I am, by nature, defiant. My challenge behaviors are triggered when I encounter policies or viewpoints that curtail freedom or hide truth (by my admittedly subjective estimation).
With school ending I will no longer have access to the non-corporate, school-hosted, email account on which I’ve grown fully dependent. It is known that most, if not all, corporate email providers–Comcast, Google, Yahoo, Microsoft and many others–examine the content of their client’s email to tailor advertising for that particular user. If private companies are allowed to infringe on our privacy in this way, one can only imagine what “monitoring practices” the United States government employs in their (officially-stated) interest of “national security”. I really dig such blanket terms deliberately kept vague to rouse feelings of fear; these jive well with my personal views on things (see first sentence of this post). Because I value my privacy, and because I wanted to learn a potentially valuable skill, I decided to try and set up an email server at home. It’s not that I have anything to hide or that I’m at all interesting from a security perspective, it’s simply that I believe that my daily doings and communications are nobody’s business but mine and my message recipients’.
From the onset, I suspected that setting up an encryption-enabled email server would not be easy. Two years ago I ambitiously set up web and file servers through my home Internet connection and it quickly became obvious that the powers that be–my ISP: Comcast–are not all that keen on the idea. But it was still doable; that is, Comcast had not taken measures to block their customers’ capacity to setup and run a web-server. The main limitation imposed is input traffic to my server is comparably slower than outgoing requests. For my uses presently, this directional asymmetry in my internet connection is not a problem.
So, I figured the same scenario would hold for my setting up a self-hosted email account. I downloaded Postfix, the famed email server software of yor, and then diligently configured it to be secure using Dovecot SASL. Anything but intuitive, and overly complex as is just about everything network-related, I managed to get everything running locally after four days’ work. To troubleshoot my many misconfigurations, I sought guidance from both Ubuntu Server documentation pages as well as other, “unofficial”, configuration guides from all corners of The Internet. Eventually I got the server running sufficiently well to verify its proper functioning through my LAN. Next I endeavored to configure it up for SSL encryption which is no small feat. And when I was finally ready to open the firewall to let ‘er rip… nothing.
Test emails I composed were neither sent from my server nor received by it. I checked my configuration files, my IP address and ports settings, shut down and restarted the server several times and verified that all was peachy locally. Feeling defeated, I begrudgingly checked out my internet service provider’s traffic policies. Buried within several layers of fluff likely intended to dissuade less persistent investigators, I discovered that Comcast, and several other ISPs, made a pact to block port 25, the default port for nonencrypted email traffic. To combat email spam was the reason given; which, to be fair, seems to me a valid one. The problem is, the block effectively (and quietly) removes the freedom for internet users to control the routing and storage of their own email as most unix-based email servers, like Postfix, can really only function by using port 25. Perhaps there is a way to bypass this by changing it to receive traffic though another port, but as far as I can tell, a move to another port would require participation by both the senders and the recipients. I doubt anybody who emails me would be willing to go to the effort of changing their port settings just so their message could be received by my lone server. I think you get the idea.
Annoyed, both at Comcast and mostly myself for not checking on ISP support of email servers BEFORE I invested a nearly a week’s worth of time and effort, I set the email portion of my domain to point toward an encryption-based email hosting service that is physically located overseas. There my email will be stored, hopefully outside of prying eyes, hopefully for a good long while, and hopefully with warning that they will be purged should the company fold. Above is just one chapter in my transition from technophile to technophobe.
