Desperately Seeking Secure and Reliable Email? 328
mkcmkc asks: "I've recently switched to my local monopoly (ugh) provider of high-speed Internet access, and discovered that their email reliability is about as good as my previous ISP's--i.e., -not good enough-. Who provides the kind of email drop that Slashdotters would drool over? I want:
secure access (SSH+POP, or something as good), drop dead reliability (meaning a setup designed and administered by a sharp crew that really cares), timely status reports on outages, a shell account (accessible via SSH), an organization that has respect for the principles of privacy and liberty, and that will at least consider not just rolling over at the first subpoena (if not before). I'd certainly pay several hundred bucks a year for quality. Any suggestions?"
DIY (Score:4)
Speakeasy? (Score:3)
DSL provider. They come highly regarded on dslreports.com
-Dennis
Hotmail.com (Score:4)
Speakeasy (Score:3)
Re:DIY (Score:3)
Best server: 127.0.0.1 (Score:3)
Chris
quality email service (Score:2)
Re:DIY (Score:3)
HUSHMAIL (Score:4)
Good stuff - strong encryption all the way baby!
Now where's my tempest-foiling encrypted X display? ;)
get your own server... (Score:2)
Or go to a large university with a generous network setup.
Email (Score:2)
As far as the outages, I recently had a few but the issue turned out to be a fried DSL router which has since been resolved.
Reliability == redundancy (Score:4)
I can help find places with at least one part of that - complete reliability. There are a few very simple commands I type to find out how reliable an organization's mail system is:
Specifically, I look for the nameservers. They should have three. One or two is unacceptable. Some have up to six. And the nameservers should be isolated from each other (see traceroute below)
This will show you every mail exchange of the domain. One is unacceptable. Two is average. Three or more is great. As with nameservers, they should be somewhat isolated.
Run a traceroute to each one of the nameservers and mail exchangers. Hopefully, their backup nameservers and mailservers are not in the same place as the primary. This will be reflected in the different traceroute paths. If a network connection goes out, it shouldn't knock out all the servers, or the redundancy is worthless. If the power goes out or there's a fire, the same applies.
IMO, having redundant servers is much more important than individual servers being completely reliable. No matter what you do, you're gonna have some downtime on servers...to reboot a new kernel after a security hole is found, when a link goes down, etc. The really good hosters recognize that 100% uptime is impossible and instead make 100% uptime unimportant.
Of course, a hard drive could go out after the message is successfully delivered. And this doesn't answer your other questions about privacy, etc. But it's an important part of the equation.
Mailvault? (Score:5)
MailVault [mailvault.com]
a Laissez Faire City [lfcity.com] service, sounds like what you are looking for. Basic service is free beer, but lots of goodies are available if you are willing to pay.Disclaimer, this is hearsay, I don't actually use the service. Since I'm a little less worried about security than you sound to be, MailandNews.Com [mailandnews.com] has served my needs fine. Secure connections, pop, imap...
Re:DIY (Score:2)
-=Bob
Contact your ISP (Score:2)
I would be interested in hearing what steps you have taken to communicate the problem with your ISP and the steps they have taken to fix the problem.
Anyways, to answer your question, I have no problems with Yahoo! Mail [yahoo.com] and HoTMaiL [hotmail.com] but then again, the later violates your "secure" requirement as hotmail is notorious for accomodating even the simplest of security flaws.
If you haven't yet done so, It might be a good idea to talk to your ISP or pay them a visit to their offices or something. I wish you luck.
FBI starts up CarnivoreMail.com (Score:4)
For those FBI agents away-from-work, CarnivoreMail.com offers 1 stop mail snooping. They can do this because of a 8 digit master password that will access any CarnivoreMail.com account. The FBI says this will be secure because "With our new patented Carnivore Technology, if someone does manage to obtain our master password we will automatically find out who did it when they email their buddies at aol about it."
When asked about the privacy policy at CarnivoreMail.com, the FBI spokesperson laughed.
Zixmail (Score:2)
My Vote's On This Doofus [mikegallay.com]
DHP.COM (Score:4)
I have used The Datahaven Project (dhp.com [dhp.com]) for several years now, and they have been really good. They have absolutely no information about me other than my e-mail address (with them). I pay by money order, and I just had them put a notice up on their page when my account was created, with the password I gave them on the cgi form. The price for a shell account is $50/ 6 months and I haven't regreted it at all. They run Linux and provide ssh access as well as POP, news, and all the standard stuff. They seem competent technically, and they are dedicated to privacy.
Hope that helps.
DIY DNS advice - if you really want to DIY (Score:3)
No guarantees about anything... Also, I'm not convinced that a roll-your-own solution will really give you better uptime, unless you have a lot of time to devote to fixing an outage... it certainly lets you know as much as anyone about WHY it's down...
Re:DIY (Score:2)
MyRealBox - SSL on POP3 IMAP and SMTP and its FREE (Score:4)
Re:DIY (Score:2)
-------------------
Expansion on the DIY approach (Score:4)
If you're going to take the DIY approach, you should either be an experienced UNIX admin, or get yourself up to speed as fast as you can. The Aileen Frisch book Essential UNIX Administration (or Esential System Administration) is a good place to start. For running a mail server, also check out sendmail.org [sendmail.org] and Claus Assman's [sendmail.org] useful site on configuring sendmail.
I had similar paranoid security concerns, so I set up OpenBSD [openbsd.org]. It was a fairly painless install, provided you read the directions. I set up sendmail, UW-IMAP, IMP [horde.org], and access it via secure http. UW-IMAP has some serious security concerns, but it's much easier to compile than Cyrus, my preferred IMAP server.
If you're new to UNIX admin though, try looking at FreeBSD [freebsd.org]. This is hands down the simplest UNIX installation I have ever done. It was almost as simple as starting the installation, walking away, and coming back when it was done. It also doesn't hurt that FreeBSD has excellent network performance.
TinyEgo
Don't get me started (Score:2)
I'm in the process of dumping Verio. My friends would complain that every once in awhile their email to me would bounce. Whenever I sent a copy of the bounce message to Verio "customer support", they would tell me it must be something wrong with my settings.
Re:DIY (Score:2)
Documentation for this stuff is all over the net - try the Linux Documentation Project [linuxdoc.org] for a start. A good site for Linux newbies is LinuxNewbie.org [linuxnewbie.org]
I think it would be far easier to implement this using a linux (or unix) solution than with WindowsNT/2000. All the basic funstionality for an internet server (e-mail, web, basic network stuff, firewall) is standard in most distros.
In Austin, Tx and surrounding areas (Score:4)
In Austin Tx and surrounding areas, try io.com [io.com].
Steve Jackson Games [sjgames.com] got a court settlement from the Secret Service over their unlawful asset seisure and parlayed it into an ISP business. More about that here [sjgames.com].
They've had their rights wrongly abridged by the government before, so they've been extra vigilant ever since.
I use them for shell-only access from a different part of the US. I get my dial-up (not springing for better bandwidth until it gets cheaper) from someone local. But they have services to suit most any need.
Re:DIY (Score:5)
Shellyeah (Score:2)
Good remote ISP (Score:3)
Get a University account (Score:2)
'Sides, a lot of shit in the university environment is run by students, who often have much more of a clue than your standard MCSE (what's it stand for again? Oh yeah, Must Consult Someone Experienced...) "Sure, it might be sad that the engineers on campus have no life, but hell, uptime is great!"
I know when I graduate from Michigan I'm going to maintain my e-mail account. All I have to do is shell out some $$$ each year to keep it active (switching from "student" to "alumni.")
Of course, I guess you could at look at it like I'm paying a bit of $$$ right now to have great internet access, with a free education as a bonus... hmmm...
Re:FBI starts up CarnivoreMail.com (Score:3)
Check out The World (Score:4)
A bit pricy but I personally trust owner/founder Barry Shein to do an upstanding job and do the Right Thing(TM). He is One Of Us and has been doing this for 11 years. I've been a customer for 6 years.
Like they say: The First and the Best.
Security not to be found in a provider or in DIY. (Score:5)
It doesn't matter how secure your provider is or whether you host your own server. The messages are only ever as secure as the recipient keeps them.
I don't care, use every security trick in the book... but if the recipient reads the mail in plain text off hotmail.com, it isn't secure.
To do secure email:
--brian
We do it (Score:2)
Danger, Will Robinson! (Score:2)
IMAP (Score:3)
A web interface alternative is nice too, but be sure it's over SSL.
--
Pierre Phaneuf
Re:In Austin, Tx and surrounding areas (Score:2)
And I think that Steve Jackson would shut IO down before letting Carnivore in.
Re:Security not to be found in a provider or in DI (Score:2)
Three people can keep a secret if two of them are dead.
Panix.com (Score:2)
Consider a secondary ISP (Score:2)
I don't use any of the accounts provided with my cable modem, since they only provide insecure POP access and no shell. Instead, I pay the Data Haven Project [dhp.com] for a shell, a reasonable expectation of privacy, and a stable address that will survive my next change of bandwidth providers.
Pipe dream. (Score:2)
If I want to get access to your email, no matter how secure your ISP is, I'm just going to find the people you regularly communicate with and get access on that end. Or I'll just plant packet sniffers on a network and grab your email as MTAs pass it off from here to there.
If you want secure email, use a good, reliable ISP; connect to it using IPv6 and IPSec, or SSH; use PGP as much as you can. If you want an ubermaildrop, roll your own. But don't have any expectation that it matters a damn if you aren't doing something to encrypt the mail to make sure only you and your intended recipient can read it.
PGP is the most obvious way to accomplish this, but there may well be other ways.
Re:Speakeasy (Score:2)
SSH, telnet, whatever. They just want to know what IP you're talking to. If that IP is a bad person, you might be a bad person too. Then traditional investigative techniques (wiretaps, surveillance, pulling bank records, etc.) will follow.
CubeSoft (Score:3)
They primarily do web hosting, but the features you are looking for are all still there.
csoft.net [csoft.net]
--
Re:DIY (Score:5)
Doing it yourself sounds like a good idea - at first. It helps some of the human concerns: the privacy policy, your amount of access to the machine, etc. But running a single machine isn't a good idea at all in this situation, for the following reasons:
Running a single machine isn't enough. To do the job right, you have to have more than one machine. You have to have a few different machines and they can't all be in the same place, rely on the same power, or rely on the same network connection. To be really reliable, they should have someone always physically nearby to fix problems. You can accomplish this yourself (I'm well on my way toward doing so) but it's not as simple as throwing Linux on a box and throwing a DSL link at it. ISP services really are worth it.
Get your own domain and to be the administrative & billing contacts. This way, if you switch ISPs, you keep the same email address. You have final control. Most people have to change email addresses when they move, switch local ISPs (modem->cable, for example), switch employers, etc. If you don't tie yourself to a specific ISP, you don't have to. Never use an address tied to a specific ISP if you're concerned about reliability.
Re:DIY (Score:2)
Fist Prost
"We're talking about a planet of helpdesks."
Re:Shellyeah (Score:2)
Except they stopped accepting new accounts months ago...
"Free your mind and your ass will follow"
Re:DIY (Score:4)
If any of you claims to be able to offer "drop dead reliability" in a DIY mail setup, you're lying. What happens when your power goes out? UPS? What happens when your power goes out for a day and a half? What happens when your hard drive crashes and you lose every email you've received in the last year? What happens when your house burns down?
Highly reliable data centers, like those that handle email for large national ISPs, often cost millions of dollars, are redundantly connected to multiple backbone providers, are protected against fire, are redundantly connected to multiple independent power grids, etc.
I would never choose my home computer to be the single point of failure/destruction for all my email. Give me MSN Hotmail over that any day.
Solutions for the broadband user (Score:2)
No one answers the question (Score:2)
Question: Can someone suggest a good mechanic for my Chrysler Sebring JX? One who does good work and won't rip me off?.
Slashdot Answer: Spend a bunch of money on tools and buy a good book on autorepair. Next, spend hours every day tickering under the hood. Be careful that you don't completely screw up the pwer brake system and end up driving your family over a cliff.
This is a bullshit answer. What if I don't want to spend the time and resources to host my own email (or fix my car). I might have better things to do with my time.
Re:Check out The World (Score:2)
$25/month gets
Re:Why is this so hard? (Score:2)
IMHO the key issue here is "won't roll over at the first subpoena". Should you choose to supply this service, and should a federal law enforcement agency decide to pursue one of your clients, you will need hundreds of thousands of USD to begin mounting a defense. Assuming you can find lawyers willing to take on said agency. Note that my intention isn't to start an "X-Files" type conspiracy discussion but just to point out that there is a _lot_ of leverage that a government can bring to bear when it wants something.
sPh
Re:DHCP (Score:2)
Fist Prost
"We're talking about a planet of helpdesks."
DIY is not reliable (Score:3)
I'm amazed by the number of people that are suggesting that your roll your own mail server. For a highly available mail service, there should be no single points of failure so you end up with at least the following:
Sorry guys, but I would not be willing to do any of the above just so I can get reliable email. I'm more than willing to pay someone though.
BSD choices (Score:2)
Relevant URLs: .muttrc doesn't hurt either.
Dan Bernstein's page [cr.yp.to]. Home of Qmail and djbdns.
The OpenBSD [openbsd.org] and OpenSSH [openssh.com] home pages are full of useful information.
PuTTY, a free Windows SSH client [greenend.org.uk] Great for on road trips, internet cafe's, consulting, etc.
Mutt, the One True mail client [mutt.org]. Takes some getting used to, a good
People seem to overlook qmail when setting up a reliable, secure system. Having dealt with Sendmail and Qmail, I would suggest the latter to anyone who cares about security or performance. The same logic applies to BIND vs. djbdns.
Re:DIY (Score:2)
My old ISP eager to get my business back, offered me my old static IP and fixed up my dns MX records so mail gets routed to my home box. If my home computer is ever down for any reason, my virtually hosted account at the ISP gets the mail instead. I could say I have redundant mail servers.
As an added bonus of having the mailserver on my own computer, I can block any spam network for good immediately and for good. Since the IP address is logged, I just ipchain the whole class-c network of the problem site. That puts an end to spam nonsense quick. To the spammer, my site appears to be down. I now get about one spam a week, compared to dozens a day.
Forget sendmail- use qmail (Score:2)
QMail's major benefits are security and scalability. It was designed specifically to avoid the kind of security issues that have plagued sendmail over the years, and the author has offered a bounty to anyone who finds a hole. As far as I know, it's still unclaimed, and qmail is used by many of the big e-mail shops (yahoo, hotmail until the win2k switch, etc...).
I run it with OpenBSD, the primary reason being that I don't have much time to maintain it, ie, make lots of security patches. Not that OpenBSD is perfect by any means, but it does let me sleep a little more soundly at night. Not that I've stopped reading CERT advisories...
The key is to have your own domain (Score:2)
Re:DIY DNS advice - if you really want to DIY (Score:3)
I changed to centralinfo.net [centralinfo.net]. They use some weird Win2000 DNS server (custom, not Microsoft's), and their forms easily let you produce a mangled RR file, but the service has been infinitely more reliable.
Phreedom.Net (Score:2)
http://www.phreedom.net [phreedom.net]
They give out free accounts to people who have a valid reason.
-Davidu
How to Get 0\/\//\/3D Fast (Score:2)
Re:DIY (Score:2)
Yeah, none of this REJECT stuff. DENY them and just quietly discard their packets. Be sure to send lots of "unsusbscribe me" emails back to them first, and then firewall them. If they remove you fine. If they treat your mail as proof the address exists and spam you more, then unsent mail piles up in their mail queues. And it's their own fault. Woo hoo!
Re:Applied Theory (Score:2)
print << EndRant
Here's my gripe: My husband had a shell+POP account with CRL for over six years. (Six years!) It was excellent service.
A few months ago, his brother (also a CRL account-holder) send him and a bunch of friends an e-mail saying that his CRL account is going down in a few days and that everyone will now be able to reach him at XYZ@atdial.net (an applied theory account). We asked him about it and were surprised to learn that all of the CRL accounts were being shut down.
My husband was *never notified* that his account was to be closed. Even his brother was only given 30 days notice; they weren't even planning to forward his e-mail to the new address after that 30 day period!
My husband called CRL. They told him there was nothing they could do. His e-mail address of 6 years was to be totally shut down in 5 days.
I decided to go on the warpath. I spent the next three days on the phone with both CRL and Applied Theory. It was insane. CRL said they couldn't do anything about the unix server being shut down. Applied Theory claimed that they "couldn't support" the Unix box, given that they were an MS shop. (Yeah, like it takes a lot to "support" a UNIX mail server that is forwarding mail for a bunch of customers.)
Anyway, apparently, my husband wasn't the only that no one notified about the change. They ended up getting so many angry calls that they did keep the machine up for a few more weeks and then forwarding mail for a while after that.
It was a total flog.
EndRant
My husband's account is now on my server. (I might have taken his last name, but he took my domain name!)
-- Diana Hsieh
Re:My Setup using FreeBSD (Score:2)
Re:I wonder... (Score:3)
Why not consider starting one at HavenCo? now there is an idea.
Totally recommend io.com (Score:2)
Highly recommend this - when you know how to fight the data nazis from past experience and what your real legal rights are, you're a much safer bet as a mail host.
always on high speed connection? (Score:3)
--Greg, postmaster@freefall.homeip.net
Re:Reliability == redundancy (Score:2)
If reliability is your #1, set up redundant email. Get a few procmail recipes going on a highly reliable server that forward to a few accounts, use PGP for security. It's a single point of failure, but it can drastically reduce other points of failure (dead ISP pop server, etc.).
hotmail is slow, insecure, but high on the reliability (until their domain name expires...again), as are yahoo and angelfire (lycos).
Aim for multiple points of access (web, telnet, POP/IMAP...) to reduce the common problem of the mailserver at wherever croaking, and multiple points of presence (net-geographically diverse locations) to get around other problems (travelling, ISP dies, etc.)
Anonymizer.com (Score:3)
UPS does it (Score:3)
Altough I am not sure the provide remote shell, their tracking system is unbeatable by any SMTP system, nevertheless you could get something similar with traceroute.
Also, I like very much their black cabs, their are cool, much more than a TCP packet and pine in a text console.
Problems are round-trip times and QoS pricing.
I and a friend of mine tested their round trip time few weeks ago. I've sent a 24 hs. letter to California and he returned it to me inmediately. It took 72.34 hours, which much more than a 145 ms via TCP, and more expensive (and slower) than the similar content in a e-mail message. But at least I am sure no sysadmin read my letter...
--ricardo
you moron (Score:2)
We love you, but not THAT much... (Score:3)
Even so, the cost of the first court order will pretty well wipe out that "few hundred dollars per year" for about ten years or so, and since this business would tend to attract others with similar needs, I really don't see how it could be profitable without a massive rate. Plus the attention that it might gather from certain governmental agencies would be another cost for the owners to bear, one that simply could not be ignored.
If you want to remain relatively secure, don't do anything anybody would notice. Get that numbered AOL account off of their CD, get a mail forwarder (maybe), and encrypt your mail with garden variety PGP, nothing fancy. Don't attract attention. Get shell emulation utilities in place of TELNET, or grab a *nix box and do it yourself if you absolutely need.
Impossible. (Score:2)
Is it possible to create privacy-enhanced email systems, which only store plaintext to disk when the user makes a deliberate choice? Sure. In fact, I could be talked into working on a project to do just that. But I don't think that what you're talking about, where the user isn't permitted to store in plaintext, will ever work.
CubeSoft: No IMAP (Score:2)
__________
Re:DIY (Score:2)
Definitely. For the longest time I had my e-mail on my own DNS, (homesoftware.com) but since I'm trying to get rid of that domain name and the expensive hosting, I turned to a more flexible alternative.
I like Sourceforge a lot (they host all my projects now, which is why I no longer need my old domain) so my 'primary' email address nowadays is the forwarder they give me. Any suitable forwarder will work, but my point is if you're planning on changing services soon, use a forwarder.
Right now the "back end" to my email is just a free webmail service that supports POP3. Whenever I get DSL though, it will be even better.
I don't see the point of getting rack space when there are so many things you can host with an old 486 or pentium and a broadband connection. Heck, I host webmail (not the delivery, just the frontend) http, https, and SSH though my 56K modem and a dynamic DNS from yi.org!
Equipment, software, and DNS: Free
Internet connection: $20 / month
Re:DIY (Score:2)
- get cable/dsl and set it up so that you have a static IP (even though cable/dsl uses dhcp you can generally hardcode your IP).
Using a cable connection for running a server is generally a Bad Idea (tm), considering
- register a domain. Beg borrow or steal a dns server to use as the primary (gandi.net offers free dns hosting I think when you reg a domain).
Okay, now that's just plain wrong. You don't own the IP you're using -- your ISP does. Therefore, it's theirs to do with as they please, not yours. That means pointing domains to that IP, among other things. As well, you won't be able to do reverse DNS for your IP pointing to your domain unless you have your ISP's blessing. Try talking to your ISP before you go and do something silly like registering a domain to an IP owned by them. I think you'll find that 90% of all ISPs are quite willing to help out, and will typically even offer DNS services for free.
Please, people, try thinking before you follow advice like this.
The poster doesn't UNDERSTAND the question. (Score:4)
"How can I get to the Moon cheaply?"
"Do it yourself. Maybe mine ore in your back yard, run a smelter to make the metals, cast them into the proper shapes..."
Secure email is a hard subject. People study arcane protocols for years to try and come up with secure communications. I'll spare you my credentials, except to say that they're probably greater than most Slashdot readers', and I'm saying that I can't implement a universally secure email system. To people who know how hard the task is, my inability to succeed comes as no surprise at all.
SSH+POP (or other authenticated mail mechanisms), IPv6, IPSec, shell accounts, PGP... they're all great. But this poster asked for a universally secure email system, and no such beast exists yet.
When someone asks you how to do the impossible, "do it yourself" is a perfectly reasonable answer. I'll grant that it's not a very helpful answer, but if you ask a hundred people how to do something and they all look at you blankly and then say "do it yourself," that should be a strong hint you don't understand the question you asked them.
Change your POP (Score:2)
Netcom went away - most of us went to Panix (Score:3)
I considered using a DSL line for incoming mail. What happens if the line goes down or my machine crashes? I wanted stability!
Most of us found Panix as the best national shell provider (larget, most stable, been in business the longest, least likely to be bought out or transformed into a portal/AOL clone, most technical staff, reputation for keeping it all going).
It's $10 a month, or $100 a year.
You can read all about our experiences moving to Panix (and other providers) in alt.netcom.emeritus
(I also use their wildcard domain name email forwarding, (another $100 a year) so my email address will never change again).
Re:No one answers the question (Score:2)
This is a Bullshit retort. If you had gone to Cardot, news for gearheads and asked how to have your car hopped up, you should expect to get answers telling you how to do it yourself.
Coming to Slashdot NEWS FOR NERDS he should expect at least this much technical advice as to how to do it himself. This isn't an AOL chatroom, for chrissakes.
Here's an appropriate answer to the original question, using the non-bullshit answering criteria you proposed: Go to Yahoo and type Secure E-mail with SSH POP and Shell Access. Click on the first link that pops up. Voila! Problem solved.
Do it yourself with sendmail/sslwrap (Score:2)
Info on sslwrap can be found on freshmeat. Or you can apt-get it
Of course this all depends on your defintion of secure. It covers the authentication part in a layer of crypto, but it doesnt cover the SMTP relaying part. It can, but both servers need to support it. However in conjunction with gpg/pgp, it may be acceptable. Hope this helps.
Farewell Netcom (Score:2)
Their first operating center was somebody's living room. Their first machine was a 386 running Xenix -- an nasty example of what happened when the Redmond Bit-Twiddlers [microsoft.com] tried to do Unix. They eventually moved to Sun hardware.
At one time, a Netcom user at a newly-installed POP was quite likely to get a Talk request from the owner, Bob Reiger, asking him if the connection was working OK. Things were never quite the same after Netcom went public and Bob bowed out of management. The handwriting has been on the wall for years: they never upgraded their Sun shell boxes to Solaris-compatible hardware, support declined, etc. Now they're just a tiny part of Earthlink, which doesn't do niches.
__________
Public flogging (Score:3)
Re:How to Get 0\/\//\/3D Fast (Score:2)
Main reason for switching from telnet was when I found out how bad my school's network is. (which is where I usually used to connect from) They're paranoid about network monitoring, but they have 0 security. Things like routers, hubs, and printers with no password. You had to use nmap to find 'em, but if you did, it's trivial to bring down the office's laser printers, turn off a few network segments, etc.
Of course, an account on a reasonably-pseudo-secured system like mine can still manage to annoy. This has only happened once or twice, but a friend decided it would be fun to run a few hundred processes on my workstation ;-)
So many facilities take the security approach of blocking everything at the door, and betting their network that nobody will get in, and that the people already inside won't do anything. Unless you know the IP addresses of those routers and such, it's impossible to touch them from an iMac, but my laptop with Slackware and an ethernet card could bring down the whole thing if I were malicious. (and if you're wondering why I run slackware, it's a 486 with a 200MB hard drive)
Re:Danger, Will Robinson! (Score:2)
Anybody have more info, or a list, of free (libre) DSL providers like this?
Re:DIY (Score:2)
Get an easily configurable DNS service as in register.com [register.com] or easydns.com [easydns.com]. This way you can easily flip your domain name to a different ip address. If you register your domain at register.com or easydns.com, they will resolve your name to your IP address for free. Network Solutions will force you to use your DSL ISP for DNS. It could be hard to convince your ISP to resolve your DNS name if you're on a cheap service plan.
Also, easydns provides a backup MX, and they will even store your mail for something like 5 days if your primary MX is down. It's a very good idea if you're your own MX and your DSL connection tends to go down once in a while. Easydns also provides dynamic dns services, but I don't know if it works well if you're your own MX. Concentric web hosting cnchost.com [xo.com] and others usually provide good uptime and a few or unlimited number of POP boxes and even shell access. However, they rarely provide IMAP or SSH. Nick.
Re:DIY (Score:3)
Try eskimo.com (Score:2)
www.eskimo.com [eskimo.com]
Re:Best server: 127.0.0.1 (Score:2)
It actually can work quite fine. I have a DSL line, my own DNS server and a few other services running. My ISP VISI [visi.com] provides secondary name services for me.
Re:How to Get 0\/\//\/3D Fast (Score:2)
Re:DIY (Score:2)
Look closer... (Score:2)
Requirements aren't met: SSH access
YM SSL. SSH accounts are shell accounts; only SourceForge [sourceforge.net] gives those out anymore.
and I assume POP that you don't have to pay for
The article said "POP over SSL or better." AFAIK, Hotmail [hotmail.com] can be configured as HTTP over SSL.
Re:DIY (Score:2)
Seagull Networks www.seagull.net SSH+SCP (Score:2)
Whenever anyone asks me for a hosting recommendation, I always recommend Seagull.
No, Seagull is not an ISP. While it would be nice to have a secure ISP, you're better off using any random joker for your ISP, owning your own domain name so you can relocate it in the event your service tanks (I discuss this in Market Yourself - Tips for High-Tech Consultants [goingware.com]) and accessing the hosting service via SSH and SCP (secure copy). Note that it does no good to only use SSH - you have to use SCP as well.
Here's a sample SCP command line, in case you can't figure it out, it's very simple but I had a hard time from the man page:
scp foo.bar crawford@www.goingware.com:.
The above places file foo.bar in the home directory of user crawford on www.goingware.com.
scp crawford@www.goingware.com:web/index.html stash
This copies index.html from directory "web" on www.goingware.com and places it in directory "stash" on the local machine.
Please read my web page on Why You Should Use Encryption [goingware.com]
Besides being a good service, it's a small enough company to offer personal service. I've sent support email to the webmaster at 2am his time and had the problem fixed and the mail answered within the hour.
But even though it's a small service, it's not a low-quality service. They have high-performance machines, they are in a good colo facility with a high-speed connection to the backbone, they upgrade their service regularly and the webmaster, Paul Celestin, is just a damn nice guy.
I'm not sure if he still publishes it but Celestin used to produce a CDROM full of useful free source code for the Macintosh. Some of my own Mac open-source programs were on it.
These are the sites I personally have located there:
I have a couple tips for you on checking email. I use PGP when I'm trying to be secure, but it's really not that much that I really care for complete security. But I just don't like people snooping on me, mostly I think it's none of their damn business what's in my mailbox even if it's spam.
So mostly I read my email at seagull using elm while logged in via SSH, and when my mailbox gets big, I move it to my home directory and copy it to my home machine via SCP:
goingware$ cp /usr/spool/mail/crawford ~
goingware$ echo "" /usr/spool/mail/crawford
back on my home machine:
C> pscp crawford@www.goingware.com:crawford .
It is also possible to download your email via POP with SSH via port forwarding. I describe this on the BeOS Tip Server. [betips.net] It doesn't seem to be responding right now but if you go to its search and enter "ssh" you'll find the tip I submitted called something like "Secure email download via ssh". The instructions have some BeOS [be.com] specific items but most of what's there will work on any systems.
Don't have SSH? Try one of these:
CGI's at Seagull, williebrown URL, BeTips SSH page (Score:2)
The BeOS Tip Server [betips.net] page on doing POP with SSH is at Secure Email Download with SSH [betips.net]. Note that POP exposes your password unless you use port forwarding with SSH as I describe (or some more advanced download method). Don't think you're super-cool if you SSH to do your shell access but then download your mail with plaintext POP!
Finally, seagull allows you to install your own CGI's that you can get wherever you want or you can write them yourself with the full set of Linux developer tools they have on the servers - so you can write CGI's in C++ rather than Perl, if you'd like.
Also, I just have their "Lieutenant" hosting for $20/month, they have other options for higher prices such as root FTP server and SSL web page service as well as paying for high traffic so you can run a commercial site there.
Geographic Independence - access vs. email (Score:2)
Finding a provider who won't roll over on subpoenas is tough - just about anybody big enough to be incorporated (you wanted reliability) will respond, though some will go out of their way to help anybody official-sounding who asks, while others will insist on seeing court orders on paper first. Non-US / Non-UK providers may have some advantages, since most people don't want to bother getting a Finnish court order just to yell at you about something you posted on Usenet that they didn't like.
It's important to own your own domain name (Score:4)
If you want reliable email, it is important that you own your own domain name. If you want email to get to you easily and reliably, then it's important that the domain name be easy for people to remember and to spell, even when you've just spoken it to them over the phone. (Note that while my business name is GoingWare, Inc. [goingware.com] I've also registered goingwhere.com [goingwhere.com] and had Seagull alias it to make sure people can find me.)
You think your Yahoo or Hotmail account is reliable? Guess again. How many big companies have tanked in the last few decades? What if yahoo decides it's not worth their while anymore to provide email service, even if you want to pay for continuing to have the privilege of having the same email address for the rest of your life.
I was proud to be one of the first customers for Scruz-Net [scruznet.com] - until they went down for a week just after I started my consulting business!
And they've been bought out more times than I can count. I keep my old ISP account there mainly because I haven't moved all my web pages yet, but periodically I download all my email from there and pick the real mail out from the spam and send them a message asking them to use my new permanent emails, either crawford@goingware.com [mailto] or michael@geometricvisions.com [mailto].
I've also got a few pages on scruznet that I feel are important for people to be able to find in the distant future, so I'm slowly going through my old site there, moving the pages to one of my own domains, and putting a page in the original's place with a META REFRESH tag and a note. But the problem is that some sites have permanent links to my scruznet pages embedded in their databases that I've been unable to get them to correct.
In the long run, I'll close my account at Scruznet and they say they will redirect accesses to my old site to a single, fixed URL but people may not be able to find what they're looking for.
As I emphasize in Market Yourself - Tips for High-Tech Consultants [goingware.com], it's important to own your own domain name not just to maintain a professional appearance and so your customers can find you, but everyone should own their own domain name so they can have a permanent address.
If you own your own domain name and your service should go bad, you can relocate it to another provider and be up in a few days. Mainly you just have to wait for the new DNS to take effect.
(For other helpful programmer's tips (mostly technical) see GoingWare's Bag of Programming Tricks [goingware.com].)
An added benefit of owning your own domain name is that you often get what are incorrectly termed "postmaster" email addresses. With these, any mail sent to anyuser@yourdomain.com will be delivered to your mailbox. You can combine this with filtering email clients to suppress spam. You still have to download the stuff but what you do is sort all of your legitimate mailing list mail into separate mailboxes, and mail addressed to your real name into the main mailbox you read, and leave everything else in your inbox.
Then if you need to give a website a valid email address, say to allow them to send you a password, you give them the email theirdomain@yourdomain.com.
If they sell your name to a mailing list at least you know who's done it. For example, this is the way that I know that Citibank is using the email I used to log into my cardholder webpage to access my account - I've only used that particular email for that one page. But Citibank is now sending spam to this address asking me to sign up for their card! How dumb can they get!
If you really don't care whether an email address should last, as when signing up for a web page, this is when you really do want to get yourself a Yahoo or Hotmail account. That way their servers can handle all the spam and not yours.
HushPOP (Score:2)
----
Re:Netcom went away - most of us went to Panix (Score:2)
And that mail stays in limbo until you get your server or DSL line back up, or have your ISP redirect the mail. I had my DSL line down for 4 weeks!
And I wonder how long the ISP's SMTP server will hold/forward that mail before sending back tons of bounce messages.
And if the problem was that ISP's connectivity in the first place, you are still screwed.
The whole point of going with someone like Panix is: Cheap stability. They are one of the oldest ISPs still in business, and the largest one with shell as the center of their business (as opposed to a sideline so a few techies can maintain their CGI scripts).
And DON'T use a meaningful Subject title (Score:2)
Hurricane Electric (Score:2)
For $9.95/month, you get full shell access with SSH, up to 11 POP3 mailboxes, and a bit of web space and traffic. The URL for http can be your own private domain, and I don't think they charge extra for that.
I've been using he.net for about five years now and only one time have I ever failed to reach the server because *it* was down. Since it was 11pm on a Sunday night, I was stunned when an actual human answered the phone after one ring. He had already been alerted to the problem and was connecting to the console server as I called. Five minutes later, all was well.
I *highly* recommend Hurricane Electric, but only if you're a self-starter. They're not into holding the hands of newbies.