Installing Modoboa, Let’s Encrypt & Ubuntu 16.04

Over the past month or so I’ve been trying out running my own email server. This has come about due to warnings from Mailchimp giving warnings about our newsletter emails potentially being marked as spam because we used a Gmail account and they could not verify the domain or identity of our email address. Thus the desire to try one of these self-hosted solutions that I could potentially use for friends and family needing email. Obviously I could have gone with a hosted solution and just setup my DNS per Mailchimps requirements, but what is the fun of that.

My first choice was using mailinabox.email which runs well and is fairly easy to setup.  It consists of Postfix, Dovecot, Z-Push, Roundcube, ownCloud, Spamassassin, PostgreyNginx and runs on Ubuntu 14.04. I opted to run this on Digital Ocean. The server handles all DNS for the domain you specify as the root domain to handle your email. It allows you to also setup many domains on the server with unlimited users, issuing of Let’s Encrypt certificates, etc. For me a couple of things were lacking in regards to user management. Mailinabox website recommended two other platforms that had a little more advanced feature set so I checked them both out. I chose Modoboa I honestly liked the admin and user interface and management a little bit better as well as the statistics for traffic and spam.

Read more

Protonmail and 1Password

I was an earlier adopter of Protonmail and have had my account maybe for a year or so now.  Protonmail is a swiss based email provider that offers true secure email through your web browser (and mobile app). This email service lets you send encrypted emails and attachments to others on other email systems like Gmail, yahoo, etc. They are a little slow in releasing new features but are methodical in their development and provide a solid product. They have started offering some great tools like custom domain names and iOS and Android Apps, and providing additional storage and a great user interface.

A good friend of mine always says security and convenience are always in tension – it is very difficult to have both. We must evaluate the level of security needed in relation to the ease of use which is often diminished.  Protonmail would likely be troublesome for some as they requires two (2) passwords. One for account login and one to decrypt your mailbox. This means you should use two unique passwords that you don’t use for any other website logins…right?

Read more

Encrypted Messaging – Part 1 of…

Over the past few months I have been looking at different messaging application such as WhatsApp and Line.  While I realize there are a ton of them out there, including the standard SMS, iMessage, and… does Google Android have their own proprietary messaging service, Google+ Hangout perhaps? These services have faced a number of similar challenges and issues and a number of them have been in the new facing allegation of privacy and weak security including the ever popular Facebook WhatsApp, Viber, and Snapchat.

Enter apps like Threema (iOS & Android), TextSecure (Android),  surespot (iOS & Android) , and Wickr (iOS & Android), to name a few.

I’ve been using Threema the past couple months and really like it.  Threema is a end-to-end encrypted messaging
tool that ensures communications are completely secure and private. Threema does all the encryption on the device before sending it to its servers to relay to the recipient. According to Threema’s website, it provides several layers of encryption:

Read more