Go to file
Joshua Tauberer f8cd2bb805 typo: www/default/index.html would be overwritten if it already exists 2014-06-23 19:43:19 +00:00
conf obviously put our stuff in /usr/local and not /usr 2014-06-21 12:35:00 -04:00
docs Update documentation to use API auth 2014-06-22 00:07:14 +00:00
management move the SSH password login check into whats_next.py (it used to be in start.sh and then moved to an unused script when it became a problem for Vagrant) 2014-06-23 19:39:20 +00:00
notes notes for setting up dspam, but it crashed a lot so I'm not using it 2013-08-23 12:03:26 -04:00
setup typo: www/default/index.html would be overwritten if it already exists 2014-06-23 19:43:19 +00:00
tests update test_dns 2014-06-21 12:32:20 -04:00
tools new tool to purchase and install a SSL certificate using Gandi.net's API 2014-06-23 10:53:29 +00:00
.gitignore move management into a daemon service running as root 2014-06-03 13:56:40 +00:00
CONTRIBUTING.md adding CONTRIBUTING.md, see #23 2014-04-23 15:52:49 -04:00
LICENSE add CC0 1.0 Universal in LICENSE 2014-04-23 15:49:23 -04:00
README.md README parallel sentence structure 2014-06-22 00:34:49 +00:00
Vagrantfile Support dual-stack IPv4/IPv6 mail servers 2014-06-08 18:32:52 -04:00

README.md

Mail-in-a-Box

Mail-in-a-Box helps individuals take back control of their email by defining a one-click, easy-to-deploy SMTP+everything else server: a mail server in a box.

This is a work in progress. I work on this in my limited free time.

Why build this? Mass electronic surveillance by governments revealed over the last year has spurred a new movement to re-decentralize the web, that is, to empower netizens to be their own service providers again. SMTP, the protocol of email, is decentralized in principle but highly centralized in practice due to the high cost of implementing all of the modern protocols that surround it. As a result, most individuals trade their independence for access to a “free” email service.

The Box

Mail-in-a-Box turns a fresh Ubuntu 14.04 LTS 64-bit machine into a working mail server, including:

  • An SMTP server for sending/receiving mail, with STARTTLS required to protect your password and opportunistic TLS to prevent mass surveillance.
  • An IMAP server for checking your mail, with SSL/TLS required to protect your password.
  • Webmail over HTTPS so you can check your email from any web browser.
  • Spam filtering that puts spam into a spam folder and greylisting to stop spam as it arrives.
  • SPF, DKIM, and DMARC to prove to recipients that your email was from you --- the machine acts as its own DNS nameserver to automatically set this up.
  • DNSSEC and DANE TLSA to force cryptographically-secure communications in certain cases, especially between Mail-in-a-Boxes, if you add "DS" records to your domain registration.
  • A command-line tool and an HTTP-based API for administering mailboxes and mail aliases.
  • Basic system services like a firewall, intrusion protection, and setting the system clock.

This setup is what has been powering my own personal email since September 2013.

Please see the initial and very barebones Documentation for more information on how to set up a Mail-in-a-Box. But in short, it's like this:

# do this on a fresh install of Ubuntu 14.04 only!
sudo apt-get install -y git
git clone https://github.com/joshdata/mailinabox
cd mailinabox
sudo setup/start.sh

Status: This is a work in progress. It works for what it is, but it is missing such things as quotas, backup/restore, etc.

The Goals

  • Create a push-button "Email Appliance" for everyday users.
  • Promote decentralization, innovation, and privacy on the web.
  • Have automated, auditable, and idempotent configuration.

For more background, see The Rationale.

What I am not trying to do:

  • Not to be a mail server that the NSA cannot hack.
  • Not to be customizable by power users.

The Acknowledgements

This project was inspired in part by the "NSA-proof your email in 2 hours" blog post by Drew Crawford, Sovereign by Alex Payne, and conversations with @shevski, @konklone, and @GregElin.

Mail-in-a-Box is similar to iRedMail.

The History

  • In 2007 I wrote a relatively popular Mozilla Thunderbird extension that added client-side SPF and DKIM checks to mail to warn users about possible phishing: add-on page, source.
  • Mail-in-a-Box was a semifinalist in the 2014 Knight News Challenge, but it was not selected as a winner.