If you read our article on secure email yesterday and still wonder if that’s enough to protect your communications, then perhaps you’ve thought about setting up and hosting your own mail server. While this might sound fairly daunting, the truth is that you don’t have to be a technical guru to pull it off. Mail in a Box is a production-quality project allowing you to set up your own email server. This gives you total control over all facets of its security and any other options. The site has very clear setup instructions and even a video you can follow along.

Keep in mind that you won’t be able to run this at home because computers on most residential networks are blocked from sending mail both on the sending end (e.g. your ISP blocking port 25) and on the receiving end (by blacklists) because residential computers are all too often hijacked to send spam. Your home IP address is also probably dynamic and lacks configurable “reverse DNS.” If any of these apply to you, you’ll need to use a virtual machine in the cloud. You can, however, set it up on that virtual machine.

While we don’t recommend this for the beginner, it’s also not as difficult as you might think. Take a look and see what you think. From the website:

Mail-in-a-Box is based on Ubuntu 14.04 LTS 64-bit and uses very-well-documented shell scripts and a Python management daemon to configure the system. Take a look at the system architecture diagram and security practices.

Development takes place on github at https://github.com/mail-in-a-box/mailinabox.

Note that the goals of this project are to . . .

  • Make deploying a good mail server easy.
  • Promote decentralization, innovation, and privacy on the web.
  • Have automated, auditable, and idempotent system configuration.
  • Not make a totally unhackable, NSA-proof server (but see our security practices).
  • Not make something customizable by power users.

Mail-in-a-Box is dedicated to the public domain using CC0.

There’s another option too, if you’ve got a Raspberry Pi laying around. This guide will literally walk you through booting your Raspberry Pi for the first time, all the way up to getting a secure webserver running. In fact, the guide itself is hosted on a Raspberry Pi. Take a look.

Clef two-factor authentication