In the early 2000s it was the height of geek fashion to run your own e-mail server—then along came Gmail with two gigabytes of free storage and excellent spam filtering. Now even most people with their own domain names use e-mail provided by Google, Microsoft or their Internet Service Provider (ISP). You may even be using Gmail or Hotmail without knowing it: over the last few years many universities and other organizations have outsourced their e-mail to these services.
The recent revelations about PRISM and other communications surveillance programs ought to make people consider alternatives to commercial e-mail services. Running your own server, as I've been doing since 2003, requires some willingness to dig into technical details but costs nothing in functionality. I can access my e-mail from anywhere in the world using ordinary desktop software, smart phones or Web browsers, and the spam filtering is just as effective. Because latter-day developments like Twitter or Facebook require users adapt to their software, some people have forgotten e-mail is an open standard that dates to the dawn of the Internet. The price of being your own system administrator is an occasional day of technical pain while updating the host machine or the server software.
Is it worth your trouble? I think so, but only you can decide. To help, I’ve spelled out the disadvantages, advantages and what you’ll need to start hosting your own e-mail.
You own your own e-mail. You will never have to beg and plead with an automated reply system located at a call center in India to try to get your e-mail back because your account got accidentally deleted. You will also have greater control over spam and malware filtering.
Although someone targeting you for surveillance can still access your Internet traffic, if they want access to your entire archive of e-mail they cannot gain it secretly via a private arrangement with a large company. Someone who wants your data will have to come to you directly.
In addition, you can turn on encryption between servers when sending e-mail, preventing prospective spies from logging the details of what you send. That means additional protection for your traffic data-that is, records of the recipients, dates and times of your messages. You will also be free from automated analysis by companies like Google, who process your data in order to display relevant ads when you use their sites. Incoming e-mail comes directly to your server, and will not be seen or logged by your ISP (though the sender's ISP may track it). You are also protected against random interface design changes.
There is something extraordinarily empowering about firing up e-mail software, connecting to your own server and retrieving your messages. Being in charge of a fundamental part of your communications life can restore your view of the Internet as a modern marvel.
A consequence of spam has been increasing centralization, so when your small, unknown mail server tries to deliver e-mail to a remote host, that host may suspect your server is part of a botnet sending spam and mark or discard your e-mail accordingly. There is a way around this: most mail servers can be set to deliver e-mail directly to the receiving servers or hand it off to your ISP's rather larger and better-known server for onward delivery. Choosing the latter option means your ISP (and any prying eyes it authorizes) can monitor your outgoing e-mail, but the message will arrive at its destination nonetheless.
Running your own server will not protect you from all surveillance. As Richard Clayton, a researcher at the University of Cambridge’s Computer Laboratory, notes, if someone has a warrant that targets you for surveillance, they will tap your Internet connection and listen to everything going up and down that link, including e-mail.