This is coming from a general perspective of wanting more privacy and seeing news of Mozilla creating an email service “which will definitely not train AI on your email”. Sure Mozilla, whatever you say.
Rant aside, here’s my question: is it possible to store all of your email on your own infrastructure (VPS or even NAS at home) and simply using an encrypted relay to send emails out to the public internet? My idea is that this removes the problems of keeping your IP whitelisted from the consumer, but the email provider doesn’t actually hold your emails. This means your emails remain completely in your control, but you don’t have to worry about not being able to send emails to other people as long as your storage backend is alive.
I don’t know much about email to comment on what this would take. I think something similar is already possible with an SMTP relay from most email providers, but the problem is that my email also resides on their servers. I don’t like that. I want my email to live on my servers alone.
Do you think this is possible? Does any company already do this?
Thanks
I feel like most commenters here haven’t understood what you’re proposing.
I’ve thought about doing this, I’ve seen other commenters say they’re doing it. It’s not a terrible idea. I haven’t done it myself because … it’s just not a priority and I’m not sure it ever will be. Anyway …
If you’re willing to set up and self host your own email stack like mail-in-a-box or whatever, then configuring a separate outbound SMTP server is fairly trivial in comparisson.
If you already had your own stack set up to be self hosted you would ordinarily be using the SMTP server there-with to send emails.
Firstly configure your client to use whatever other SMTP server you have access to. I think it’s possible to use mailgun or one of those API transactional senders. You could get a cheap plan with mxroute or any other email host and just use the SMTP server.
Suppose your client is Thunderbird and you set up your account like smtp.mxroute.com for outbound and imap.myserver.com for email storage. When you send an email tbird transmits it through mxroute and then stores it on your imap server at myserver.com in your sent folder.
The potentially complex part is configuring spf & DKIM records on your domain.
SPF
I’m not sure if I’ll be able to explain this clearly but… suppose a recipient’s spam service receives an email purportedly from marauding_giberish@myserver.com but transmitted by smtp.mxroute.com. That spam service will look up the DNS records for myserver.com and inspect the records for the spf record. This record pretty much lists which servers are authorised to transmit email from addresses ending in myserver.com. So with a more typical set up an spf record might be:
“v=spf1 include:myserver.com -all”
This would indicate that only the smtp server at myserver.com can transmit email from your domain.
You would edit that to include the mxroute smtp server like this:
“v=spf1 include:mxroute.com include:myserver.com -all”
This way, recipients can confirm that the owner of myserver.com domain has formally designated mxroute as an authorised recipient.
DKIM
Your SMTP server will have a public & private key pair which it uses to sign outbound messages. Recipients can use the public key to confirm the signature and thereby confirm that the message has not been altered in flight.
Whatever SMTP server you use will tell you the public key and instruct you to add that to the DNS records of your custom domain.
That’s the one that looks like this:
“v=DKIM1; k=rsa; p=MIIBIj [ … it’s a long key … ] op3Nbzgv35kzrPQme+uhtVcJP”
Once this is in place recipients of your emails can query the DNS for myserver.com and find this public key, and use it to confirm that the signature on the email they received is authentic.
Amazing comment. Saved. Thank you so much.
Indeed, I have thought about hosting my own email, but the problem of dealing with IP blacklists made it seem not worth it.
Thank you so much for the explanation on DKIM and SPF. It makes sense to me now, indeed I didn’t really have a clue about either of these before I read your comment. Thank you for breaking it down.
I use sendgrid as my outgoing smtp relay to avoid ip reputation issues you mention. You still have to configure your dns settings for spf and dkim pointing at their servers instead of yours. Their free tier is 10x the email I’ll ever send so it doesn’t cost anything. There are a few companies in this space with free tiers. It works, but it isnt Gmail level deliverability. I still get spam binned occasionally.
Only thing I can comment on is that 99% of all E-Mails you will get are unencrypted and can be read by your relay. (There are few e2e encrypted emails being send.)
So either trust them or don’t use a relay.
This 100%. It is well-advised to consider what your security/privacy objectives are, since encryption-at-rest is different than guarding against eavesdropping when sending outbound mail. What threat model you use will define what is or isn’t acceptable.
Yep.
Rather than try to single-handedly re-engineer an old protocol to be secure, I just use it for stuff where security isn’t a big deal. Including messages with links to secure resources (and send credentials via a separate system).
Agreed. Email has its uses – ubiquity, mostly “Just Works” ™, most people know how to use it – and while I might send a symmetric encrypted PDF along with a plaintext email, I’m more inclined to suggest that my recipients adopt Signal and get all the benefits of e2ee. EFF even has a guide for it: https://ssd.eff.org/module/how-to-use-signal
Sorry are not emails like https protected in transit in 2025? I mean equivalent http to https but in email transport. How is this still a thing? Why nobody is concerned. Is this not a problem?
Communication between the email servers is normally encrypted with TLS. The email files themselves are rarely encrypted. Most providers that do encryption of email are using local server managed encryption, so the email providers would still be able to access it.
For proper end to end protection you would want to setup PGP between you and your recipients, and encrypt the email before its sent.
But like in 2025 there is still no mechanism to do true end to end without manually setting up pgp? Meaning when i browse using https i do not need to think or anything. It happens automagically. But with emails, where do i even start with pgp when i use gmail via email client like thunderbird
No.
Use S/MIME or PGP and directly encrypt emails to your recipient. This is the only E2E encryption available to email.
The best metaphor for email I’ve found is that you’re writing your message on a postcard and handing it to your neighbor closest to the destination, who hands it to her neighbor, and so on, until it gets there. There are usually fewer hops, but also your email is broken into packets which could go through god knows how many routers, each of which can read your email.
E2E requires setting up a private key; RFC 821 provided no such mechanism. Your only option is out-of-band negotiation, like PGP.
There is a good proposal out there that sets mail headed announcing that you accept encrypted emails, and includes information about your ID, which clients could parse and verify against public key servers; it hadn’t really gained a lot of traction, as it causes issues for data harvesters but also at the end user side. Like, how is notmuch and mairix supposed to handle these? They’d need permanent access to your private key to decrypt and index the emails, and then now your index is unencrypted.
There’s been a fair amount of debate about this, and it’s a lot of work that would need coordinating between teams of volunteers… it hasn’t made much progress because of the complexity, but it’s a nice solution.
Yeah, in 2025 doing encrypted email is a painful process. Every option is a hack on top of a 43 year old protocol.
Here is a howto from Mozilla on pgp with Thunderbird. It isn’t a pleasant process.
https://support.mozilla.org/en-US/kb/openpgp-thunderbird-howto-and-faq
I don’t see how you wouldn’t have your email on an email providers servers - that’s how email works. You send an email via a provider, they forward it to the destination address you’ve included with the email.
That destination address is another email provider’s server, which holds it until the receiver connects and downloads it. Email is a store-and-forward system, designed at a time when users weren’t always connected. It still works this way.
Email is old, so the fundamental mechanics are pretty simple, and encryption wasn’t an option at the time - so it’s sent in the clear. Otherwise it would require both sender and receiver (either at both ends, or the servers) to agree on an encryption to use.
Yes it exists, but these services are aimed at companies.
I previously looked into doing exactly this, and recall this comment on HN: https://news.ycombinator.com/item?id=31245923
One could argue the price of smtp2go at $150/yr is a bit steep, but it would also neatly avoid issues with sending outbound mail, since you’re paying them to deal with those headaches. For inbound mail, I can’t see why any mail operator wouldn’t deliver to the server designated by your MX records, though you’ll also have to deal with spam and other concerns vis-a-vis self hosting.
On the same thread but different comment, VPS operators might already run an SMTP server that you can relay through.
I wish you good luck in this endeavor!
