven't really gotten into that stuff. It doesn't take that much time though if you have a basic knowledge, it took me like a night to set it up.

[e12e]

Great points.

One thing that bothers me about these "encrypted webmail"-services, is that they all depend on TLS for whatever thin sliver of security they provide. Then they go and use something that's not S/MIME and/or x509 for end-to-end (or whatever kind of) encryption/authentication.

At least leaning on pgp makes sense in because it is already somewhat deployed and in-use.

But since they all fall apart if TLS has a hole, it seems odd to add another layer. The complexity of any other solution for encryption/authentication must surely outweigh the benefits of OurCleverCryptoSystem(tm)?

I'm not aware of any advances that have changed the possibilities of asynchronous secure messaging: you can't have PFS, key distribution is hard.

At least with x509/gnupg you can partner with someone like youbikey, and at least pretend to lower the ux friction and increase the real-world security of the system.

/rant

[masida]

You're right about you're being clear about working there, I'm sorry if I've sounded a bit harsh. Thank you for your analysis BTW. I think it's always useful to provide constructive review to fellow developers.

I agree with you that the only alternative is self hosting. That's why I'm anticipating a new wave of low power mini-computers with solid state memory, a fully configured embedded GNU/Linux or *BSD distro, and a webbased interface for management which would make it possible to host our own services at home using OSS only. The FreedomBox is an example of this.