bobbricoleur21h ago
As someone in infosec, how do you handle your personal email?

I got tired of Gmail reading everything, so I built a self-hosted
alternative with:
- X25519 + AES-256-GCM encryption
- Postfix/Dovecot on a French VPS
- SPF/DKIM/DMARC + fail2ban
- An AI cockpit that classifies urgent vs noise

Curious what setups other infosec people use. ProtonMail?
Self-hosted? Something else?

#infosec #email #privacy #selfhosted #encryption
Show thread a HOT Rubie 

@bobbricoleur Self-hosting is always preferred. It is a lot of work. Many mail services still pre-emptively block self-hosting for spam despite spammers not doing self-hosting. It is too easy to add self-hosting to blocklists and some people do this automatically and without cause. Once on it is difficult to get off. Most mail services do collect and retain mail messages. Tuta and proton say they do not retain mail. Tuta and Proton encrypt mail at rest but they possess the keys. Proton may only allow entprise accounts to use smtp. Tuta seems to allow only imaps.

Ymmv.

Bonne chance.

Apr 4 at 5:08pmWeb
Show threadbobbricoleur20h ago
@hotarubiko thanks a lot for this view , very interesting. so basically Proton, provide you the key that they also have in their server ?
Show thread a HOT Rubie 20h ago

@bobbricoleur For the mail at rest? Proton will show you the key. It is your settings last time I checked. It is PGP. Strictly TLS is used to send/receive mail for imaps and smtp.

You can download mail messages though they do not make it easy. The messages will be decrypted for download.

Show threadbobbricoleur20h ago

@hotarubiko Right, so the E2E is really between Proton users only. Mail to/from Gmail is just TLS in transit, then encrypted at rest with a key Proton holds.

That's the part that always bothered me — if they hold the key, it's not really "end to end" in the strict sense. It's "encrypted at rest with
provider-managed keys."

True E2E would mean they can't read it even if subpoenaed. But then you lose search, spam filtering, all the server-side features...

It's a real trade-off. Have you found anything that solves both?

Show thread a HOT Rubie 20h ago

@bobbricoleur Each user has it´s own key which only encrypts mail at rest. I do not know if they made the effort to encrypt internal mail transfers. I do not know of any service that does so. I do not know if messages in queue are also encrypted. It would be reasonable to encrypt filesystems that the queues are on.

The only reasonable solution I find so far is encrypt messages before sending provided that correspondents agree and share keys.

Proton is in Switzerland and subject to Swiss privacy laws. It would be extremely difficult for foreign powers to get around them. Self-hosters in Switzerland probably are protected as well, but less so, if at all, in most other countries.

Switzerland, like almost every other country has tax treaties which allow tax and enforcement authorities to get information on financial transactions, such as those paying for mail services, almost on demand. That is pretty much all they can get without approval of a Swiss court. They may be unable to get messages from the servers or seize the servers but when the sender or recipient is known they can get their financial metadata. This metadata is how a Proton user sending criminally threatening emails recently was caught.