FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux General Discussion

 
 
LinkBack Thread Tools
 
Old 10-13-2012, 10:21 PM
Menachem Moystoviz
 
Default Suggestions for email for a paranoid Archer

On Fri, Oct 12, 2012 at 3:19 PM, Kevin Chadwick <ma1l1ists@yahoo.co.uk> wrote:
>> My other option is to host my own mail server, either at home or on a
>> VPS (which would cost more),
>> which means much lowered reliability, which means much lowered
>> reliability
>
> Sending to you directly as this mail was rejected by the list!!!
That's a pity, this mail is informative, however the mods might
disagree with the tone you used with respect to Yahoo and Microsoft.
Not that I disagree that it is an objectionable practice to misinform one's
customers. It's just that saying it the way you said it could insult
some people.
>
> That's debateable, DOS sure, but you have much greater control and speed
> of access with a local mail server and past mail will still be
> accessible during any attack.
I wasn't referring to DOS/DDOS-style reliability. In my mind,
reliability ~= uptime > 99.999%
Of course, you're correct in noting that the fact that a VPS is, by
definition, distant from me,
means that in case of a network outage or DOS attack, email is
inaccessible and therefore
a server at home is better in this respect.
>
> For other parts of the thread, it's worth noting that Google is the
> only one of the largest three providers that offers encryption between
> MTAs though it's SSL is also incompatible with some/possibly many
> servers and falls back to plain text. You can only check that on your
> own server of course.
So basically, you're saying that when I send email through Google's SMTP
services, they try their best to keep the connections secure? Shouldn't that
be, you know, standard?
>
> The fact Yahoo and Microsoft offer ssl to pop clients without telling
> them they don't offer SSL between MTAs for performance reasons is
> actually quite disgusting.
If this is true, then it is definitely an objectionable practice, and
should be widely published.
It would be like an electrical company claiming they provide energy
from clean, renewable sources,
when the greenhouse gasses emitted by constructing the power plant
exceed those emitted
by a similarly scaled coal plant over its entire lifetime

Basically, as far as I can see, my options - my own server at home, a
VPS or Webmail -
are ordered on several related scales of varying degrees of
abstraction, responsibility,
required trust, ease of implementation and guaranteed quality of implementation.

In sum, this means that my best option now, given my limited budget,
is to start out
with Google Apps for my own subdomain (gesh.uni.cx, provided by
freedns.afraid.org),
and from there, as my budget and time will allow, upgrade first to a
VPS and from
there to a server at home.

Unless someone offers a better path, this is the path I see for myself.
Thank you all for your time and help.

Gesh

Now, to find a GPG server on which to host my public key (and to
figure out how to generate one)
and to find a good backup solution (my siblings use Crashplan, and
therefore I could backup onto
their boxes. However, I've heard good stuff about SpiderOak... Maybe I
should use a combined
Crashplan-SpiderOak solution? Decisions, decisions, ...)
 
Old 10-14-2012, 01:10 AM
Gaetan Bisson
 
Default Suggestions for email for a paranoid Archer

[2012-10-14 00:21:15 +0200] Menachem Moystoviz:
> On Fri, Oct 12, 2012 at 3:19 PM, Kevin Chadwick <ma1l1ists@yahoo.co.uk> wrote:
> > Sending to you directly as this mail was rejected by the list!!!
> That's a pity, this mail is informative, however the mods might
> disagree with the tone you used with respect to Yahoo and Microsoft.

The problem isn't Kevin's tone, it's that he never gives any single
reference to support his claims. He assumes people will just believe him
and gives them no means to search for more information.

> > That's debateable, DOS sure, but you have much greater control and speed
> > of access with a local mail server and past mail will still be
> > accessible during any attack.
> I wasn't referring to DOS/DDOS-style reliability. In my mind,
> reliability ~= uptime > 99.999%
> Of course, you're correct in noting that the fact that a VPS is, by
> definition, distant from me,
> means that in case of a network outage or DOS attack, email is
> inaccessible and therefore
> a server at home is better in this respect.

So to access your emails when your server is being DDOS'd, you need to
sit at home where you are virtually cut off from the Internet. Clearly,
in this respect, a VPS is much better as its connection will withstand
much larger DDOS attacks than your home DSL.

> > For other parts of the thread, it's worth noting that Google is the
> > only one of the largest three providers that offers encryption between
> > MTAs though it's SSL is also incompatible with some/possibly many
> > servers and falls back to plain text. You can only check that on your
> > own server of course.
> So basically, you're saying that when I send email through Google's SMTP
> services, they try their best to keep the connections secure? Shouldn't that
> be, you know, standard?
> >
> > The fact Yahoo and Microsoft offer ssl to pop clients without telling
> > them they don't offer SSL between MTAs for performance reasons is
> > actually quite disgusting.
> If this is true, then it is definitely an objectionable practice, and
> should be widely published.

I asked Kevin for references regarding his above claims of Google,
Microsoft, and Yahoo practices. He couldn't give me any. So you can
decide to believe him or not, that's about it. Your "If this is true"
really shows what the problem here is... This list should not be a
vector for unsupported claims.

--
Gaetan
 
Old 10-14-2012, 08:19 AM
Menachem Moystoviz
 
Default Suggestions for email for a paranoid Archer

>> > That's debateable, DOS sure, but you have much greater control and speed
>> > of access with a local mail server and past mail will still be
>> > accessible during any attack.
>> I wasn't referring to DOS/DDOS-style reliability. In my mind,
>> reliability ~= uptime > 99.999%
>> Of course, you're correct in noting that the fact that a VPS is, by
>> definition, distant from me,
>> means that in case of a network outage or DOS attack, email is
>> inaccessible and therefore
>> a server at home is better in this respect.
>
> So to access your emails when your server is being DDOS'd, you need to
> sit at home where you are virtually cut off from the Internet. Clearly,
> in this respect, a VPS is much better as its connection will withstand
> much larger DDOS attacks than your home DSL.

So in essence, what you're proposing is to only upgrade from VPS to private
hosting when the resiliency of my private server is good enough - i.e. not most
naive setups? It does make sense, and would make backups more urgent
and important.

However, at this point these discussions are starting to get
academical, as it would take
at least a year, if not five, for me to have enough spare time to work.

Many thanks,

Gesh
 
Old 10-14-2012, 08:45 AM
Gaetan Bisson
 
Default Suggestions for email for a paranoid Archer

[2012-10-14 10:19:10 +0200] Menachem Moystoviz:
> So in essence, what you're proposing is to only upgrade from VPS to private
> hosting when the resiliency of my private server is good enough - i.e. not most
> naive setups? It does make sense, and would make backups more urgent
> and important.

Backups are a must regardless of your setup. Next comes the question of
reliability: how much downtime are you willing to trade for convenience?

Here is what I do: I nearly exclusively use my official email addresses
(professional, university alumni, Arch Linux) because there are people
who will notice and fix any issue 24/7, and I care deeply that every
email sent to me reaches its destination; whenever I feel like reading
emails, I pull them from those accounts onto my machine (and send a copy
to gmail automatically - I only use them as a backup service); I read my
emails comfortably using mutt and have a unison regularly synchronize
the (encrypted) copy of my emails I have on all my machines.

I also run postfix on my home server but only use it to run a couple of
silly mailing lists that I am perfectly willing to lose for a few weeks
if it so happens that I am travelling and my server breaks down. I would
not trust a private VPS more, nor any server that has a single admin.

Cheers.

--
Gaetan
 
Old 10-14-2012, 10:18 AM
Menachem Moystoviz
 
Default Suggestions for email for a paranoid Archer

On Sun, Oct 14, 2012 at 10:45 AM, Gaetan Bisson <bisson@archlinux.org> wrote:
> [2012-10-14 10:19:10 +0200] Menachem Moystoviz:
>> So in essence, what you're proposing is to only upgrade from VPS to private
>> hosting when the resiliency of my private server is good enough - i.e. not most
>> naive setups? It does make sense, and would make backups more urgent
>> and important.
>
> Backups are a must regardless of your setup. Next comes the question of
> reliability: how much downtime are you willing to trade for convenience?
>
> Here is what I do: I nearly exclusively use my official email addresses
> (professional, university alumni, Arch Linux) because there are people
> who will notice and fix any issue 24/7, and I care deeply that every
> email sent to me reaches its destination; whenever I feel like reading
> emails, I pull them from those accounts onto my machine (and send a copy
> to gmail automatically - I only use them as a backup service); I read my
> emails comfortably using mutt and have a unison regularly synchronize
> the (encrypted) copy of my emails I have on all my machines.
>
> I also run postfix on my home server but only use it to run a couple of
> silly mailing lists that I am perfectly willing to lose for a few weeks
> if it so happens that I am travelling and my server breaks down. I would
> not trust a private VPS more, nor any server that has a single admin.
>
> Cheers.
>
> --
> Gaetan

So basically, your setup is something like:
Use corporate mail, pulling email onto your machine each time you read it,
plus some backups and your own mail server for hobbyist stuff?

Sounds quite similar to what I had in mind. Thanks.

Gesh
 

Thread Tools




All times are GMT. The time now is 11:28 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org