• encrypted email providers

    From phxl@21:1/112 to All on Tue May 18 08:31:00 2021
    Here are a few supposed private/encrypted email providers that offer free mailboxes (as well as paid plans of course):

    protonmail.com
    Tutanota.com / tutanota.de
    mailfence.com

    * mysudo.com
    (not sure if encrypted but should be as they are a
    burner/multiple id's per account service with free email but paid burner phone #'s..

    --- Mystic BBS v1.12 A47 2020/12/04 (Windows/32)
    * Origin: Black Flag <ACiD Telnet HQ> blackflagbbs.com (21:1/112)
  • From Warpslide@21:3/110 to All on Tue May 18 11:32:52 2021
    *** Quoting phxl from a message to All ***

    Here are a few supposed private/encrypted email providers that offer
    free mailboxes (as well as paid plans of course):

    protonmail.com Tutanota.com / tutanota.de mailfence.com

    There's also hushmail.com which is a lot like protonmail except hosted here in Canada. They offer a free tier and paid upgrades.

    Even though they're based in Canada they seem to charge USD, which is a sore spot for me. Right now USD$49.98 = CDN$60.24.

    If you're based in Canada, stop ripping off fellow Canadians. Charge Canadians in CAD and charge the rest of the world in USD.


    Jay

    ... A man does not look behind the door unless he has stood there himself

    --- Telegard v3.09.g2-sp4/mL
    * Origin: Northern Realms | 289-424-5180 | bbs.nrbbs.net (21:3/110)
  • From N1uro@21:4/107 to phxl on Tue May 18 12:57:00 2021
    phxl wrote to All <=-

    Here are a few supposed private/encrypted email providers that offer
    free mailboxes (as well as paid plans of course):

    protonmail.com
    Tutanota.com / tutanota.de
    mailfence.com

    * mysudo.com
    (not sure if encrypted but should be as they are a
    burner/multiple id's per account service with free email but paid
    burner phone #'s..

    Another option is to run your own mailserver and use encryption :)

    ... Internal Error: The system has been taken over by sheep at line 19960
    --- MultiMail/Linux v0.52
    * Origin: Carnage - risen from the dead now on SBBS (21:4/107)
  • From phxl@21:1/121 to N1uro on Tue May 18 12:49:20 2021

    N1uro around Tuesday, May 18th...
    Another option is to run your own mailserver and use encryption :)

    This is very possible.. only the downside is you have to maintain and run your own mailserver; and unless you have owned the domains and ip's for many many years you will find deliverability problems here and there (especially with large providers). Also, if anything happens in your region will you have redundancy backup service so you don't lose important emails?

    If you host on a VPS with a decent provider you can fair better and then use a service such as Hoppy (a hosting vpn service aimed at just this type of forwarding (meaning they don't block SMTP or allow abusive behaviors that get ip's blacklisted on major networks); but then you end up spending WAAAY more than free email costs and significantly more than a paid email account with a provider costs, probably.






    --- ENiGMA 1/2 v0.0.12-beta (linux; x64; 14.15.4)
    * Origin: Xibalba -+- xibalba.l33t.codes:44510 (21:1/121)
  • From Ogg@21:4/106.21 to Warpslide on Tue May 18 17:43:00 2021
    Hello Warpslide!

    ** On Tuesday 18.05.21 - 11:32, Warpslide wrote to All:

    There's also hushmail.com which is a lot like protonmail
    except hosted here in Canada. They offer a free tier and
    paid upgrades.

    I don't see a free option anywhere on their site.

    The site is also heavily script/ad based. I had to disable
    adblocker just to see the illustrations/samples of their
    screenshots - not good.

    I found a few places that talk about "free" hushmail, and
    relevant links, but those links take you to a hushmail page
    that nolonger exists.

    Even though they're based in Canada they seem to charge
    USD, which is a sore spot for me. Right now USD$49.98 =
    CDN$60.24.

    Yeah.. seems ironic that a Canadian biz doesn't offer a fixed
    CDN price as an option. But that's probably because they don't
    care what country you're in. You sign up, with name, password,
    generate encryption keys, and go.

    If you're based in Canada, stop ripping off fellow
    Canadians. Charge Canadians in CAD and charge the rest of
    the world in USD.

    Spotify does it right. It's a fixed 9.99/mo (no additional
    taxes either) on my credit card.



    --- OpenXP 5.0.49
    * Origin: Key ID = 0x5789589B (21:4/106.21)
  • From N1uro@21:4/107 to phxl on Tue May 18 20:08:00 2021
    phxl wrote to N1uro <=-


    This is very possible.. only the downside is you have to maintain and
    run your own mailserver; and unless you have owned the domains and ip's for many many years you will find deliverability problems here and
    there (especially with large providers). Also, if anything happens in your region will you have redundancy backup service so you don't lose important emails?

    If you know how to run a good mail server, it mainly runs itself after you have everything properly configured. Most mail servers will try for a few days
    to deliver mail before kicking it back to the end user, some will issue warnings
    prior so that the sender knows mail can't get through... however if there's communication *that* important, there's a device called a telephone that alexander graham bell invented that works perfectly to this day :) I tell
    my clients this all the time when they become too dependent on email. May
    sound a bit snarky but you can't argue fact.

    If you host on a VPS with a decent provider you can fair better and
    then use a service such as Hoppy (a hosting vpn service aimed at just
    this type of forwarding (meaning they don't block SMTP or allow abusive behaviors that get ip's blacklisted on major networks); but then you
    end up spending WAAAY more than free email costs and significantly more than a paid email account with a provider costs, probably.

    My issue is that since my email address is so old, it's basically in almost every spamhouse db you can think of. I don't understand why the United Socialist States of America think it's fair I pay money for spammers to
    suck up my bandwidth with emails I don't want nor signed up for.

    There's also a big push to eliminate SMTP. Some tech experts say that emails will be eliminated in a couple of years if not sooner. I'll actually believe that when I see it.


    ... Dyslexics Have More Nuf.
    --- MultiMail/Linux v0.52
    * Origin: Carnage - risen from the dead now on SBBS (21:4/107)
  • From Warpslide@21:3/110 to Ogg on Wed May 19 09:39:54 2021
    *** Quoting Ogg from a message to Warpslide ***

    There's also hushmail.com which is a lot like protonmail
    except hosted here in Canada. They offer a free tier and
    paid upgrades.

    I don't see a free option anywhere on their site.

    Huh! You're right, I don't see a free option anymore either. They used to offer one, but I can't seem to find anything on when they stopped offering
    it.

    Even though they're based in Canada they seem to charge
    USD, which is a sore spot for me. Right now USD$49.98=
    CDN$60.24.

    Yeah.. seems ironic that a Canadian biz doesn't offer a fixed CDN
    price as an option. But that's probably because they don't care
    what country you're in. You sign up, with name, password, generate encryption keys, and go.

    Yeah, if you're Canadian then charging in USD is an "easy" way to make a few extra dollars. *grumbles under breath*


    Jay

    ... Some of the crowd have decided to voice their opinion by staying away

    --- Telegard v3.09.g2-sp4/mL
    * Origin: Northern Realms | 289-424-5180 | bbs.nrbbs.net (21:3/110)
  • From Oli@21:3/102 to phxl on Thu May 20 07:09:06 2021
    phxl wrote (2021-05-18):

    Here are a few supposed private/encrypted email providers that offer free mailboxes (as well as paid plans of course):

    It doesn't matter that much. Most of emails conversations aren't encrypted anyway. If you want an encrypted inbox, just retrieve mails from the (webmail provider's) server and encrypt it at home. Use a mail client or browser plugin for PGP.

    For really private stuff use p2p FTN Netmail over Tor Onion Service ;).

    ---
    * Origin: . (21:3/102)
  • From Vk3jed@21:1/109 to N1uro on Thu May 20 18:57:00 2021
    On 05-18-21 20:08, N1uro wrote to phxl <=-

    phxl wrote to N1uro <=-

    prior so that the sender knows mail can't get through... however if there's communication *that* important, there's a device called a telephone that alexander graham bell invented that works perfectly to
    this day :) I tell my clients this all the time when they become too dependent on email. May sound a bit snarky but you can't argue fact.

    Some of us are difficult to reach by phone - first, I may not be able to answer, and I don't use voicemail. :P Secondly, I may not have time to deal with the call, certain times of day are no voice (or video) activity, and finding time to return a call is equally problematic. ;)

    My issue is that since my email address is so old, it's basically in almost every spamhouse db you can think of. I don't understand why the United Socialist States of America think it's fair I pay money for spammers to suck up my bandwidth with emails I don't want nor signed up for.

    I'm a bit the same. ;)

    There's also a big push to eliminate SMTP. Some tech experts say that emails will be eliminated in a couple of years if not sooner. I'll actually believe that when I see it.

    Yeah I can't see that happening anytime soon.


    ... Apathy Error: Strike any key...or none, for that matter.
    === MultiMail/Win v0.52
    --- SBBSecho 3.10-Linux
    * Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (21:1/109)
  • From N1uro@21:4/107 to Oli on Thu May 20 07:32:00 2021
    Oli wrote to phxl <=-

    It doesn't matter that much. Most of emails conversations aren't
    encrypted anyway. If you want an encrypted inbox, just retrieve mails
    from the (webmail provider's) server and encrypt it at home. Use a mail client or browser plugin for PGP.

    For really private stuff use p2p FTN Netmail over Tor Onion Service ;).

    pgp signing and encrypting would add another good layer to the mix :)

    ... The Tagline Addict Strikes! (And your Hard Drive file area shrinks.)
    --- MultiMail/Linux v0.52
    * Origin: Carnage - risen from the dead now on SBBS (21:4/107)
  • From N1uro@21:4/107 to Vk3jed on Thu May 20 07:48:00 2021
    Vk3jed wrote to N1uro <=-

    Some of us are difficult to reach by phone - first, I may not be able
    to answer, and I don't use voicemail. :P Secondly, I may not have time
    to deal with the call, certain times of day are no voice (or video) activity, and finding time to return a call is equally problematic. ;)

    I don't do voicemail either, at least on my cell. I get so much spam on that thing it's unreal... so I don't even set the mailbox up. Texting is my preferred method of contact, email second, phone call 3rd. If 1&2 fail, try
    #3. I won't do Video! I'm a former radio DJ... video is TV which I had no desire to do even back in the 70s.

    I'm a bit the same. ;)

    What's a shame is they're supposed to give you an opt-out option by our
    laws but what they do is once you click it and verify you want out, your
    email address is then sold to 50 others! The new trick that some of the
    mail admins have been doing (and I've been doing it now for years prior)
    is take an incoming email's IP, look up the CIDR block and firewall the
    whole darn block! Most of the larger offenders come from data centers who
    don't give a hoot who they sell space to such as OV, AWS (where Winlink is!) and others.

    Yeah I can't see that happening anytime soon.

    Me either. Too many businesses live on two apps:
    deFacingBook and eMail. I can see the second app... NOT the first.

    ... Jamforx - The ability of cramming one more utensil in the dishwasher
    --- MultiMail/Linux v0.52
    * Origin: Carnage - risen from the dead now on SBBS (21:4/107)
  • From Ogg@21:4/106.21 to Vk3jed on Thu May 20 07:05:00 2021
    Hello Vk3jed!

    ** On Thursday 20.05.21 - 18:57, Vk3jed wrote to N1uro:

    there's communication *that* important, there's a device
    called a telephone that alexander graham bell invented
    that works perfectly to this day :) ...

    Some of us are difficult to reach by phone - first, I may
    not be able to answer, and I don't use voicemail. :P
    Secondly, I may not have time to deal with the call,..

    All the more reason to use voicemail. Afterall, it's simply the
    audio version of offline email/echomail/qwk that you enjoy.

    I don't understand why the United Socialist States of
    America think it's fair I pay money for spammers to suck
    up my bandwidth with emails I don't want nor signed up
    for.

    The onus seems to be on us to configure server-side filters as
    best we can to block or discard emails that we don't want.


    --- OpenXP 5.0.49
    * Origin: Key ID = 0x5789589B (21:4/106.21)
  • From Vk3jed@21:1/109 to N1uro on Fri May 21 08:49:00 2021
    On 05-20-21 07:48, N1uro wrote to Vk3jed <=-

    I don't do voicemail either, at least on my cell. I get so much spam on that thing it's unreal... so I don't even set the mailbox up. Texting

    I just find it fiddly, you get a text, have to call back, get the message, write down any details, delete the message, delete the text. What a load of.... :D And all that only to leave a message on the other person's voicemail! :D

    is my preferred method of contact, email second, phone call 3rd. If 1&2

    Pretty much the same for me, and "text" can actually be one of a number of
    pps.

    fail, try #3. I won't do Video! I'm a former radio DJ... video is TV
    which I had no desire to do even back in the 70s.

    Video for me is on the same level as a phone call. I do use video for telehealth, however.

    What's a shame is they're supposed to give you an opt-out option by our laws but what they do is once you click it and verify you want out,
    your email address is then sold to 50 others! The new trick that some
    of the mail admins have been doing (and I've been doing it now for
    years prior) is take an incoming email's IP, look up the CIDR block and firewall the whole darn block! Most of the larger offenders come from
    data centers who don't give a hoot who they sell space to such as OV,
    AWS (where Winlink is!) and others.

    That sometimes works, some use hijacked PCs on botnets too. More IP blocks to nuke. :)

    Yeah I can't see that happening anytime soon.

    Me either. Too many businesses live on two apps:
    deFacingBook and eMail. I can see the second app... NOT the first.

    Yep exactly.

    ... Jamforx - The ability of cramming one more utensil in the
    dishwasher --- MultiMail/Linux v0.52

    LOL


    ... Please write your complaint in this box [ ] - Legibly
    === MultiMail/Win v0.52
    --- SBBSecho 3.10-Linux
    * Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (21:1/109)
  • From Vk3jed@21:1/109 to Ogg on Fri May 21 08:50:00 2021
    On 05-20-21 07:05, Ogg wrote to Vk3jed <=-

    All the more reason to use voicemail. Afterall, it's simply the
    audio version of offline email/echomail/qwk that you enjoy.

    No, it's more like a web forum, slow, cumbersome fiddly to navigate - and you're tied to the phone network while you're using it. :P And remember, I hate web forums? :P

    The onus seems to be on us to configure server-side filters as
    best we can to block or discard emails that we don't want.

    Yeah, that's market forces at work. :P


    ... Everywhere is within walking distance if you have the time.
    === MultiMail/Win v0.52
    --- SBBSecho 3.10-Linux
    * Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (21:1/109)
  • From N1uro@21:4/107 to Vk3jed on Fri May 21 07:12:00 2021
    Vk3jed wrote to N1uro <=-

    I just find it fiddly, you get a text, have to call back, get the
    message, write down any details, delete the message, delete the text.
    What a load of.... :D And all that only to leave a message on the
    other person's voicemail! :D

    Or be like me and ignore everyone equally <G> Just don't delete anything
    until you know you've responded.

    Video for me is on the same level as a phone call. I do use video for telehealth, however.

    I don't do video. A higher up in our military has told me that video is a
    lot easier for those looking to cause bad intentions to crack into. I don't even have a camera on my PC, and I use electrician's tape to cover those on
    my phones. If I can get into a phone, which my older ones I can...I simply
    open them and take the cams out.

    That sometimes works, some use hijacked PCs on botnets too. More IP blocks to nuke. :)

    Absolutely. -j DROP then becomes my BFF.



    ... Veni, Vedi, VooDoo...I came, I saw, I put curse on somebody
    --- MultiMail/Linux v0.52
    * Origin: Carnage - risen from the dead now on SBBS (21:4/107)
  • From Vk3jed@21:1/109 to N1uro on Sat May 22 21:00:00 2021
    On 05-21-21 07:12, N1uro wrote to Vk3jed <=-

    Or be like me and ignore everyone equally <G> Just don't delete
    anything until you know you've responded.

    WWell, you're not going to get an answer from me, if you manage to leave voicemail. Chances I won't even know you did! :D

    Video for me is on the same level as a phone call. I do use video for telehealth, however.

    I don't do video. A higher up in our military has told me that video is
    a lot easier for those looking to cause bad intentions to crack into. I don't even have a camera on my PC, and I use electrician's tape to
    cover those on my phones. If I can get into a phone, which my older
    ones I can...I simply open them and take the cams out.

    Hmm, OK.

    That sometimes works, some use hijacked PCs on botnets too. More IP blocks to nuke. :)

    Absolutely. -j DROP then becomes my BFF.

    A very useful friend! :D



    ... Veni, Vedi, VooDoo...I came, I saw, I put curse on somebody

    :D



    ... Is the tuning intonation correct?
    === MultiMail/Win v0.52
    --- SBBSecho 3.10-Linux
    * Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (21:1/109)
  • From N1uro@21:4/107 to Vk3jed on Sat May 22 12:52:00 2021
    Vk3jed wrote to N1uro <=-

    WWell, you're not going to get an answer from me, if you manage to
    leave voicemail. Chances I won't even know you did! :D

    Good luck leaving me one on my cell - I refuse to set the mailbox up
    so it just tells you that it's not set up and hangs up on you <G>
    "Look gang! It's Tony's favorite type of Voicemail box!" haha

    Absolutely. -j DROP then becomes my BFF.
    A very useful friend! :D

    Sometimes too good of a friend, but better safe than sorry.


    ... Kidnapped - By Caesar Quick
    --- MultiMail/Linux v0.52
    * Origin: Carnage - risen from the dead now on SBBS (21:4/107)
  • From Vk3jed@21:1/109 to N1uro on Sun May 23 11:48:00 2021
    On 05-22-21 12:52, N1uro wrote to Vk3jed <=-

    Good luck leaving me one on my cell - I refuse to set the mailbox up
    so it just tells you that it's not set up and hangs up on you <G>
    "Look gang! It's Tony's favorite type of Voicemail box!" haha

    I didn't set mine up, but people say they've left a message. It goes into a black hole, and I never get a text notification. :D

    Absolutely. -j DROP then becomes my BFF.
    A very useful friend! :D

    Sometimes too good of a friend, but better safe than sorry.

    True. :)


    ... Kidnapped - By Caesar Quick

    :D


    ... Do nothing for as long as possible
    === MultiMail/Win v0.52
    --- SBBSecho 3.10-Linux
    * Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (21:1/109)
  • From tallship@21:2/104 to Oli on Mon May 31 21:43:11 2021
    On 20 May 2021, Oli said the following...
    Here are a few supposed private/encrypted email providers that offer f mailboxes (as well as paid plans of course):

    It doesn't matter that much. Most of emails conversations aren't
    encrypted anyway. If you want an encrypted inbox, just retrieve mails
    from the (webmail provider's) server and encrypt it at home. Use a mail client or browser plugin for PGP.

    For really private stuff use p2p FTN Netmail over Tor Onion Service ;).


    I have a slightly different take on it.

    1.) Yes, encrypted email providers are a misnomer. I can't tell you how many people proudly boast that they have a protonmail account so their mail is encrypted.... Only to discover it isn't, because when they send messages outside the network it's in clear text, unless your keys have been added to each other's keyrings.

    https://pgp.mit.edu is traditionally where I keep my keys available, and it looks like sks-keyservers.net has been deprecated. I also take advantage of
    the proofs available via https://keybase.io

    I use PGP keys all the time, but not always. I typically sign with my keys so that the authenticity can be relatively assured, but for realy encrypted communications....

    2.) I recommend Matrix - you can run your own Synapse matrix server if you like, it's pretty straight-forward, and a couple of good clients for both desktop and Android are SchildeChat and Element.

    XMPP is good too if you're using OMEMO, on Android, Conversations or Conv6sations are good clients, and you have a lot of choices for desktop clients. I personally prefer Gajim.

    I really don't care much for Signal, it leaks too much metadata, such as your DID (always) and it also shows when the remote party has displayed the
    message on their device. Plus, it's not distributed - it's set up as a silo, although there's no reason why that really has to be, other than the forked project became unmaintained when Moxie expressed his disdain for others repurposing his clients to use with other forks of Signal.

    I don't really think I would depend on PGP encrypted mail for secure communications, but it's fine for authenticating the sender. But if you want
    to do so I would recommend installing and using Fair Email directly from the git repo here: https://github.com/M66B/FairEmail

    The reason for that is because you'll always have the laterst version for
    your Android, and it will automatically update from there. F-Droid would be a second choice, but updates lag and some feature sets aren't incorporated. Anything from the Google Playstore should be considered spyware - because it is.

    For Desktop, Most of my customers use Thunderbird, as do I (conigured with OpenPGP), There are a couple of other good email clients, but Outlook isn't
    one of them.

    I also recommend that people run their own email servers - SMTP/IMAP/OpenDKIM/SpamAssasin/etc. The combo I like is Postfix with Dovecot.
    I do realize, however, that email is a complete mess to set up correctly out
    of the box nowadays, so you should have someone who is good at it do the install :) With DKIM, DMARC, SPF blah blah blah... Yah, nightmare, but once
    you set it up it's a dream to host your own domain's email services.

    I don't think that using TOR lends itself to a respectible business
    impression, so I would definitely advise against it in the commonplace
    business world of communications - other than that of course... it freakin' rocks!

    --- Mystic BBS v1.12 A43 2019/03/02 (Linux/64)
    * Origin: Vger.Cloud - NOMAD Internetwork (21:2/104)
  • From Oli@21:3/102 to tallship on Tue Jun 1 09:11:53 2021
    tallship wrote (2021-05-31):

    On 20 May 2021, Oli said the following...
    Here are a few supposed private/encrypted email providers that
    offer f mailboxes (as well as paid plans of course):

    It doesn't matter that much. Most of emails conversations aren't
    encrypted anyway. If you want an encrypted inbox, just retrieve
    mails from the (webmail provider's) server and encrypt it at home.
    Use a mail client or browser plugin for PGP.


    I have a slightly different take on it.

    [...]

    2.) I recommend Matrix - you can run your own Synapse matrix server if you like, it's pretty straight-forward, and a couple of good clients for both desktop and Android are SchildeChat and Element.

    None of my friends use Matrix.

    XMPP is good too if you're using OMEMO, on Android, Conversations or Conv6sations are good clients, and you have a lot of choices for desktop clients. I personally prefer Gajim.

    Even fewer people use XMPP.

    I really don't care much for Signal, it leaks too much metadata, such as your DID (always) and it also shows when the remote party has displayed
    the message on their device.

    What is DID?

    Signal shows when a message has been received. It also tells you when a contact in your phone book joins Signal. It's very convenient, but it would be better if also could be disabled (maybe it's possible).

    Plus, it's not distributed - it's set up as
    a silo, although there's no reason why that really has to be, other than the forked project became unmaintained when Moxie expressed his disdain
    for others repurposing his clients to use with other forks of Signal.

    Federation also leaks metadata to third parties, which is not of any convenience for the user and not transparent.

    I also recommend that people run their own email servers - SMTP/IMAP/OpenDKIM/SpamAssasin/etc. The combo I like is Postfix with Dovecot. I do realize, however, that email is a complete mess to set up correctly out of the box nowadays, so you should have someone who is good at it do the install :) With DKIM, DMARC, SPF blah blah blah... Yah, nightmare, but once you set it up it's a dream to host your own domain's email services.

    Maybe in 30 years, when nobody uses Email anymore we can run retro Email without the bullshit of big webmail providers. They basically killed the selfhosted mail server.

    I don't think that using TOR lends itself to a respectible business impression, so I would definitely advise against it in the commonplace business world of communications - other than that of course... it
    freakin' rocks!

    that's why I wrote:

    For really private stuff use p2p FTN Netmail over Tor Onion Service
    ^^^^^^^^^^^
    ;).

    ... with an irony smiley.



    Telehash was a nice project for a p2p messaging network by the guy who invented jabber (and others). Unfortunately it seems to be dead (domain grabbed, no new commits on github).

    ---
    * Origin: . (21:3/102)
  • From N1uro@21:4/107 to tallship on Tue Jun 1 10:07:00 2021
    Hello tallship;

    tallship wrote to Oli <=-

    1.) Yes, encrypted email providers are a misnomer. I can't tell you how many people proudly boast that they have a protonmail account so their mail is encrypted.... Only to discover it isn't, because when they send messages outside the network it's in clear text, unless your keys have been added to each other's keyrings.

    This also depends on the service(s) offered at BOTH ends. Email typically between my email server and gmail often are encrypted by default using smtpS instead of standard unencrypted smtp. Of course, as I said, both sides must make allocations to send and receive using tls.

    https://pgp.mit.edu is traditionally where I keep my keys available,
    and it looks like sks-keyservers.net has been deprecated. I also take advantage of the proofs available via https://keybase.io

    I use PGP keys all the time, but not always. I typically sign with my
    keys so that the authenticity can be relatively assured, but for realy encrypted communications....

    I too store my key on pgp.mit.edu. Have for years.


    XMPP is good too if you're using OMEMO, on Android, Conversations or Conv6sations are good clients, and you have a lot of choices for
    desktop clients. I personally prefer Gajim.

    Have you tried xabber for droid? For desktop pidgin seems to be multi-OS compatible.

    Anything from the Google Playstore should be considered
    spyware - because it is.

    Amen!

    For Desktop, Most of my customers use Thunderbird, as do I (conigured
    with OpenPGP), There are a couple of other good email clients, but
    Outlook isn't one of them.

    Unfortunately, in many companies, they've literally "bought" into the whole Micro$oft bill of no-goods. Exchange server, outlook, etc. I'm a bit of a
    fan of Evolution written by Novell Netware. It gives the user much of the features that Outlook delivers to the corporate user without the need to
    make any such purchase that M$ Office requires. There's a windows port for
    the desktop, and its in most linux distro repositories.

    I also recommend that people run their own email servers - SMTP/IMAP/OpenDKIM/SpamAssasin/etc. The combo I like is Postfix with Dovecot. I do realize, however, that email is a complete mess to set up correctly out of the box nowadays, so you should have someone who is
    good at it do the install :) With DKIM, DMARC, SPF blah blah blah...
    Yah, nightmare, but once you set it up it's a dream to host your own domain's email services.

    +1! That's what I use as well. In fact, email coming into my SBBS for anyone -must- go through my postfix server, pass RBL lookups, be scanned by SA and ClamAV (via ClamSMTP), etc etc before getting passed to the BBS on a non standard port. For outbound from the BBS, it follows a similar reverse path where mails to the outside world still get scanned in case a user sends a
    file with a virus included. I love how flexible postfix is, and in fact...
    if you've ever read an exchange server administration book (and one would
    have to be quite constipated!) it even strongly suggests to filter your
    mails through postfix with numerous filters installed PRIOR to passing them into exchange.

    I do the same with any smtp based mails that get passed onto amateur radio using my axMail-FAX system for packet which makes it a lot more superior
    than any of the other systems used on amateur RF.

    I don't think that using TOR lends itself to a respectible business impression, so I would definitely advise against it in the commonplace business world of communications - other than that of course... it freakin' rocks!

    As an outsider dealing with any company, if they lived on TOR I'd walk right
    on by. It just has way too many negatives associated with it reputation wise. I'd wonder if their online chat support is hosted by chatterbate <G>

    ... When the chips are down, the cow is empty.
    --- MultiMail/Linux v0.52
    * Origin: Carnage - risen from the dead now on SBBS (21:4/107)
  • From Lightman@21:3/143 to tallship on Tue Jun 1 15:01:16 2021
    Hi tallship,

    On 31 May 2021, tallship said the following...

    I also recommend that people run their own email servers - SMTP/IMAP/OpenDKIM/SpamAssasin/etc. The combo I like is Postfix with Dovecot. I do realize, however, that email is a complete mess to set up


    Agreed. Mail, these days, can be outright bloody. I've seen a couple of 'okay' box solutions for this lately, including:

    * https://mailinabox.email - Mail-in-a-Box

    I've also come across iRedMail which scares me a bit for personal reasons - I wonder if anyone else has messed with this?!


    2.) I recommend Matrix - you can run your own Synapse matrix server if
    you like, it's pretty straight-forward, and a couple of good clients for both desktop and Android are SchildeChat and Element.


    I've seen people advertising Matrix on BBSes. Curious if it is the same [apache] matrix and how it is being used. A bit of a context-switch here, but interested in the project, as I've never used it.

    lightman


    -- Decentralize the net!

    --- Mystic BBS v1.12 A46 2020/08/26 (Linux/64)
    * Origin: Pedalion BBS (21:3/143)
  • From Ogg@21:4/106.21 to Lightman on Tue Jun 1 18:20:00 2021
    Hello Lightman!

    ** On Tuesday 01.06.21 - 15:01, Lightman wrote to tallship:

    2.) I recommend Matrix - you can run your own Synapse
    matrix server if you like, it's pretty straight-forward,
    and a couple of good clients for both desktop and Android
    are SchildeChat and Element.


    I've seen people advertising Matrix on BBSes. Curious if it
    is the same [apache] matrix and how it is being used. A bit
    of a context-switch here, but interested in the project, as
    I've never used it.

    Matrix is a resource hog. It only supports 64bit systems. I'm
    on it as oggyman@matrix.org Just sitting idle, the prog
    doesn't sit still; in about 15 minutes it will have eating up
    16MB of data.


    --- OpenXP 5.0.50
    * Origin: Key ID = 0x5789589B (21:4/106.21)
  • From Oli@21:3/102 to Ogg on Wed Jun 2 07:05:23 2021
    Ogg wrote (2021-06-01):

    Matrix is a resource hog. It only supports 64bit systems. I'm
    on it as oggyman@matrix.org Just sitting idle, the prog
    doesn't sit still; in about 15 minutes it will have eating up
    16MB of data.

    Nice, that is around 128 kbps. You could listen to a good quality audio stream at that rate.

    ---
    * Origin: . (21:3/102)
  • From Ogg@21:4/106.21 to Oli on Wed Jun 2 08:55:00 2021
    Hello Oli!

    ** On Wednesday 02.06.21 - 07:05, Oli wrote to Ogg:

    doesn't sit still; in about 15 minutes it will have eating up
    16MB of data.

    Nice, that is around 128 kbps. You could listen to a good quality audio stream at that rate.

    But with a 5GB/mo data limit on my mobile data plan before
    getting throttled down, that won't last too long.


    --- OpenXP 5.0.50
    * Origin: Key ID = 0x5789589B (21:4/106.21)
  • From poindexter FORTRAN@21:4/122 to tallship on Tue Jun 1 06:43:00 2021
    tallship wrote to Oli <=-

    I also recommend that people run their own email servers - SMTP/IMAP/OpenDKIM/SpamAssasin/etc. The combo I like is Postfix with Dovecot. I do realize, however, that email is a complete mess to set up correctly out of the box nowadays, so you should have someone who is
    good at it do the install :) With DKIM, DMARC, SPF blah blah blah...
    Yah, nightmare, but once you set it up it's a dream to host your own domain's email services.

    I looked into running my own services recently. I ran my own services from 1999 through 2006 or so, then went to a webhost/email combination. Been thinking about moving it in-house for a couple of reasons.

    If only a VPS had an option to encrypt the filesystem of a remote system,
    that would rock.



    ... Two protons expelled at each coupling site creates the mode of force
    --- MultiMail/DOS v0.52
    * Origin: realitycheckBBS.org -- information is power. (21:4/122)
  • From Warpslide@21:3/110 to poindexter FORTRAN on Wed Jun 2 17:57:03 2021
    On 01 Jun 2021, poindexter FORTRAN said the following...

    I looked into running my own services recently. I ran my own services
    from 1999 through 2006 or so, then went to a webhost/email combination. Been thinking about moving it in-house for a couple of reasons.

    If only a VPS had an option to encrypt the filesystem of a remote
    system, that would rock.

    https://thehelm.com/

    I've been eyeing these guys up, but I need someone smarter than me to tell me all about it & whether/how it works.

    The idea behind this service is you have the box in your house which acts as the email server. Since residential IPs often are blocked for email services this box makes a VPN connection to their servers which do all the email connections on their side.

    They say they can't see any of your email traffic passing through this VPN connection, which I guess could be the case for any TLS encrypted traffic.

    The local hard drive is encrypted so if someone steals the device they can't access the data on it. You can use your own domain names which is a plus,
    but there is no webmail which is kind of a deal-breaker for me.

    There's also a US$99 /year subscription cost.


    Jay

    --- Mystic BBS v1.12 A46 2020/08/26 (Raspberry Pi/32)
    * Origin: Northern Realms (21:3/110)
  • From Ogg@21:4/106.21 to Warpslide on Wed Jun 2 19:48:00 2021
    Hello Warpslide!

    ** On Wednesday 02.06.21 - 17:57, Warpslide wrote to poindexter FORTRAN:

    https://thehelm.com/

    I've been eyeing these guys up, but I need someone smarter than me to tell me all about it & whether/how it works.

    There's also a US$99 /year subscription cost.

    Is the subscription cost worth it?

    So.. you buy this box for 256GB/512GB/1TB for $199 (it looks
    like it's the same price for any capacity) Is it a spinning
    HDD, or SDD?

    Do they provision a way to do a backup/restore of what's on the
    box?

    I dunno, but it seems that any privacy that you might like to
    assume that you gain from their server, would be neutered
    unless everyone you are interested in maintaining privacy with
    has the same Helm service.


    --- OpenXP 5.0.50
    * Origin: Key ID = 0x5789589B (21:4/106.21)
  • From Warpslide@21:3/110 to Ogg on Wed Jun 2 20:14:17 2021
    On 02 Jun 2021, Ogg said the following...

    So.. you buy this box for 256GB/512GB/1TB for $199 (it looks
    like it's the same price for any capacity) Is it a spinning
    HDD, or SDD?

    On my browser the prices are:

    256GB: $199
    512GB: $249
    1TB: $349

    On the specs page it notes: NVMe SSD storage

    Do they provision a way to do a backup/restore of what's on the
    box?

    Yes, part of the yearly subscription includes 128GB offsite encrypted backups.

    Encrypted to the same key as your own helm server, so they (Helm) cannot
    access the contents.

    I dunno, but it seems that any privacy that you might like to
    assume that you gain from their server, would be neutered
    unless everyone you are interested in maintaining privacy with
    has the same Helm service.

    No different than emailing anyone else outside of your own domain. This solution seems to be marketed with the scare tactic that large email
    providers are reading your messages and targeting you with ads.

    Is the subscription cost worth it?

    I guess that depends on what your priorities are. If you want custom
    domain email with Google it's a minimum if US$6 /mo per user. With this service you can have as many users & domains as you like. Of course you
    need to have your server online. If your power goes out or your internet
    goes down, you can't receive/check email. (They say that the sending server will try again later, so you "shouldn't" loose messages).


    Jay

    --- Mystic BBS v1.12 A46 2020/08/26 (Raspberry Pi/32)
    * Origin: Northern Realms (21:3/110)
  • From Daniel Path@21:4/148 to Warpslide on Thu Jun 3 08:25:31 2021
    Hello Warpslide.

    02 Jun 21 17:57, you wrote to poindexter FORTRAN:

    On 01 Jun 2021, poindexter FORTRAN said the following...

    I looked into running my own services recently. I ran my own
    services from 1999 through 2006 or so, then went to a
    webhost/email combination. Been thinking about moving it in-house
    for a couple of reasons.

    If only a VPS had an option to encrypt the filesystem of a remote
    system, that would rock.

    https://thehelm.com/

    I've been eyeing these guys up, but I need someone smarter than me to
    tell me all about it & whether/how it works.

    The idea behind this service is you have the box in your house which
    acts as the email server. Since residential IPs often are blocked for email services this box makes a VPN connection to their servers which
    do all the email connections on their side.

    They say they can't see any of your email traffic passing through this
    VPN connection, which I guess could be the case for any TLS encrypted traffic.

    The local hard drive is encrypted so if someone steals the device they can't access the data on it. You can use your own domain names which
    is a plus, but there is no webmail which is kind of a deal-breaker for
    me.

    There's also a US$99 /year subscription cost.

    it looks like an overpriced regular NAS. i don't really see the difference. anyway, if you want security, build your own *nix/bsd machine with these capabilities.

    regards,
    --
    Daniel

    ... BBS: Uptime is 01d 20h 51m 16s (BT-Uptime/OS2, V1.5)
    --- GoldED+/EMX 1.1.4.7
    * Origin: Roon's BBS - Budapest, HUNGARY (21:4/148)
  • From acn@21:3/127.1 to Daniel Path on Thu Jun 3 13:26:00 2021
    Am 03.06.21 schrieb Daniel Path@21:4/148 in FSX_CRY:

    Hallo Daniel,

    it looks like an overpriced regular NAS. i don't really see the
    difference. anyway, if you want security, build your own *nix/bsd
    machine with these capabilities.

    While you are absolutely right in the first place, if you want this
    machine to be in your house and you're using a regular internet
    connection, you won't be able to send out many mails as most mail servers won't accept mails coming from "home user" IP addresses because of all the windows users with malware on their system.

    So you would either need a "corporate" IP address, a VPN to a server somewhere else or something like that.

    I'm using a VPS in the first place as my mail server, and the cost for
    this server is also ~ 100 EUR per year.

    Regards,
    Anna

    --- OpenXP 5.0.50
    * Origin: Imzadi Box Point (21:3/127.1)
  • From Ogg@21:4/106.21 to Warpslide on Thu Jun 3 18:55:00 2021
    Hello Warpslide!

    ** On Wednesday 02.06.21 - 20:14, Warpslide wrote to Ogg:

    So.. you buy this box for 256GB/512GB/1TB for $199 (it looks
    like it's the same price for any capacity) Is it a spinning
    HDD, or SDD?

    On my browser the prices are:

    256GB: $199
    512GB: $249
    1TB: $349

    I did not get those options. Maybe PrivacyBadger or Adblocker
    stopped something from happening.

    On the specs page it notes: NVMe SSD storage

    That's a good design choice.


    I dunno, but it seems that any privacy that you might
    like to assume that you gain from their server, would be
    neutered unless everyone you are interested in
    maintaining privacy with has the same Helm service.

    No different than emailing anyone else outside of your own
    domain. This solution seems to be marketed with the scare
    tactic that large email providers are reading your messages
    and targeting you with ads.

    That's my point. What's the point of having a one-sided
    "private" Helm server, when the moment you email anyone else,
    the contents are nolonger private?

    It would seem that the Helm solution would be best if all your
    contacts are using Helm too.

    Maybe you could convince family and some friends to use an
    account that you set up on your Helm server, but not so much if
    you have dealings with other businesses, doctors, banks, etc.


    --- OpenXP 5.0.50
    * Origin: Key ID = 0x5789589B (21:4/106.21)
  • From poindexter FORTRAN@21:4/122 to Warpslide on Thu Jun 3 06:49:00 2021
    Warpslide wrote to poindexter FORTRAN <=-

    https://thehelm.com/

    I've been eyeing these guys up, but I need someone smarter than me to
    tell me all about it & whether/how it works.

    The idea behind this service is you have the box in your house which
    acts as the email server. Since residential IPs often are blocked for email services this box makes a VPN connection to their servers which
    do all the email connections on their side.

    Interesting. Yeah, port blocking is a pain.


    ... Overtly resist change
    --- MultiMail/DOS v0.52
    * Origin: realitycheckBBS.org -- information is power. (21:4/122)
  • From poindexter FORTRAN@21:4/122 to acn on Thu Jun 3 07:16:00 2021
    acn wrote to Daniel Path <=-

    While you are absolutely right in the first place, if you want this machine to be in your house and you're using a regular internet connection, you won't be able to send out many mails as most mail
    servers won't accept mails coming from "home user" IP addresses because
    of all the windows users with malware on their system.

    I wonder if setting DKIM and SPF on a home IP would mitigate that or if they just block home IP networks.

    So you would either need a "corporate" IP address, a VPN to a server somewhere else or something like that.

    I used a paid mail redirection service for several years with my BBS - you configure them as primary MX for your domain and they transfer mail to you over an alternate port. It worked well and was $30/year - plus they provided DNS services.

    I'm using a VPS in the first place as my mail server, and the cost for this server is also ~ 100 EUR per year.

    Those cheap specials on lowendbox.com would work fine for mail services or anything else not interactive; I had one with 40 gb of disk, 512 MB of RAM
    and one core for 9$USD/year. I shouldn't have let it lapse at that price.


    ... Overtly resist change
    --- MultiMail/DOS v0.52
    * Origin: realitycheckBBS.org -- information is power. (21:4/122)
  • From Oli@21:3/102 to Ogg on Thu Jun 3 07:07:37 2021
    Ogg wrote (2021-06-02):

    Hello Oli!

    ** On Wednesday 02.06.21 - 07:05, Oli wrote to Ogg:

    doesn't sit still; in about 15 minutes it will have eating up
    16MB of data.

    Nice, that is around 128 kbps. You could listen to a good quality
    audio stream at that rate.

    But with a 5GB/mo data limit on my mobile data plan before
    getting throttled down, that won't last too long.

    4 days and then it would fill your throttled connection. Are you're sure it consumes that much bandwidth? How many channels do you read? Are there images posted?

    ---
    * Origin: . (21:3/102)
  • From acn@21:3/127.1 to poindexter FORTRAN on Sun Jun 6 10:59:00 2021
    Am 03.06.21 schrieb poindexter FORTRAN@21:4/122 in FSX_CRY:

    Hallo poindexter,

    While you are absolutely right in the first place, if you want this
    machine to be in your house and you're using a regular internet
    connection, you won't be able to send out many mails as most mail
    servers won't accept mails coming from "home user" IP addresses because ac>> of all the windows users with malware on their system.

    I wonder if setting DKIM and SPF on a home IP would mitigate that or if they just block home IP networks.

    At least my server just blocks those networks because of the Spamhaus ZEN blacklist (https://www.spamhaus.org/zen/) which is a meta-blacklist that includes their PBL blacklist (https://www.spamhaus.org/pbl/).
    "The Spamhaus PBL is a DNSBL database of end-user IP address ranges which should not be delivering unauthenticated SMTP email to any Internet mail server except those provided for specifically by an ISP for that
    customer's use."

    And afaik the ZEN blacklist is in widespread use.

    I used a paid mail redirection service for several years with my BBS - you configure them as primary MX for your domain and they transfer mail to you over an alternate port. It worked well and was $30/year - plus they provided DNS services.

    That's a fine alternative :)

    Those cheap specials on lowendbox.com would work fine for mail services or anything else not interactive; I had one with 40 gb of disk, 512 MB of RAM and one core for 9$USD/year. I shouldn't have let it lapse at that price.

    I'm using a VPS from netcup.de and there you can get eg. a VPS with 2
    vCores, 8GB RAM, 160GB SSD and 80TB of traffic for 6 EUR/month.
    (wow, I just saw the new offers there, really nice now :))
    And the machines don't feel "low-end". I'm just using them for my personal website, mail server etc., so there is not that much traffic going on :)

    Regards,
    Anna

    --- OpenXP 5.0.50
    * Origin: Imzadi Box Point (21:3/127.1)
  • From pokeswithastick@21:2/159 to acn on Sun Jun 6 20:36:02 2021

    On 06/06/2021 12:59 pm acn said...
    While you are absolutely right in the first place, if you want this ac>> machine to be in your house and you're using a regular internet ac>> connection, you won't be able to send out many mails as most mail ac>> servers won't accept mails coming from "home user" IP addresses because ac>> of all the windows users with malware on their system.

    I`d recommend the tunnel to VPS approach for running services locally (at home) but exposing them to the world via an encrypted tunnel to a cheap VPS. My BBS works this way - the DNS entry resolves to a DO droplet but the actual physical location is a raspberry pi behind a book shelf in my house.

    Mail-in-box is also a good all in one mail server. Although intended to run on a VPS the same approach tunneling approach works if you want to self-host but still expose services via a VPS point of presence instead of your `home user` IP.

    --- ENiGMA 1/2 v0.0.12-beta (linux; arm; 14.17.0)
    * Origin: sbb systems ~ https://bbs.sbbsystems.com (21:2/159)
  • From N1uro@21:4/107 to acn on Sun Jun 6 20:21:00 2021
    Hello Anna;

    acn wrote to poindexter FORTRAN <=-

    At least my server just blocks those networks because of the Spamhaus
    ZEN blacklist (https://www.spamhaus.org/zen/) which is a meta-blacklist that includes their PBL blacklist (https://www.spamhaus.org/pbl/).
    "The Spamhaus PBL is a DNSBL database of end-user IP address ranges
    which should not be delivering unauthenticated SMTP email to any
    Internet mail server except those provided for specifically by an ISP
    for that customer's use."

    And afaik the ZEN blacklist is in widespread use.

    I use a volume of them concurrently including barracuda which has a free RBL service. I wrote a tool that allows one to search an IP to see if they're
    a listed spammer. You may find it at: https://www.n1uro.com/cgi-bin/spamcop

    ... Que sera, Skipper: What will be, knows Gilligan.
    --- MultiMail/Linux v0.52
    * Origin: Carnage - risen from the dead now on SBBS (21:4/107)
  • From poindexter FORTRAN@21:4/122 to pokeswithastick on Mon Jun 7 07:41:00 2021
    pokeswithastick wrote to acn <=-

    I`d recommend the tunnel to VPS approach for running services locally
    (at home) but exposing them to the world via an encrypted tunnel to a cheap VPS. My BBS works this way - the DNS entry resolves to a DO
    droplet but the actual physical location is a raspberry pi behind a
    book shelf in my house.

    Sounds like a good plan. What are you using to forward traffic from DO to
    your home IP?




    ... Always the first steps
    --- MultiMail/DOS v0.52
    * Origin: realitycheckBBS.org -- information is power. (21:4/122)
  • From Oli@21:3/102 to poindexter FORTRAN on Tue Jun 8 17:24:41 2021
    poindexter wrote (2021-06-07):

    pokeswithastick wrote to acn <=-

    I`d recommend the tunnel to VPS approach for running services
    locally (at home) but exposing them to the world via an encrypted
    tunnel to a cheap VPS. My BBS works this way - the DNS entry
    resolves to a DO droplet but the actual physical location is a
    raspberry pi behind a book shelf in my house.

    Sounds like a good plan. What are you using to forward traffic from DO to your home IP?

    Wireguard

    ---
    * Origin: . (21:3/102)
  • From pokeswithastick@21:2/159 to poindexter FORTRAN on Tue Jun 8 22:22:38 2021


    On 07/06/2021 12:41 am poindexter FORTRAN said...
    Sounds like a good plan. What are you using to forward traffic from DO to
    your home IP?

    I have a Ubiquiti EdgeRouter building an GRE over IPSEC tunnel to the DO droplet. GRE so that it is policy based and I can do some routing over it.

    Telnet & SSH are then NAT`ed back over the tunnel to the Pi and for HTTPS I am running Caddy on the DO droplet so it can handle Lets Encrypt. It`s basically then just a reverse proxy back over the tunnel.

    --- ENiGMA 1/2 v0.0.12-beta (linux; arm; 14.17.0)
    * Origin: sbb systems ~ https://bbs.sbbsystems.com (21:2/159)
  • From Ogg@21:4/106.21 to Oli on Sun Jun 20 09:28:00 2021
    Hello Oli!

    ** On Thursday 03.06.21 - 07:07, Oli wrote to Ogg:

    But with a 5GB/mo data limit on my mobile data plan before
    getting throttled down, that won't last too long.

    4 days and then it would fill your throttled connection.
    Are you're sure it consumes that much bandwidth? How many
    channels do you read? Are there images posted?

    I've disabled all Win7 update checks and any other "talk to
    mother ship" things. The network activity is pretty low when
    no apps are running. But when I fire up Element/Matrix, there
    is a fairly steady (albiet intermittent) and large transfer of
    data going on.

    There are a number of channels that I've subscribed to, but
    there are only a handful of messages within an hour at the
    most. Sometimes people post images, but they seem to be scaled
    down. After an image is posted, and there is no one posting,
    the network activity keeps moving "something".


    --- OpenXP 5.0.50
    * Origin: Key ID = 0x5789589B (21:4/106.21)