Re: Secure email server setup
On Mon 15/Jan/2018 16:23:54 +0100 rhkramer wrote:
> On Monday, January 15, 2018 04:39:17 AM Alessandro Vesely wrote:
>> Since most email messages are sent in cleartext, it is also worth to note
>> explicitly the difference in terms of privacy between receiving and
>> collecting.
>
> I don't understand, can you (or someone) attempt to clarify / amplify?
Personal (non-list) email messages happen to contain confidential information,
from innocent shopping preferences to passwords. Although it is possible to
use end-to-end encryption to safeguard confidentiality, the vast majority of
messages are sent in cleartext. A good percentage[*] of SMTP servers apply
transport encryption (STARTTLS), so the chances that a message is read in
transit are low. However, the chances that MX servers can read cleartext
messages is 100%, which hence is the rate of trust users have to grant to their
mailbox providers. The amount of info that can be extracted is directly
proportional to their AI skills, while what they do with it only depends on how
much greedy they are.
Given this state of affairs, the absence of a clean method for setting up an
email server is particularly obnoxious, IMHO.
Ale
[*] See, for example this 2014 stat:
https://www.facebook.com/notes/protect-the-graph/the-current-state-of-smtp-starttls-deployment/1453015901605223/
Reply to: