How I handle my email:

I run a Dovecot server on my home network (inaccessible externally) that I connect to via Gnus. I use fetchmail to pull mail from my personal mailserver (, also running Dovecot), and

Mail rules are assigned on if it needs to bounce, via Sieve. Otherwise, I have Sieve rules on my internal mailserver.

My SMTP server at is Postfix. The SMTP server I use depends on my From address.


I also use fetchmail via POP, so I don't have my mail accessible potentially to attackers on remote servers. But I wait to flush the mail until after I run my backups locally, just to make sure I don't lose any messages.

If I need to access my mail, I do so via SSH, which requires my Nitrokey; my mailserver is inaccessible outside of the box that it's running on. Consequently, I use Gnus via that SSH session; I do not connect to my local IMAP server from my laptop, to limit attack surface a bit further.

This is also out of respect to people I correspond with, since any compromise of my system is a breach of their privacy as well.

Sign in to participate in the conversation
Mike Gerwitz's Mastodon Instance

Mike Gerwitz's personal Mastodon instance