We are still actively working on the spam issue.

Difference between revisions of "Email"

From InstallGentoo Wiki
Jump to: navigation, search
(MX Record)
(Add Betterbird)
 
(26 intermediate revisions by 11 users not shown)
Line 1: Line 1:
 +
'''Email''' (short for '''Electronic Mail''', sometimes also '''E-mail''') is one of the oldest methods of digital communication that is still in existence. Millennial Web Developer faggots legitimately believe Email is dead, so don't believe this myth period. I'm serious, they actually believe that.
 +
 +
Email was originally distributed through various protocols, the earliest being FTP. Now, the most common methods of transit are UUCP and SMTP. Various protocols exist for remotely accessing your mailserver as well, including POP3 (antiquated) and IMAP.
 +
 +
Do not send HTML emails unless you want people to 1) yell at you, 2) not be able to read your emails, or 3) send you a virus in retaliation.
 +
 
== Email Providers ==
 
== Email Providers ==
If you care about your personal [[Freedom]], you should check out these [http://prxbx.com/email/ Privacy-Conscious Email Providers].
+
''See also:  [[Email Providers]]''
 +
 
 +
Self hosting is the only way to fully ensure the privacy and security of your email. Entrusting a third party to store your data on their servers always introduces some risks. Even the most trustworthy providers may be forced to turn over user data in response to a court order. We have seen this happen in the case of Hushmail and Lavabit (Edward Snowden's email provider).
 +
 
 +
However, in wake of the NSA spying scandal several privacy focused email providers have surfaced. Some notable ones are:
 +
* <s>[https://protonmail.com/ ProtonMail] - Hosted in Switzerland</s> Proton Mail is a scam. They require you to use JS-Web Mail and your [[PGP]] key is generated server-side.
 +
* [https://tutanota.com/ TutaNota] - Hosted in Germany
 +
These providers use browser based client-side encryption. Their code is open source, so it can be easily audited. Emails between users of their service are encrypted automatically. Sending encrypted email to outside users is also possible via a link with a [[Passwords | password]] and password hint. This provides a high level of convenience because no additional software installation or technical knowledge is required. When a higher level of security is required GPG/PGP is still the gold standard.
 +
 
 +
Other providers include:
 +
 
 +
* [https://cock.li Cock.li] - Yeah, it's mail... with cocks ... and onions!
 +
 
 +
For a full list of providers which respect your personal [[freedom]] check out [http://prxbx.com/email/ Privacy-Conscious Email Providers].
 +
 
 +
== Email Encryption ==
 +
''Main article: [[PGP]]''
 +
[[File:EmailSelfDefense.png|thumb|The FSF's guide to email encryption]]
 +
PGP is an acronym for Pretty Good Privacy. It is software that provides both encryption and authentication. GPG or GNU Privacy Guard is a free implementation of it. Although PGP has been around since the 1990s, it is not widely adopted because of the steep learning curve required to use it. Nevertheless, it can be a very effective tool for protecting email communications. Some software installation is required, but it can be used with any existing email account. You must have a recipient's public key in order to send them an email with PGP. Many privacy conscious individuals, activists and journalists make their public key available alongside their contact email.
 +
 
 +
To learn how to use PGP see the following guides:
 +
* [https://emailselfdefense.fsf.org/en/ The FSF's Email Self Defense Guide]
 +
* [https://ssd.eff.org/en/module/how-use-pgp-linux How to: Use PGP for Linux]
 +
* [https://ssd.eff.org/en/module/how-use-pgp-windows How to: Use PGP for Windows]
 +
* [https://ssd.eff.org/en/module/how-use-pgp-mac-os-x How to: Use PGP for Mac OS X]
 +
 
 +
A second method of encryption exists, known as S/MIME. This method was developed in the early 2000's. It uses certificates rather than keys. It has an adoption rate of >1% so it is not recommended for general use.  
  
 
== Email Clients ==
 
== Email Clients ==
[http://wiki.installgentoo.com/index.php?title=Recommended_software#Email_Clients Recommended Software]
+
''See also: [[Recommended software]]''
 +
 
 +
[[File:Betterbird.png|48px]] '''Betterbird'''
 +
 
 +
[[Betterbird]] is a soft fork of Thunderbird with more big fixes applied but features that Thunderbird will not add.
 +
 
 +
[[File:Icon_Thunderbird_small.png|48px]] '''Thunderbird'''
 +
 
 +
[https://www.mozilla.org/en-US/thunderbird/ Thunderbird] is a email client based upon the Gecko rendering engine. Like its sibling Firefox, it offers the user extensive customization options via third-party add-ons. Enigmail is an extension for it that provides easy to use PGP.
 +
 
 +
[[File:Seamonkey-icone-6933-128.png|48px]] '''SeaMonkey'''
 +
 
 +
[http://www.seamonkey-project.org/ SeaMonkey] is a continuation of the Mozilla suite. Unlike most modern web browsers, it is an Internet suite, complete with bundled programs for email, IRC, and web design. It is compatible with most Firefox add-ons. It also supports Enigmail for PGP encryption.
 +
 
 +
[[File:Icon_Claws-Mail.png]] '''Claws Mail'''
 +
 
 +
[http://www.claws-mail.org/ Claws Mail] is an email client (and news reader), based on GTK+. The appearance and interface are designed to be familiar to new users coming from other popular email clients, as well as experienced users. Almost all commands are accessible with the keyboard.
 +
 
 +
[[File:Icon_Kmail.png]] '''KMail'''
 +
 
 +
[http://userbase.kde.org/KMail KMail] is the email component of Kontact, the integrated personal information manager from KDE.
 +
 
 +
Of course, if you want to use a good ol' terminal client, Mutt is the usual go-to. Pine also exists.
 +
 
 +
[[File:Mutt-48x48.png]] '''Neomutt'''
 +
 
 +
[https://neomutt.org/ neomutt] is a commandline email client and a more up to date fork of mutt with extended functionallity. [[A_modern_mutt_setup | Here's a guide how to set up in Debian 10]]
  
 
== Self Hosted Email ==
 
== Self Hosted Email ==
  
''See also:  [[Setting_up_a_Server#Setting_Up_Email]]''
+
''See also:  [[Setting_up_a_Server#Setting_Up_Email_the_EASY_way]]''
  
 
The only way to have full control over your email is to host your own mail server.
 
The only way to have full control over your email is to host your own mail server.
Line 16: Line 74:
 
A '''Mail eXchanger Record (MX record)''' specifies a mail server responsible for accepting email messages on behalf of a recipient's domain, and a preference value is used to prioritize mail delivery if multiple mail servers are available. The set of MX records of a domain name specifies how email should be routed with the Simple Mail Transfer Protocol (SMTP).
 
A '''Mail eXchanger Record (MX record)''' specifies a mail server responsible for accepting email messages on behalf of a recipient's domain, and a preference value is used to prioritize mail delivery if multiple mail servers are available. The set of MX records of a domain name specifies how email should be routed with the Simple Mail Transfer Protocol (SMTP).
  
*[http://www.petri.co.il/configure_mx_records_for_incoming_smtp_email_traffic.htm Configure MX Records for Incoming SMTP E-Mail Traffic]
+
* [http://www.petri.co.il/configure_mx_records_for_incoming_smtp_email_traffic.htm Configure MX Records for Incoming SMTP E-Mail Traffic]
  
 
==== SPF Record ====
 
==== SPF Record ====
 
A '''Sender Policy Framework (SPF)''' record identifies which servers are ALLOWED to send email on behalf of your domain.  The idea is to help prevent domain spoofing by spammers.  If a spammer tries to use your domain to forge email, the receiver can check your SPF record and, if it doesn't match, reject it outright.  These days most mail servers check for SPF records, and if they don't find one, they will also reject your mail - so you need one.
 
A '''Sender Policy Framework (SPF)''' record identifies which servers are ALLOWED to send email on behalf of your domain.  The idea is to help prevent domain spoofing by spammers.  If a spammer tries to use your domain to forge email, the receiver can check your SPF record and, if it doesn't match, reject it outright.  These days most mail servers check for SPF records, and if they don't find one, they will also reject your mail - so you need one.
  
*[http://www.openspf.org/ SPF Project Overview]
+
* [http://www.open-spf.org/ SPF Project Overview]
*[http://spfwizard.com/ EasySPF]
+
* [http://spfwizard.com/ EasySPF]
*[http://www.spfwizard.net/ SPF Wizard]
+
* [http://www.spfwizard.net/ SPF Wizard]
  
 
==== DKIM Record ====
 
==== DKIM Record ====
A '''DomainKeys Identified Mail''', or ''DKIM'' entry provides a 1024-bit public key, unique to your domain, that confirms that an email is actually from a legitimate account on your server.  It is a complementary check to SPF records.  It is not as widely used as SPF yet, but is in use by gmail and Yahoo, and should be set up anyhow.
+
A '''DomainKeys Identified Mail''', or ''DKIM'' entry provides a 1024-bit public key, unique to your domain, that confirms that an email is actually from a legitimate account on your server.  It is a complementary check to SPF records.  It is not as widely used as SPF yet, but is in use by Gmail and Yahoo, and should be set up anyhow.
  
*[http://dkim.org/ DomainKeys Identified Mail (DKIM)]
+
* [http://dkim.org/ DomainKeys Identified Mail (DKIM)]
*[http://www.dnswatch.info/dkim/create-dns-record DKIM DNS Wizard]
+
* [http://www.dnswatch.info/dkim/create-dns-record DKIM DNS Wizard]
  
 
=== Mail Transfer Agent (MTA) ===
 
=== Mail Transfer Agent (MTA) ===
 +
A '''Mail Transfer Agent''' is an agent, such as Mutt, which is used to interface with other software programs to view, edit, and send mail.
 
==== Postfix ====
 
==== Postfix ====
  
 
=== Mail Delivery Agent (MDA) ===
 
=== Mail Delivery Agent (MDA) ===
 +
A '''Mail Delivery Agent''' is software used to send mail to the mail server in conjunction with other software programs, such as the MTA Mutt. An example of an MDA is msmtp.
 
==== Dovecot ====
 
==== Dovecot ====
  
Line 41: Line 101:
  
 
=== Security ===
 
=== Security ===
 +
The email system is inherently insecure in many ways that will never be fixed, as it was designed in a time when passwords were rare, and IPv4 had so damn many addresses, we could never possibly use them all.
 +
 +
The best way to secure email is to use [[PGP]], either by using the enigmail addon for Thunderbird, or by copy+pasting to a terminal and using gpg.  This allows you to encrypt and sign email, providing confidentiality and authentication, ensuring that only the recipient can read it and that it did indeed come from you.
 +
 +
=== All-in-one Selfhosting Solution ===
 +
 +
==== iRedMail ====
 +
 +
* [https://www.iredmail.org/ iRedMail]
 +
 +
<b>Note:</b> Prepare to do some Reading and subscibe to the Mailinglist when seting up. You need a Domain and a Public Accessable Server using Red Hat, CentOS, Debian, Ubuntu, FreeBSD or OpenBSD.
  
 
== External Links ==
 
== External Links ==
http://flurdy.com/docs/postfix/
+
* [http://flurdy.com/docs/postfix/ How to set up a mail server on a GNU / Linux system] - flurdy.com
 +
 
 +
[[Category:Terms]]
 +
[[Category:Software]]
 +
[[Category:HowTo]]

Latest revision as of 20:20, 3 July 2023

Email (short for Electronic Mail, sometimes also E-mail) is one of the oldest methods of digital communication that is still in existence. Millennial Web Developer faggots legitimately believe Email is dead, so don't believe this myth period. I'm serious, they actually believe that.

Email was originally distributed through various protocols, the earliest being FTP. Now, the most common methods of transit are UUCP and SMTP. Various protocols exist for remotely accessing your mailserver as well, including POP3 (antiquated) and IMAP.

Do not send HTML emails unless you want people to 1) yell at you, 2) not be able to read your emails, or 3) send you a virus in retaliation.

Email Providers

See also: Email Providers

Self hosting is the only way to fully ensure the privacy and security of your email. Entrusting a third party to store your data on their servers always introduces some risks. Even the most trustworthy providers may be forced to turn over user data in response to a court order. We have seen this happen in the case of Hushmail and Lavabit (Edward Snowden's email provider).

However, in wake of the NSA spying scandal several privacy focused email providers have surfaced. Some notable ones are:

  • ProtonMail - Hosted in Switzerland Proton Mail is a scam. They require you to use JS-Web Mail and your PGP key is generated server-side.
  • TutaNota - Hosted in Germany

These providers use browser based client-side encryption. Their code is open source, so it can be easily audited. Emails between users of their service are encrypted automatically. Sending encrypted email to outside users is also possible via a link with a password and password hint. This provides a high level of convenience because no additional software installation or technical knowledge is required. When a higher level of security is required GPG/PGP is still the gold standard.

Other providers include:

  • Cock.li - Yeah, it's mail... with cocks ... and onions!

For a full list of providers which respect your personal freedom check out Privacy-Conscious Email Providers.

Email Encryption

Main article: PGP

The FSF's guide to email encryption

PGP is an acronym for Pretty Good Privacy. It is software that provides both encryption and authentication. GPG or GNU Privacy Guard is a free implementation of it. Although PGP has been around since the 1990s, it is not widely adopted because of the steep learning curve required to use it. Nevertheless, it can be a very effective tool for protecting email communications. Some software installation is required, but it can be used with any existing email account. You must have a recipient's public key in order to send them an email with PGP. Many privacy conscious individuals, activists and journalists make their public key available alongside their contact email.

To learn how to use PGP see the following guides:

A second method of encryption exists, known as S/MIME. This method was developed in the early 2000's. It uses certificates rather than keys. It has an adoption rate of >1% so it is not recommended for general use.

Email Clients

See also: Recommended software

Betterbird.png Betterbird

Betterbird is a soft fork of Thunderbird with more big fixes applied but features that Thunderbird will not add.

Icon Thunderbird small.png Thunderbird

Thunderbird is a email client based upon the Gecko rendering engine. Like its sibling Firefox, it offers the user extensive customization options via third-party add-ons. Enigmail is an extension for it that provides easy to use PGP.

Seamonkey-icone-6933-128.png SeaMonkey

SeaMonkey is a continuation of the Mozilla suite. Unlike most modern web browsers, it is an Internet suite, complete with bundled programs for email, IRC, and web design. It is compatible with most Firefox add-ons. It also supports Enigmail for PGP encryption.

Icon Claws-Mail.png Claws Mail

Claws Mail is an email client (and news reader), based on GTK+. The appearance and interface are designed to be familiar to new users coming from other popular email clients, as well as experienced users. Almost all commands are accessible with the keyboard.

Icon Kmail.png KMail

KMail is the email component of Kontact, the integrated personal information manager from KDE.

Of course, if you want to use a good ol' terminal client, Mutt is the usual go-to. Pine also exists.

Mutt-48x48.png Neomutt

neomutt is a commandline email client and a more up to date fork of mutt with extended functionallity. Here's a guide how to set up in Debian 10

Self Hosted Email

See also: Setting_up_a_Server#Setting_Up_Email_the_EASY_way

The only way to have full control over your email is to host your own mail server.

DNS

MX Record

A Mail eXchanger Record (MX record) specifies a mail server responsible for accepting email messages on behalf of a recipient's domain, and a preference value is used to prioritize mail delivery if multiple mail servers are available. The set of MX records of a domain name specifies how email should be routed with the Simple Mail Transfer Protocol (SMTP).

SPF Record

A Sender Policy Framework (SPF) record identifies which servers are ALLOWED to send email on behalf of your domain. The idea is to help prevent domain spoofing by spammers. If a spammer tries to use your domain to forge email, the receiver can check your SPF record and, if it doesn't match, reject it outright. These days most mail servers check for SPF records, and if they don't find one, they will also reject your mail - so you need one.

DKIM Record

A DomainKeys Identified Mail, or DKIM entry provides a 1024-bit public key, unique to your domain, that confirms that an email is actually from a legitimate account on your server. It is a complementary check to SPF records. It is not as widely used as SPF yet, but is in use by Gmail and Yahoo, and should be set up anyhow.

Mail Transfer Agent (MTA)

A Mail Transfer Agent is an agent, such as Mutt, which is used to interface with other software programs to view, edit, and send mail.

Postfix

Mail Delivery Agent (MDA)

A Mail Delivery Agent is software used to send mail to the mail server in conjunction with other software programs, such as the MTA Mutt. An example of an MDA is msmtp.

Dovecot

Spam Prevention

SpamAssassin

Security

The email system is inherently insecure in many ways that will never be fixed, as it was designed in a time when passwords were rare, and IPv4 had so damn many addresses, we could never possibly use them all.

The best way to secure email is to use PGP, either by using the enigmail addon for Thunderbird, or by copy+pasting to a terminal and using gpg. This allows you to encrypt and sign email, providing confidentiality and authentication, ensuring that only the recipient can read it and that it did indeed come from you.

All-in-one Selfhosting Solution

iRedMail

Note: Prepare to do some Reading and subscibe to the Mailinglist when seting up. You need a Domain and a Public Accessable Server using Red Hat, CentOS, Debian, Ubuntu, FreeBSD or OpenBSD.

External Links