I agree that this is horrible, horrible advice. https://t.co/r4opI9bymV— Alex Stamos (@alexstamos) August 25, 2016
The sarcasm layers are so numerous and thick on InfoSec Twitter that I honestly can’t tell you what @alexstamos or @swiftonsecurity believe about running your own email server. They could be obviously for it, or honestly against it. Irony often obscures true meaning on Twitter.
But there seems to be some legitimate controversy around it right now on Twitter. A bunch of people seem to be legitimately saying it’s dumb to do so. The line of argument goes like this.
Email is complex. It’s hard to secure. Unless you’re the end-all, be-all of email administration, you’re likely to do a far worse job at it than Google, Yahoo!, Comcast, or whoever provides you the service today.
Sure, I get it. It’s kind of the cloud argument for why you shouldn’t have your own datacenters anymore. There are people who are (probably) better than you at it, and you should let them do it.
But as someone who ran (but no longer runs) his own email infrastructure for around seven years (Gentoo gang signs), I want to give you a few reasons why running your own email is different. Not for Clinton, but for you as an IT person.
- It’s hard. No amount of O’Reilly or NoStarch will teach you SMTP and IMAP the way you learn it by setting up Postfix, Qmail, Sendmail, or whatever it is you’re using. You’re getting spam? Cool, now you’re going to learn about SpamAssassin, and how Bayesian logic works. Something broken? Cool, now you’re going to spend hours in forums (in the beginning), looking at logs, and obsessing over getting things running perfectly. Managing certificates. The proper associated DNS entries. SPF. RBLs. It’s education by immersion.
- You’re now running an internet-accessible service. In the end you will have set up an actual, honest-to-god piece of public infrastructure. And you are running it yourself. When you look at the logs for attempted connections, you don’t see theory, you see truth. And everything will be confusing. Why is that connecting to me three times? Who’s contacting me from there? That’s not how IMAP is supposed to work! Etc. Look at logs, google, repeat. You learn Internet by becoming Internet.
- You have more control. You want to blacklist certain countries from sending you mail? Want to change how sensitive your spam filter is? Want to run Mutt as your email client, just to see how it works? You can do that. You can configure this service however you’d like.
- You have more privacy. There are a number of different reasons people might want privacy, and a number of different people they might want it from. Google is great, but they parse your email to show you ads. Some people don’t like that, and they think it’s worth it to run their own email to avoid it. Then there are those who worry about their governments, and the ability for them to say the word and pull everything without your knowledge. That’s not impossible when you run your own system, but it can be significantly more difficult.
Now of course there are downsides. The knife’s handle is also a blade sometimes, and misconfigurations can be costly. But it’s largely the same with driving or raising kids. If you think the endeavor is worthy, put the time in to do it right.
If it’s so great, why did you stop?
Great question. For me it was simple.
As I said, it takes time and effort to learn how to run a public service well, and it takes effort to maintain it. At some point that effort is no longer justified by the advantages, because the advantages have either already been attained (learning), or have gone away (a need or desire for additional privacy or control).
Once that happened for me a few years back, I stopped.
But I still run my own website. I still check logs almost daily. I still manage my own VPS instead of use a managed server. And it’s for many of those same reasons: staying fresh with infrastructure knowledge, satisfying curiosity by looking at inbound web traffic (shudder/lol/wtf), and having complete visibility and control.
To say there are people who should never run their own public servers is fine. I get it. If you don’t have the knowledge, the passion, or the interest to do it correctly, then it’s probably best that you don’t.
But to say that nobody should care about these things, in my opinion, is an overt attack on curiosity and the spirit of learning. And it also represents a fundamental lack of empathy for people who have values different from your own.
- You aren’t interested in the intricacies of how email moves around the Internet. Fine.
- You don’t care to have granular control of your email functionality. Also ok.
- You don’t mind if private companies scan your email and send you ads based on what they find. Cool.
- And you don’t worry about whether the government of Elbonia is checking to make sure your arm bends the right way. Happy for you.
But maybe we can drop the attitude against people who do (for whatever reason) care about these things.
- The point about learning by running your own public infrastructure applies to DNS servers (and many other types of service) in addition to email. Try em’ all if you’re curious. I did, and I consider it a foundational component to my IT education.
- I thought of a counter while writing this: “Why don’t you try out being a neurosurgeon then? Or being a 757 pilot? At what point does your curiosity stop being cute and fun and start being a danger to the public?” Easy. The Internet has ways of dealing with insecure/compromised email servers, just as society has ways of dealing with belligerent public behavior. So the harm is relatively minimal if you do make a blunder with your own personal servers, while it’s not so with a 757 or a brain operation.