Re: Building a secure communications server

[Ludovic Courtès]

Hello!

Clément Lassieur  skribis:

> Pjotr Prins  writes:
>
>> Plan for a secure E-mail server
>>
>> The idea is to have a secure setup which can be replicated fast and
>> parameterized - i.e., there will be installation options. We'll
>> develop this so anyone can fire up a VPS instance and get a secure
>> communications environment - especially when people are on one host
>> and between hosts using encrypted channels.
>>
>> The plan is as follows:
>>
>> Phase 1
>>
>> . postfix with some utilities (postgrey, spfmilter)
>> . courier-imap
>> . web mail server using imap
>>
>> Phase 2
>>
>> . stunnel+sslh - for tunneling ssh/smtp/imap over port 443
>>
>> Phase 3
>>
>> . Spam/virus filters
>>
>> Phase 4
>>
>> . web based user mail account management
>>
>> Phase 5
>>
>> . mailman support
>>
>> Phase 6
>>
>> . irc support
>> . other messaging services
>>
>> Phase 7
>>
>> . voice support - mumble?
>>
>> My server runs phases 1-3.
>
> I don't understand how your server can run phases 1 to 3, since Postfix
> isn't packaged.  I guess you are running a foreign distro, which means
> you are still pretty far from you goal.
>
> My own mail server runs GuixSD with OpenSMTPD, which works very well (I
> even have one client!).  Is there an important feature OpenSMTPD is
> missing?  If so, we should package Postfix as a first step.
>
> Same question with Courier-Imap: why don't you use Dovecot?  Its Scheme
> configuration is very nice, and it seems much more popular than
> Courier-Imap anyway.
>
> Also, I would push for a Jabber service rather than an IRC service,
> because Jabber (XMPP) is decentralized.

And there’s also a Prosody service already.

It looks like with current GuixSD you could already get a simple
‘operating-system’ declaration with OpenSMPTD, Dovecot, and Prosody that
does a big chunk of the job!

Ludo’.

Re: Building a secure communications server

[Pjotr Prins]

On Wed, May 17, 2017 at 03:04:28PM +0200, Pjotr Prins wrote:
> Absolutely! Japper is on. Git service is another.

Japper is the new jabber ;)
-- 

Re: Building a secure communications server

[Pjotr Prins]

On Wed, May 17, 2017 at 02:26:20PM +0200, Cl??ment Lassieur wrote:
> Thanks for working on this, I like the idea, and I have always wanted to
> do something similar.

Yes, I am surprised so few people here run their own :)

> I don't understand how your server can run phases 1 to 3, since Postfix
> isn't packaged.  I guess you are running a foreign distro, which means
> you are still pretty far from you goal.

On the mail servers I normally run Debian with some Guix on top. I
have had mail servers since 1996 or so - it was one incentive to try
Linux at the time. My Linux first server (hosted in Bangladesh) was
running sendmail over uucp(!). I came to smtp late :)

I think it is not so much work to replicate my setup in Guix. For me
it will be new to work with GuixSD images and configuring shepherd
etc.

But I am sure we can get some help there.

> My own mail server runs GuixSD with OpenSMTPD, which works very well (I
> even have one client!).  Is there an important feature OpenSMTPD is
> missing?  If so, we should package Postfix as a first step.
> 
> Same question with Courier-Imap: why don't you use Dovecot?  Its Scheme
> configuration is very nice, and it seems much more popular than
> Courier-Imap anyway.

Both great suggestions. Let me read up on them. I have been using the
others because of an early start. Postfix has been very good to me.

One reason to make this list is to invite ideas...

> Also, I would push for a Jabber service rather than an IRC service,
> because Jabber (XMPP) is decentralized.

Absolutely! Japper is on. Git service is another.

Pj.

Re: Building a secure communications server

[Clément Lassieur]

Hi Pjotr,

Thanks for working on this, I like the idea, and I have always wanted to
do something similar.

Pjotr Prins  writes:

> Plan for a secure E-mail server
>
> The idea is to have a secure setup which can be replicated fast and
> parameterized - i.e., there will be installation options. We'll
> develop this so anyone can fire up a VPS instance and get a secure
> communications environment - especially when people are on one host
> and between hosts using encrypted channels.
>
> The plan is as follows:
>
> Phase 1
>
> . postfix with some utilities (postgrey, spfmilter)
> . courier-imap
> . web mail server using imap
>
> Phase 2
>
> . stunnel+sslh - for tunneling ssh/smtp/imap over port 443
>
> Phase 3
>
> . Spam/virus filters
>
> Phase 4
>
> . web based user mail account management
>
> Phase 5
>
> . mailman support
>
> Phase 6
>
> . irc support
> . other messaging services
>
> Phase 7
>
> . voice support - mumble?
>
> My server runs phases 1-3.

I don't understand how your server can run phases 1 to 3, since Postfix
isn't packaged.  I guess you are running a foreign distro, which means
you are still pretty far from you goal.

My own mail server runs GuixSD with OpenSMTPD, which works very well (I
even have one client!).  Is there an important feature OpenSMTPD is
missing?  If so, we should package Postfix as a first step.

Same question with Courier-Imap: why don't you use Dovecot?  Its Scheme
configuration is very nice, and it seems much more popular than
Courier-Imap anyway.

Also, I would push for a Jabber service rather than an IRC service,
because Jabber (XMPP) is decentralized.

Thanks again :)
Clément

> The rest will be new for me though I know how mailman operates. We
> need to make the setup modular, so we can mix and match services (not
> everyone wants mailman or other web fronting services). Exim may be an
> option too.
>
> In parallel we'll start talking with VPS providers and see if we can
> host services cleanly on the fly. One area they need to help is to
> provide IPs that are not blacklisted for SPAM. With my server I am
> continuously fighting these lists. We should have some guarantees
> there.
>
> How does that look?
>
> Pj.

Re: Building a secure communications server

[Pjotr Prins]

Plan for a secure E-mail server

The idea is to have a secure setup which can be replicated fast and
parameterized - i.e., there will be installation options. We'll
develop this so anyone can fire up a VPS instance and get a secure
communications environment - especially when people are on one host
and between hosts using encrypted channels.

The plan is as follows:

Phase 1

. postfix with some utilities (postgrey, spfmilter)
. courier-imap
. web mail server using imap

Phase 2

. stunnel+sslh - for tunneling ssh/smtp/imap over port 443

Phase 3

. Spam/virus filters

Phase 4

. web based user mail account management

Phase 5

. mailman support

Phase 6

. irc support
. other messaging services

Phase 7

. voice support - mumble?

My server runs phases 1-3. The rest will be new for me though I know
how mailman operates. We need to make the setup modular, so we can mix
and match services (not everyone wants mailman or other web fronting
services). Exim may be an option too.

In parallel we'll start talking with VPS providers and see if we can
host services cleanly on the fly. One area they need to help is to
provide IPs that are not blacklisted for SPAM. With my server I am
continuously fighting these lists. We should have some guarantees
there.

How does that look?

Pj.

Re: Building a secure communications server

[Ludovic Courtès]

Hi,

Arun Isaac  skribis:

>> What I want achieve is that we can fire up an image on a VPS with safe
>> communications.
>
> VPSs may be a start. But, I'm not comfortable with them long term. We
> should push for users to self-host their own infrastructure. It should
> be something like the FreedomBox project.
>
> https://freedomboxfoundation.org/
>
> The FreedomBox project is based on Debian. Perhaps, we can build
> something similar, but based on Guix.

The little-known “la Brique Internet” (“Internet Cube”) project¹ is
addressing a similar problem domain and they’ve made pretty impressive
achievements: these “cubes” have been shipped in France to non-experts
and it seems to work as intended.

The software relies on YunoHost² (which I’ve mentioned before) + Debian.
I suspect rebasing YunoHost on GuixSD could help improve reliability
(there could be a “rollback” button!) and flexibility (configuration
wouldn’t have to be limited to web applications), though of course it’s
easier said than done.

It would be lovely to see GuixSD help facilitate self-hosting!

Ludo’.

¹ https://internetcu.be/
² https://yunohost.org/

Re: Building a secure communications server

[Pjotr Prins]

On Sat, May 13, 2017 at 05:04:38PM +0530, Arun Isaac wrote:
> VPSs may be a start. But, I'm not comfortable with them long term. We
> should push for users to self-host their own infrastructure. It should
> be something like the FreedomBox project.
> 
> https://freedomboxfoundation.org/
> 
> The FreedomBox project is based on Debian. Perhaps, we can build
> something similar, but based on Guix.

Yes

> Currently, I self-host my blog, email, XMPP, GNU Social, and a few other
> services on my home ADSL connection with an Intel NUC running Parabola
> GNU/Linux. At some point in the future, I will migrate it to Guix.

Exactly what I am talking about. I also want to migrate my current
services so I can rebuild a system any time.

> > What would be a good webmail service to run over https? Should be
> > simple and secure (these go together, as you know). And should it run
> > over imap? I think we'll need to provide imap anyway.
> 
> Roundcube is what I use. I don't know if there are better options.
> 
> https://roundcube.net/

Yes, I saw that one before. One attractive thing about using IMAP as a
protocol is that the webservice can easily be isolated in a container.
I like that idea.

Pj.

-- 

Re: Building a secure communications server

[Pjotr Prins]

On Sat, May 13, 2017 at 11:31:28AM +, ng0 wrote:
> do you want people with prior knowledge in system administration to
> use the 'spawn a VM' system, or do want to people without any prior
> interest or knowledge in system administration to use this?
> I tend towards the last option, but it depends on the system you
> want to design.

I want to start with the first and end with the last.

> The link to R-Plan: https://www.autistici.org/who/rplan/

Thanks, I'll read up.

Pj.
-- 

Re: Building a secure communications server

[Arun Isaac]

> What I want achieve is that we can fire up an image on a VPS with safe
> communications.

VPSs may be a start. But, I'm not comfortable with them long term. We
should push for users to self-host their own infrastructure. It should
be something like the FreedomBox project.

https://freedomboxfoundation.org/

The FreedomBox project is based on Debian. Perhaps, we can build
something similar, but based on Guix.

Currently, I self-host my blog, email, XMPP, GNU Social, and a few other
services on my home ADSL connection with an Intel NUC running Parabola
GNU/Linux. At some point in the future, I will migrate it to Guix.

> What would be a good webmail service to run over https? Should be
> simple and secure (these go together, as you know). And should it run
> over imap? I think we'll need to provide imap anyway.

Roundcube is what I use. I don't know if there are better options.

https://roundcube.net/

Re: Building a secure communications server

[Pjotr Prins]

What would be a good webmail service to run over https? Should be
simple and secure (these go together, as you know). And should it run
over imap? I think we'll need to provide imap anyway.

Pj.