On email privacy: can I store my own email and relay them through an email provider?
-
Yeah, in 2025 doing encrypted email is a painful process. Every option is a hack on top of a 43 year old protocol.
Here is a howto from Mozilla on pgp with Thunderbird. It isn’t a pleasant process.
https://support.mozilla.org/en-US/kb/openpgp-thunderbird-howto-and-faq
Luckely we're not relying on emails for security relevant and or private information, right?
-
I previously looked into doing exactly this, and recall this comment on HN: https://news.ycombinator.com/item?id=31245923
One could argue the price of smtp2go at $150/yr is a bit steep, but it would also neatly avoid issues with sending outbound mail, since you're paying them to deal with those headaches. For inbound mail, I can't see why any mail operator wouldn't deliver to the server designated by your MX records, though you'll also have to deal with spam and other concerns vis-a-vis self hosting.
On the same thread but different comment, VPS operators might already run an SMTP server that you can relay through.
I wish you good luck in this endeavor!
Thanks. After speaking with some others here, I've realised that this is actually quite doable (in theory). The other commenter has a great note on DKIM and SPF that I'm sure will help anyone looking to do this. Thanks for your help, I've also found a lot of companies offering a free SMTP server for a limited number of emails (which is more emails than I'll ever send so it works for me).
-
I don't see how you wouldn't have your email on an email providers servers - that's how email works. You send an email via a provider, they forward it to the destination address you've included with the email.
That destination address is another email provider's server, which holds it until the receiver connects and downloads it. Email is a store-and-forward system, designed at a time when users weren't always connected. It still works this way.
Email is old, so the fundamental mechanics are pretty simple, and encryption wasn't an option at the time - so it's sent in the clear. Otherwise it would require both sender and receiver (either at both ends, or the servers) to agree on an encryption to use.
It is possible. One can have IMAP hosted on their server and simply use the SMTP server operated by a different entity. There are companies offering SMTP servers for free as long as you're under the limit.
-
Not true that most incoming email will plaintext. It’s the opposite:
“Most of today’s email services, including Gmail, employ transport layer security (TLS) to protect emails in transit”
Ref: https://umatechnology.org/gmails-new-encryption-can-make-email-safer-heres-why-you-should-use-it/
TLS is a transport encryption. PGP is content encryption. The latter one is what is most important, even if almost no one uses it.
-
I use sendgrid as my outgoing smtp relay to avoid ip reputation issues you mention. You still have to configure your dns settings for spf and dkim pointing at their servers instead of yours. Their free tier is 10x the email I’ll ever send so it doesn’t cost anything. There are a few companies in this space with free tiers. It works, but it isnt Gmail level deliverability. I still get spam binned occasionally.
-
System shared this topic on
