6.9 KiB
| title | icon | description | cover |
|---|---|---|---|
| Self-hosted Software and Services | material-server-network | For our more technical readers, self-hosted software and services can provide additional privacy assurances by having maxmimum control over your data. | router.webp |
Protects against the following threat(s):
- :material-server-network: Service Providers{ .pg-teal }
Self-hosted software and services can be a way to achieve a higher level of privacy through digital sovereignty, particularly independence from cloud servers controlled by developers or vendors. By self-hosting, we mean hosting applications and data on your own hardware.
Self-hosting your own solutions requires advanced technical knowledge and a deeper understanding of the associated risks. By becoming the host for yourself and others, you take on responsibilities you might not otherwise have. It is crucial to remain vigilant about topics such as network security, backups, and disaster recovery. For example, you should regularly test your backups to ensure they are functioning correctly.
:material/email: Email Servers
Advanced system administrators may consider setting up their own email server. Mail servers require attention and continuous maintenance in order to keep things secure and mail delivery reliable. In addition to the "all-in-one" solutions below, we've picked out a few articles that cover a more manual approach:
- Setting up a mail server with OpenSMTPD, Dovecot and Rspamd (2019)
- How To Run Your Own Mail Server (August 2017)
Stalwart
{ align=right }
Stalwart is a newer mail server written in Rust which supports JMAP in addition to the standard IMAP, POP3, and SMTP. It has a wide variety of configuration options, but it also defaults to very reasonable settings (in terms of both security and features) making it easy to use immediately. It has web-based administration with TOTP 2FA support, and it allows you to enter your public PGP key to encrypt all incoming messages.
:octicons-home-16: Homepage{ .md-button .md-button--primary } :octicons-info-16:{ .card-link title="Documentation" } :octicons-code-16:{ .card-link title="Source Code" } :octicons-heart-16:{ .card-link title="Contribute" }
Stalwart's PGP implementation is unique among our self-hosted recommendations, and allows you to operate your own mail server with zero-knowledge message storage. If you additionally configure Web Key Directory on your domain, and if you use an email client which supports PGP and Web Key Directory for outgoing mail (like Thunderbird), then this is the easiest way to get self-hosted E2EE compatibility with all Proton Mail users.
Stalwart does not have an integrated webmail, so you will need to use it with a dedicated email client (or find an open-source webmail to self-host, like Nextcloud's Mail app). We use Stalwart for our own internal email at Privacy Guides.
Mailcow
{ align=right }
Mailcow is a more advanced mail server perfect for those with a bit more Linux experience. It has everything you need in a Docker container: a mail server with DKIM support, antivirus and spam monitoring, webmail and ActiveSync with SOGo, and web-based administration with 2FA support.
:octicons-home-16: Homepage{ .md-button .md-button--primary } :octicons-info-16:{ .card-link title="Documentation" } :octicons-code-16:{ .card-link title="Source Code" } :octicons-heart-16:{ .card-link title="Contribute" }
Mail-in-a-Box
{ align=right }
Mail-in-a-Box is an automated setup script for deploying a mail server on Ubuntu. Its goal is to make it easier for people to set up their own mail server.
:octicons-home-16: Homepage{ .md-button .md-button--primary } :octicons-info-16:{ .card-link title="Documentation" } :octicons-code-16:{ .card-link title="Source Code" }
:material/email-lock: Email Aliasing
Addy.io
{ align=right }
Addy.io is an email aliasing service which lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
:octicons-info-16: More Info{ .md-button .md-button--primary } :octicons-home-16:{ .card-link title="Homepage" }
:material/file-cloud: Cloud Storage
Peergos
{ align=right }
Peergos is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of IPFS (InterPlanetary File System), a peer-to-peer architecture that protects against :material-close-outline: Censorship{ .pg-blue-gray }.
:octicons-info-16: More Info{ .md-button .md-button--primary } :octicons-home-16:{ .card-link title="Homepage" }
Peergos is primarily a web app, but you can self-host the server either as a local cache for your remote Peergos account, or as a standalone storage server which negates the need to register for a remote account and subscription. The Peergos server is a .jar file, which means the Java 17+ Runtime Environment (OpenJDK download) should be installed on your machine to get it working.
Running a local version of Peergos alongside a registered account on their paid, hosted service allows you to access your Peergos storage without any reliance on DNS or TLS certificate authorities, and keep a copy of your data backed up to their cloud. The user experience should be the same whether you run their desktop server or just use their hosted web interface.