free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

A note about email

This commit is contained in:
Bob Motram 2015-02-20 08:16:14 +00:00
parent 56236eb4db
commit 4b085b233b
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
doc/EN/faq.org
View File

@ -18,6 +18,7 @@
| [[How do I get a "real" SSL certificate?]] |
| [[Why use self-signed certificates?]] |
| [[Why not use the services of $company instead? They took the Seppuku pledge]] |
| [[Why does my email keep getting rejected as spam by Gmail/etc?]] |
#+END_CENTER
* Why not supply a disk image download?
@ -244,3 +245,7 @@ Security of web sites on the internet is still a somewhat unsolved problem, and
For now a self-signed certificate will probably in most cases protect your communications from "bulk" passive surveillance. Once you've got past the scary browser warning and accepted the certificate under most conditions (except when starting up the Tor browser) you should not repeatedly see that warning. If you do then someone may be trying to meddle with your connection to the server. You can also take a note of the fingerprint of the certificate and verify that if you are especially concerned. If the fingerprint remains the same then you're probably ok.
* Why not use the services of $company instead? They took the Seppuku pledge
[[http://seppuku.cryptostorm.org][That pledge]] is utterly worthless. Years ago people trusted Google in the same sort of way, because they promised not be be evil and because a lot of the engineers working for them seemed like honest types who were "/on our side/". Post-[[https://en.wikipedia.org/wiki/Nymwars][nymwars]] and post-[[https://en.wikipedia.org/wiki/PRISM_%28surveillance_program%29][PRISM]] we know exactly how much Google cared about the privacy and security of its users. But Google is only one particular example. In general don't trust pledges made by companies, even if the people running them seem really sincere.
* Why does my email keep getting rejected as spam by Gmail/etc?
Welcome to the world of email. Email is really the archetypal decentralized service, developed during the early days of the internet. In principle anyone can run an email server, and that's exactly what you're doing with Freedombone. Email is very useful, but it has a big problem, and that's that the protocols are totally insecure. That made it easy for spammers to do their thing, and in response highly elaborate spam filtering and blocking systems were developed. Chances are that your emails are being blocked in this way. Sometimes the blocking is so indisciminate that entire countries are excluded. What can you do about it? Unless you control the block list at the receiving end probably you can't do anything. There is zero accountability for such blocking, and you can't just contact someone and say "hey, I'm not a spammer". This system works well for the big internet companies because it effectively centralises email to a few well-known brand names and keeps any independent servers out.
So the situation with email presently is pretty bad, and there's a clear selection pressure against decentralization and towards only a few companies controlling all email services. Longer term the solution is to have more secure protocols which make spamming hard or expensive. Bitmessage is one such system.