this post was submitted on 31 Oct 2024
51 points (94.7% liked)

Privacy

32492 readers
1022 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I was interested in hosting my own mail server that provides a similar level of privacy for users as Protonmail, ie the server admin cannot read any emails, even those which are not E2EE with PGP. Is there a self-hostable solution to this?

I'm aware the server admin can't read emails that were sent encrypted using the user's PGP key, but most emails I get are automated emails from companies/services/etc without the option to upload a public key to send the user encrypted email. If you're with a service like Protonmail, the server admin still cannot read even these emails.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 0 points 1 month ago (1 children)

This is a misconception. If the sender is outside proton mail the emails arrive in plain text. So it is possible for proton to read those emails. It is just that they pinky promise not read them and immediately encrypted them with your key. But if they wanted to they can read and moreover SMTP means your email has already traveled through multiple MX which could read your email but This is mostly not an issue since most email provider do encrypt with SSL of receiving MX but you might want to check few services use very very outdated softwares. But keep in mind SSL encryption is with Proton's keys and by necessity they have to first decrypt the SSL encrypted email and then encrypt with your key

[โ€“] [email protected] 1 points 1 month ago

Well I know that, that's kind of the point of any encryption at rest that isn't also E2EE. I am the server admin in this case so I trust my own pinky promise that I'm encrypting emails at rest.