It's the end of 2019 and there still is no decent, usable, #PGP-enabled e-mail client that I could roll-out to regular, non tech-savvy users without feeling bad.
10 years ago that would have been #KMail. But KMail shot itself in the foot, knee, and hip with Akonadi.
#Thunderbird is... Thunderbird.
#Mailpile doesn't do writes to IMAP, so you either use *only* it, or not use it at all.
#Kube just crashed on me because I tried to reply to a signed e-mail.
Anybody any other suggestions?
@rysiek I can't help feel defeatist about email security given that it seems like a more viable option to store local maildir as an encrypted loopback file and then create a local MTA proxy that just buffers up outbound and inbound mail until you unlock your gpg-agent and then uses it to attempt to transparently encrypt and decrypt and use whatever MUA on unencrypted local maildir :/
@grimmware you're *almost* describing kuvert. That's how our infrastructure send signed and often encrypted e-mails from our services:
https://www.snafu.priv.at/mystuff/kuvert/
Fun fact, the "mustencrypt" option was added after we explicitly asked for it. 👍
I should really blog about how we use kuvert to encrypt outgoing automatic mail from our infrastructure; and how we use Schleuder3, offlineimap, and opensmtpd to have encrypted e-mail groups.
Before I do this, here's some stuff I dockerized for this:
https://github.com/occrp/kuvert
https://0xacab.org/schleuder/schleuder/
https://git.occrp.org/libre/schlocker-compose
https://git.occrp.org/libre/docker-opensmtpd
https://github.com/occrp/docker-offlineimap
@rysiek I used offlineimap for quite some time but found that it could sometimes get wedged due to intermittent connectivity so I switched to mbsync.
My use case was being able to do maildir-based email over a cell connection though... I wrote a daemon in golang to handle it all (testing for connectivity, fetching mail, flushing my msmtp mail queue) because apparently I like overcomplicating my life for the sake of the 3 minutes a year where I want to read my mail on my laptop on the tube.
@rysiek holy fucking shit the amount of my life that I've dedicated to my mail setup it makes no sense.
@kensanata @grimmware @rysiek no doubt a big portion of that is connected to the spam fight, & the collateral damage from incompetent admins using #spamhaus w/reckless disregard.
@resist1984 @kensanata @rysiek Oh good lord I stopped even trying to maintain my own MX ages ago because of all this nonsense (more power to everyone who stuck it out!) - I've managed to waste most of my time client-side - offline outbound queue, IMAP->maildir syncing, and PGP hygiene (which I've also sacked off).
Ever get the feeling that you're keeping a very old federated service limping along?
@grimmware @rysiek @kensanata I took the hard-ass approach b/c I felt that by complying with corporate greed and control I then become a supporter of it. Refusing to be part of the problem means running my own MX & refusing to correspond w/ @gmail and @outlook users. I've become a heavy fax user as a result. Fax is much more reliable than email.
@resist1984 @grimmware @kensanata
"Fax is much more reliable than email."
...words seldom uttered. But I get your point.
@rysiek
Why Fax is more reliable than #Email
@resist1984 @rysiek @grimmware @kensanata Have you actually used a fax over an analog phone line? If not, you can emulate: print a paper document; scan it at 150DPI; add random noise; print what you scanned
@kravietz @kensanata @grimmware @rysiek I have faxed over PSTN as well as over SIP in serial w/PSTN. You seem to be talking about quality not reliability. I use this cmd to obtain a WYSIWYG fax doc: gs -q -dNOPAUSE -dBATCH -sDEVICE=tiffg3 -r204x196 -sPAPERSIZE="$paperform" -dFIXEDMEDIA -sOutputFile="$tiffg3_filename" "$src_pdf"
@resist1984 @kensanata @grimmware @rysiek well, it's not much of use if it reliably transfers unreadable bitmap isn't it?
@kravietz @rysiek @grimmware @kensanata have you tested that command? Your content is generated electronically. Rendering a vector PDF as a 200dpi fax is very readable. That can be fax-transmitted as-is; no need for scanning.
@kensanata @grimmware @rysiek @kravietz your concern for the "analog" line is a red herring, because the signal is digitally modulated with error correction over that analog line, so the receiving fax station gets an exact copy.
@resist1984 @kensanata @grimmware @rysiek
If you're concerned about email privacy today a much more suitable solution would to produce a *text* PDF (as opposed to bitmap) and send over Magic Wormhole or any other P2P communication protocol abundance of which we have out there.
@kensanata @grimmware @rysiek @kravietz To be clear, the thesis is not "fax is better than everything". The thesis is "fax is more reliable than email".
@kravietz @rysiek @grimmware @kensanata on rare occasions, the recipient I need to contact is using an email service that does not DNSBL residential IPs & where the service is not gmail, hotmail, outlook, yahoo, or other such PRISM junk. In those cases I send an encrypted PDF - assuming I can find a different channel to xmit the password.
@kensanata @grimmware @rysiek @kravietz to send a msgs back and fourth over a long term calls for both sides to install something special or unconventional (e.g. magic wormhole, Wire, etc). But you still have to make initial contact to negotiate that - to ask them to install something. Fax is more reliable than email for that initial contact.
@resist1984 @kensanata @grimmware @rysiek Well, you can chat over raw TCP using netcat - I routinely transfer large backups this way :) wormhole just simplifies that if NAT is involved.
@resist1984 @kensanata @grimmware @rysiek ...if you know his or her phone number.
@resist1984 @rysiek @grimmware @kensanata Absolutely, it's not trivial to run an email server. That applies to any federated service I'm afraid.
You need to cope with spam and other abuse (phishing, malware) and after 20 years Matrix or Mastodon will be most likely just as complex as email.
Fax is really simple architecture, you just need to know other party's number. Same as in P2P.
@kravietz @rysiek @grimmware @kensanata anything you do in email is subject to the tens of reliability pitfalls mentioned in this article https://oasis.code-cat.com/posts/1833714. Magic Wormhole does nothing for most of those issues. Indeed there are many superior options to email/fax/pstn, but you only have those options if the other party uses them to begin with.