How I handle my email:

I run a Dovecot server on my home network (inaccessible externally) that I connect to via Gnus. I use fetchmail to pull mail from my personal mailserver (, also running Dovecot), and

Mail rules are assigned on if it needs to bounce, via Sieve. Otherwise, I have Sieve rules on my internal mailserver.

My SMTP server at is Postfix. The SMTP server I use depends on my From address.

I also use fetchmail via POP, so I don't have my mail accessible potentially to attackers on remote servers. But I wait to flush the mail until after I run my backups locally, just to make sure I don't lose any messages.

If I need to access my mail, I do so via SSH, which requires my Nitrokey; my mailserver is inaccessible outside of the box that it's running on. Consequently, I use Gnus via that SSH session; I do not connect to my local IMAP server from my laptop, to limit attack surface a bit further.

This is also out of respect to people I correspond with, since any compromise of my system is a breach of their privacy as well.

@mikegerwitz I really enjoy these posts. I wish you turn these into web pages that permanently sits somewhere and is easier to find outside mastodon.

@vu3rdd Thank you; I appreciate the feedback.

I hope to aggregate on my website at some point, and elaborate on them a bit. But I've been wanting to do that for years, so I decided posting brief summaries to Mastodon would be better than nothing, and then give me something to build off of.

Your feedback will help motivate me to do so. I'll let you know when it happens.

Sign in to participate in the conversation
Mike Gerwitz's Mastodon Instance

Mike Gerwitz's personal Mastodon instance