1 changed files with 141 additions and 0 deletions
@ -0,0 +1,141 @@ |
|||
--- |
|||
title: "Treat your email right. Kat-arena" |
|||
mobile_menu_title: "Treat your email right" |
|||
date: 2022-06-30 |
|||
Author: "Katerina" |
|||
description: "Kat-arena is trying to make sure her major internet identification, the email, is secured nicely. but getting rid of spam for free is not that easy." |
|||
series: [ "Kat-arena" ] |
|||
categories: [ "software", "privacy" ] |
|||
tags: [ "email", "privacy", "tracking", "Free Open Source Software", "FOSS" ] |
|||
news_keywords: [ "email", "privacy", "tracking", "Free Open Source Software", "FOSS", "webmail", "webmail system" ] |
|||
--- |
|||
|
|||
# Treat your email right |
|||
|
|||
Email was born as a more convenient and rapid way to exchange messages |
|||
in an attempt to replace physical letters. |
|||
Indeed, this is what has happened in the 50 years that passed since its inception. |
|||
Nowadays email is considered an absolute basic communication medium. |
|||
It is required for accessing almost any digital, and sometimes physical, service |
|||
(even the dentist asked for my email address!). |
|||
As such, an email address may convey more personal details than a physical one. |
|||
|
|||
So, today seems like a good time to update your email safety. |
|||
|
|||
Your email address is split in 3 major parts |
|||
(as specified by [RFC-5322](https://datatracker.ietf.org/doc/html/rfc5322#section-3.4.1)): |
|||
|
|||
```goat { width=400 height=240 } |
|||
.-------------------------. .-----------. |
|||
|username (the local-part)| |Domain name| |
|||
'---+---------------------' '-+---------' |
|||
\ / |
|||
\ / |
|||
username @ domain.com |
|||
| |
|||
| |
|||
.--------+----------. |
|||
|at-sign separates | |
|||
|username and domain| |
|||
'-------------------' |
|||
``` |
|||
|
|||
Usually the domain name conveys information about your affiliation or your email |
|||
service provider. |
|||
|
|||
Having multiple emails, unaffiliated with a company, |
|||
is a common way to protect your digital privacy, improve decentralization |
|||
of the Internet, and help confining and reducing spam. |
|||
|
|||
To put it in Lorenzo Cogotti's words: |
|||
|
|||
> The strategy works by making it harder to associate different services' |
|||
> subscriptions together by a single email address, reducing the chance to |
|||
> track you. Keep in mind though, that other information may still be used |
|||
> to link them together (e.g. there's still your phone number). |
|||
|
|||
## Some basic tips |
|||
|
|||
Let's cover some basics on how you can improve your safety even with |
|||
non Free and Open Source (FOSS) email solutions. |
|||
|
|||
* To minimize tracking, don't open your inbox inside a browser |
|||
(**webmail** **client**), prefer installing specific software |
|||
(**mail client**, **email reader**). |
|||
Otherwise, the safety of the inbox contents is in the hand of the browser |
|||
as much as the email provider. |
|||
* Avoid sending "heavy" files or any important document via email. |
|||
The first ones have a high chance of never reaching the recipient due to |
|||
attachment filters. While the other ones may be scanned automatically by your |
|||
email service provider or accessed in case your email password's leaked. |
|||
Some alternatives are, for example, file-sharing platforms with restricted |
|||
access or actual physical devices. |
|||
* Use different accounts for social media authorization, |
|||
e-commerce and subscription services. Do not share this email anywhere. |
|||
The same goes for deliveries. |
|||
* For any suspicious website or one-time promo solutions, |
|||
consider an auto-generated email with an automatic verification function |
|||
(below). |
|||
|
|||
This won't be enough to ensure you won't receive spam. |
|||
In practice, we have to accept nothing on the Internet can guarantee you a 100% |
|||
spam-free life, unless you use services expressly designed to fight spam and |
|||
promo emails. However, it will make the lives of those who are trying to |
|||
reach you, for this reason, a bit more complicated. |
|||
|
|||
## What about email service providers? |
|||
|
|||
This partially settles the problem with other services using email addresses to track us, |
|||
but what if we suspect **the email service provider** is the one scanning us? |
|||
|
|||
Probably, the best bet would be configuring your own mail server. |
|||
Unfortunately, it cannot be considered gratis or easy, but if you are a |
|||
business owner or an enthusiast it may be viable. |
|||
Creating a domain is not enough, as managing emails needs storage space |
|||
on a server. Which practically means buying a piece of hardware. |
|||
Prices range from 30 to several thousands euros, with the basic options being |
|||
a good solution for small initiatives and individuals. |
|||
For some business owners, the hardware price and the increase in energy bills |
|||
may justify renting a server. |
|||
Though, running it still requires advanced knowledge and maintenance. |
|||
|
|||
The average user may look for simpler solutions, like relying on existing |
|||
servers provided by dependable mail service providers. |
|||
Surely, it is not that easy. |
|||
|
|||
Let's introduce a sad fact about our world. |
|||
|
|||
> Nothing is gratis. |
|||
|
|||
As we have just seen, running a mail hosting server is not trivial. |
|||
It involves expensive hardware, complex knowledge, storage space, |
|||
disaster recovery plans, web traffic distribution and Internet domain management, |
|||
to name a few, - so, it is naïve to expect it all free of charge. |
|||
|
|||
In fact, it is not. |
|||
Even when there is no subscription fee, one should look for a more complex one. |
|||
Most "gratis" mail services actively track their users' data, |
|||
for further monetization, such as targeted advertising. |
|||
In other words, some mail servers may scan your emails or share the history of |
|||
your message with third parties and governments. |
|||
This practice is not considered illegal, as some of this data is |
|||
not regarded as personal or sensitive. |
|||
Plus, a user should be aware of everything as they are always welcome to read |
|||
the 20+ pages of Privacy Notice to understand how their data is treated |
|||
(and do not forget to check yearly privacy updates timely). |
|||
|
|||
Additionally, big famous mail servers are the most popular targets of attacks |
|||
and consequent password leaks, plus their email addresses are easier to guess. |
|||
As for smaller ones, if you are unsure where to look, it is not obvious to |
|||
avoid third-party involvement and ensure data safety. |
|||
For example, numerous services still use ReCaptcha, a service by Google |
|||
(the existential "I am not a robot" thing). |
|||
|
|||
So, it is important to stay informed and make sure you understand how the |
|||
service treats your data and who can access it. |
|||
|
|||
The [Free Software Foundation](https://www.fsf.org/resources/webmail-systems) provides some interesting insights on the subject. |
|||
|
|||
Stay informed, and stay safe! |
|||
|
|||
Katerina |
|||
Loading…
Reference in new issue