This open-source project helps you protect your data privacy and ownership through low-cost server facilities.

There are now many reasons not to entrust the task of storing your data to others, nor to run your services on third-party companies; privacy, ownership, and preventing anyone from profiting off your data. However, for most people, running a server is a time-consuming task that requires too much expertise. Unfortunately, we have to compromise. Leaving these concerns aside, using cloud services from certain companies comes with ads, data mining and selling, and potentially anything else.

The projectx/os[1] project aims to eliminate these concerns, allowing effortless service hosting at home and making it easy to create an account similar to Gmail. To achieve this, all you need is a $35 Raspberry Pi 3 and a Debian-based operating system image — and not much expertise. You can achieve it in just four steps:

Server applications (like the email server) are broken down into multiple containers, each of which can only communicate with the outside world in specified ways, using very fine-grained isolation measures to enhance security. For example, incoming SMTP, SpamAssassin[2] (anti-spam platform), Dovecot[3] (secure IMAP server), and webmail all use separate containers that cannot see each other’s data, thus a problem in a single daemon will not affect other processes.

Additionally, they are all stateless containers, such as SpamAssassin and incoming SMTP, which are destroyed and rebuilt every time they receive an email; therefore, even if someone finds a bug and exploits it, they cannot access previous or subsequent emails; they can only access the email that they exploited. Fortunately, most publicly released services that are most vulnerable to attacks are isolated and stateless.

All stored data is encrypted using dm-crypt[4]. Non-public services, such as Dovecot (IMAP) or webmail, listen internally and use a private encrypted overlay network provided by ZeroTier One[5], so only your devices (smartphones, laptops, tablets, etc.) can access them.

Although email is not end-to-end encrypted (unless you use PGP[6]), non-encrypted emails will never cross the network and will not be stored on disk. Now, plain text emails only exist on the private mail servers of both parties, well protected at their homes and can only be accessed through their clients (smartphones, laptops, tablets, etc.).

Another benefit is that personal devices are all password-protected (not fingerprint or other biometric technologies), and the devices in your home are protected by the Fourth Amendment[7] of the United States, offering stronger legal protection compared to third-party data centers owned by companies. Of course, if your email is with Gmail, Google still keeps a copy of your emails.

Looking Ahead

Email is the first application I packaged using the project/os project. Imagine an application store with all server software, packaged for easy installation and use. Want a blog? Add a WordPress application! Want to replace secure Dropbox? Add a Seafile[8] application or a Syncthing[9] backend application. IPFS[10] node? Mastodon[11] instance? GitLab server? Various home automation/IoT backend services? There is a wealth of excellent open-source server software that is easy to install, which can replace those patented cloud services.

via: https://opensource.com/article/18/3/host-your-own-email

Author: Nolan Leake[13] Translator: qhwdw Proofreader: wxy

This article is originally compiled by LCTT and proudly presented by Linux China