Following a recent discussion of email security over at Linkedin, I think perhaps my old but recently updated spam and malware countermeasures article is still worth reading if the subject is important to you - https://nxdomain.no/~peter/effective_spam_and_malware_countermeasures.html.

The reference section has pointers to a seemingly endless sequence of field notes related to these matters. The so far last entry is my New Year 2025 post "A Suitably Bizarre Start of the Year 2025" https://nxdomain.no/~peter/suitably_bizarre_start_of_the_year_2025.html #email #smtp #spam #malware #security

@kinetix @delta #chatmail allows us to show what #email can do.

- sub second message delivery
- push notifications

We plan to document how other email providers can also incorporate these improvements. We try to convince #dovecot to remove their sleep statement and after we are happy with our push notification solution we will open it up and publish how to implement it.

@kinetix the question is, if I want to move away from #WhatsApp, does it makes sense to go use Delta Chat with #gmail??? I understand the feeling, but it is time to get a bit of power out of the hands of the big email providers and make #email more federated, you can still use #DeltaChat with such providers but there is not a good reason to recommend them when getting a free anonymous account is super easy and it is not the "another registration" painful process, but "no registration"

@delta

Here's an interesting question for you:
Can RFC 2047 encoded text in the Subject line of an email contain encoded line break characters (i.e.,, ^J, a.k.a. 0x0A)?
I don't think they should, because the point of RFC 2047 encoding is to encode non-ASCII characters which would otherwise be legal in the Subject line, not to encode characters which would otherwise be _illegal_, which includes line breaks.
RFC 2047 itself doesn't give a definitive answer.
What do you think?
#email #MIME #SMTP #SysAdmin

@0a91bf0cdc9f871e65f2ede0570ff9d4fc2cf87b2c8a12ee647f5c2dc53825c0 @matiu_bidule the app works like a local email client, you are not sending your email address to any 3rd party server, it is similar to using #Thunderbird, that said, you don't need to use your #email address, you can login anonymously using #chatmail servers that basically provide you similar advantages to #Nostr and #Session

Much of what is commonly said about #email and #openpgp is wrong. It can very well be fast and secure and that's a claim backed by working code and deployments and audits (#chatmail servers and the #deltachat family of apps). There is no both-sides-have-opinions game to be played here. Internet-scale messaging alternatives are arguably either centralized or brittle. There is however much room for further improvements including deep changes in how we commonly understand email today. Stay tuned :)

If your #email provider has done something unacceptable, you might consider switching to another one, but this might mean telling all your contacts to update your address.

You can avoid this problem by creating your own domain name and using it with your favourite email provider. If they ever do something bad, you will be able to switch to another provider without having to change your email address.

There's a beginner's guide to making your own domain name here:

🌱 https://growyourown.services/a-beginners-guide-to-creating-and-using-your-own-domain-name

@neil I ran my own #email server for about 25 years, from about 1994 to 2019. In the early days it ran on #UUCP even.

I stopped because:

1) Email had become too critical, and if I was away and offline or something and the server went down or had issues, I didn't want to lose mail

2) It took too much time to maintain, in BOTH directions.

1/

Fully appreciating that the people who see this are unlikely to be representative of the general population, I ask this nevertheless:

Do you, currently, run your own email server, without significant problems with email deliverability?

(I am asking because, so often, one hears that it is not possible, so I wonder how many other people here are successfully doing the impossible :))

#email #selfhosting

Alright, you FLOSS business folks with countless appointments and meeting invitations each month, hear me out: what if in @EvolutionGnome we could have an integrated visual preview of the surrounding schedule context of an event you are being invited to? 🤔

Here's my ponies-on-rainbows suggestion for it (other #GNOME email clients are welcome to steal my idea): https://gitlab.gnome.org/GNOME/evolution/-/issues/2950

#productivity #email #calendaring #FLOSS #Linux #meetings

Alt...

Mockup of a meeting invitation UI with preview of the event's surrounding context timetable

I'm some glad that my primary #email address is a domain name that I "own". In the event that my mail provider goes #maga (like #proton), it's just a matter of updating a few #DNS records to switch.

Of course, that's assuming you can find an alternative provider that works for you.

I have settled on https://runbox.com for now, as they seem reasonably trustworthy, and their pricing is fair and accessible to (almost) everyone.

https://mailbox.org might be alright, too.

Stay away from:
Tuta
Skiff/Notion

Hum, are we the only cross-platform messenger project present in 15+ app stores that primarily announces on, and interacts with, the Fediverse while others use X and maybe Bluesky? If you know of others please mention them in the replies :)

In any case, we are pretty happy here, as we are finding meaningful interactions, and organically evolving interest and collaboration with other people and projects. Probably it helps that #email shares several traits with #ActivityPub protocols? Cheers.

@FediThing (FTR, I managed to get my own #VPS and to setup an #email #server optimized for #DeltaChat after some struggle with #DNS records configuration for the first time in my life 😅 #selfhosting feels awesome!)

@jwildeboer

An update on #green #cybercrime #prevention: "Harvesting the Noise While it's Fresh, Revisited" https://nxdomain.no/~peter/harvesting_the_noise_revisited.html (tracked, prettified https://bsdly.blogspot.com/2022/12/that-grumpy-bsd-guy-harvesting-noise.html) now has an update about harvesting even more useful data from #openbsd #spamd log file noise.
#antispam #greytrapping #greencomputing #spam #email #smtp

@FediThing thanks a lot!!! just read your guide and thanks to it I managed to buy a domain! ❤️
now I need to buy a VPS to setup my own #email server, do you have any article listing some of these kind of VPS? I saw another of your articles but it was about the more limited "managed hosting providers"

@jwildeboer

A few days ago I read an article on LinkedIn, where someone was complaining that many email servers still don't support STARTTLS, and so the "email communication is not encrypted". The person implied that by using STARTTLS, your emails would be encrypted.

While it's true that today all mail servers should support STARTTLS without optional bypassing, this does not fully encrypt your email. When the mailserver you are using, supports STARTTLS, the communication between your mailclient and your server is encrypted. If the recipient's mailserver also supports STARTTLS and your and the recipients mailserver communicates directly, the communication is also encrypted but you won't see this when sending your mail.

But it's also possible that the recipients mailserver is not supporting STARTTLS and the communication between your and the recipient's mailserver is unencrypted. As said, your mailclient won't tell you because the client is only responsible for using STARTTLS for communication with your mailserver.

When there are multiple mailservers in between which are relaying the mail, things get even worse since you have absolutely no control which parts of communication are encrypted and which are not.

Long story short: STARTTLS is great. Correctly implemented, it ensures secure communication between your mail client and your mailservers and it protects login credentials as well as your mail content. But if you want to make sure that nobody can read your email, use OpenPGP or S/MIME.

But it's also important that your emails are stored safely. When chosing an email provider, make sure that your email account is encrypted and go for a provides which is known to protect it's customers privacy.

Stay safe!

#email #encryption #privacy #pgp

Today someone CCed my #Mastodon handle in an #email to me.

I get it — the @ in the middle of the handle makes it look like an email address.

1. That doesn't work right?

2. Could it work? That is, could Mastodon parse #emails as private mentions or something like that?

#webDev #software #socialMedia #fediverse #internet #protocol #openWeb

We never did a proper #introduction, did we? 😲

Hi Fediverse, we're Thunderbird, an #opensource #email client available for free on Linux, Windows, MacOS and now on Android!

You can use Thunderbird for managing an unlimited number of mail accounts, calendars, newsgroup accounts, and RSS feeds. You can also chat using your @matrix account.

💙 LIKES: Open standards, privacy, freedom, customization.

🚫 DISLIKES: Proprietary code.

Nice to meet you 📩