email privacy

Mathias Homann Mathias.Homann at openSUSE.org
Tue Apr 10 10:19:16 BST 2018 

Am 2018-04-10 04:54, schrieb E. Hakan Duran:
> Dear all,
> 
> I am trying to improve my email privacy and thought that this would be
> a great platform to ask questions to a bunch of smart people. I would
> love to be able to do all this using Kontact/Kmail, so it is not
> totally off-topic in my opinion.



hi,


I am running a setup that might be interesting for you...

There are six main components that you will have to learn how to set up. 
Let's look beginning on the outside network.

1. Get a dyndns hostname, and configure your cable modem / dsl router to 
keep it up to date. This will let you connect to your external address 
which is subject to change by using one hostname that stays constant.

2. Configure your router / cable modem / whatever you have to forward 
the ports for SMTPS and IMAPS to the internal address of the machine 
that will be your mail server - this will allow you to connect to your 
mail server from the outside, by using that hostname from step 1.

3. Install a mail transfer agent (postfix), and make sure you configure 
it properly. It has to allow sending from EXTERNAL addresses ONLY with 
proper authentification, or your server will be a spam relay. Later 
options for this: spam filtering, mail antivirus, etc.

4. Install a mail delivery agent. This is the piece of software that 
receives and stores local email, and that all your clients (tablet, 
phone, kmail, thunderbird, or whatever else) connect to to get at your 
mailbox.

5. Install and configure fetchmail. This is the one piece that will 
FETCH your mail, via POP3, from the mailserver(s) that you are using for 
your regular email, and DELETE the mails on those servers. It then just 
feeds them into the local mail system, which will store them loclly 
inside the MDA from step 4 so your tablet / kmail can get at them.

6. GET A SSL CERTIFICATE for your server. The sertificate needs to be 
for the hostname that you get in step 1. My personal suggestion for this 
would be using letsencrypt.org. This will involve setting up and running 
a web server, at least when you get (and when you frenew) the 
certificate.

(7. since you already need a webserver for 6., why not install roundcube 
email and have a webmail frontend for those times when you really need 
to get at an email but all you have is a webbrowser)


My PERSONAL preferences for 3 and 4 are postfix, anc cyrus imapd, but I 
hear that dovecot is also a good option for an imap server.


HTH
MH

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: OpenPGP digital signature
URL: <http://mail.kde.org/pipermail/kdepim-users/attachments/20180410/c2d61f0b/attachment.sig>

More information about the kdepim-users mailing list