[Discuss] Running a mail server, or not
Bill Horne
bill at horne.net
Sun Jun 24 13:20:40 EDT 2018
On 6/23/2018 11:35 PM, Derek Martin wrote:
> On Wed, Jun 20, 2018 at 04:26:14AM -0400, David Kramer wrote:
>> My main motivations for running my own mail server is that I rely
>> heavily on procmail rules to deliver mail to the right folders, and
>> I am also not crazy about third parties scanning and storing all my
>> mail, though that's negotiable.
> I'm in pretty much this situation, but I've kind of given up on the
> idea that no one should be able to read my e-mail. The fact is your
> e-mail is already being consumed by the great government surveillance
> machine regardless, since both incoming and outgoing mail has to
> traverse multiple ISP backbones (excepting perhaps the case where all
> your recipients are on your own server), and only crazy people like me
> were ever willing to put up with the hastle of encrypting all their
> mail, so... it's a total loss, pretty much.
No matter how effective the NSA and the deep state and the man behind
the curtain and J. Edgar's ghosts have been at weakening encryption
algorithms, it's still a good idea to use end-to-end encryption on any
emails that you want to keep private. In the first place, most of the
people you want to prevent reading you emails don't have access to any
decryption capability, and in the second, even law-enforcement agencies
will be forced to get a a warrant (admittedly an easy task) or poison
any evidence they gather. Even if you assume that the AES standard has
custom-made holes in it for the use of government(s), the "equities"
issue is as good a defense as any lawyer: if Uncle Sam introduces
decrypted messages as evidence in a trial, then it has ipso facto
admitted that it _can_ decrypt them, and thus will have compromised an
invaluable source of information and offended some campaign contributors
who would like that not to be true.
No matter what, end-to-end encryption buys you time: you can't prevent
the powers-that-be from obtaining envelope data, but there are ways
around that problem, too.
Bill
--
Bill Horne
More information about the Discuss
mailing list