January 2015 Newsletter
Happy new year everyone!
following our previous newsletter, https://espiv.net/node/239, in which we also mentioned some changes in espiv’s email service, we would like to let you know about the main features of this service and the policy applied to email data preservation.
Email data preservation policy
We remind you that we need to save resources. Furthermore, it is generally considered a bad practice to keep emails forever available online. Thus, espiv has adopted a new policy regarding accounts on mail.espiv.net. If users have not logged in to their email account for more than six months, their account will be deactivated. Email accounts will be permanently deleted after 1 year of total inactivity, i.e. if they are inactive for 6 months after the last login, and the persons who check the same accounts have not requested reactivation for a further 6 months.
Features of mail.espiv.net service
To have an email account on a radical server, such as espiv, is a key step to ensuring the privacy of information we exchange through the internet and the protection of our personal data. Equally, if not more important, is how we are using these services but also the additional tools we have at our disposal to protect ourselves, such as the exchange of encrypted emails.
As espiv we take the safety and privacy of communications very seriously and encourage anonymous access to internet services via Tor.
We would like to inform you that we have implemented a number of features in this direction:
• TLS[1] with proper certificates for SMTP(s), IMAP(s), POP3(s)
encryption of all incoming/outgoing email connections of the server.
• Certificate pinning[2] for other collective email services (riseup.net, so36.net, aktivix.org, autistici.org, etc[3])
certified and secure connection of mail.espiv.net with the servers of most collectives/email providers for activists.
• Forced TLS connections for public email services (Gmail, Hotmail, Yahoo!, etc)
exclusively encrypted connections between mail.espiv.net and the servers of most commercial email providers.
• Anonymized (Client IPs are removed) logs for mail and webmail
no IP address is recorded on the server.
• HTTPS only Roundcube webmail: https://mail.espiv.net
all data traffic between the computer browser and the webmail (mail.espiv.net) is encrypted.
• Autodiscovered settings mechanism for Thunderbird[4]
automatic settings for@espiv.net accounts in Thunderbird mail client.
[1] https://en.wikipedia.org/wiki/Transport_Layer_Security
[2] https://en.wikipedia.org/wiki/Transport_Layer_Security#Certificate_pinning
[3] https://we.riseup.net/riseuphelp+en/radical-servers
[4] https://skytal.es/wiki/Mail_providers
Onion services, accessible only via Tor
We encourage users of mail.espiv.net to use our services through Tor on the following onion addresses:
• Onion Service for SMTP (25), IMAP (143), POP (110): lloiryev7cvzszsn.onion
for anonymous access from any mail client with Tor, e.g. Thunderbird+TorBirdy
• Onion Service for webmail: 5sn2hxofsu6b55lo.onion
for anonymous access to the webmail of espiv.net using Tor Browser
Policy of automatic deletion of older email messages in Trash and Spam
Many times the email storage space gets filled up not because of our Inbox, but due to the Trash and Spam folders, which we often forget to empty. So, we considered it useful to automatically delete email messages older than 21 days from Trash and Spam folders only.
Finally, in order to save resources and avoid filling up the available space of your email account, we suggest you take a series of steps: use a mail client (e.g. Thunderbird) and store email messages locally on your computer; do not attach files to email messages but, instead, upload them on a site for file sharing, such as file.espiv.net (password: espiv); the same goes for mailing lists, where every member should be encouraged to avoid exchanging messages with multiple files attached; use email archiving practices.
DOS attacks and more resources
As we have already informed you about ( https://espiv.net/node/240 ) one of our servers is under frequent denial of service attacks. As a result for short or longer periods the blogs, websites and forums we host in that machine are not accessible. If you think you can somehow contribute to espiv’s infrastructure with more resources please contact us: servers@espiv.net, gpg keyid: 0x7A376A7D823369FF
espiv’s administrative collective