Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> 2. No open source webmail servers that I've seen come close to Gmail's functionality, and I don't have time to write one that is.

Obligatory comment pointing out an opportunity for disruption, etc., why aren't we all millionaires., etc. etc.



The business model isn't there. I have yet to see a large group of consumers willing to pay for secure email and the only other alternative, advertising, leads to the exact same problem that you face with GMail.


I would pay and so would many others.


That seems to imply you don't already. There are lots of paid email services that don't monetize user's emails. And many that are hosted outside the United States.

For the extremely vigilant, there is always CounterMail

https://countermail.com/

The threat of email interruption and snooping can't be completely avoided. Undersea cables get cut, governments change, servers crash, data centers get raided, and companies disappear. At some point the data gets decrypted and everything is retrievable unless you are any extremely hard core PGP user. Even HushMail has to bend to the feds when it's all said and done. Even savvy people realize paranoia only gets you so far with email.


  >  advertising, leads to the exact same problem
  > that you face with GMail.
Not necessarily. For some people that largest factor is that Gmail brings all of your email under US jurisdiction. It may be enough to just do advertising-funded Gmail clone that is solely based out of another jurisdiction.

You may even be able to convince non-US businesses that this is a better alternative.


Hushmail would disagree - https://www.hushmail.com/


Nice to know, thanks for the tip

Did you try it and can compare it to gmail?

Especially on:

- linking other accounts (POP and IMAPS)

- spam detection


I actually host my own email. I developed an open source application for automatically encrypting all email with my public key as soon as it arrives, and I can't do this if somebody else hosts my email. You can read why and how here: https://grepular.com/Automatically_Encrypting_all_Incoming_E...


Brilliant! Thank you for sharing the post and code. I'd be interested in hearing thoughts on how to make it searchable. If you don't index, searching will take quite some time. I guess the best thing to do would be to index each e-mail (keywords?) before it is encrypted and then encrypt the index itself as well. There is a problem with the keyword approach though - if the index encrypts the words but the "link" between message id and encrypted keywords is not encrypted, then an attacker who is in posession of one or several other message bodies in plain text can see correlations between the content of known and unknown message bodies.


+1 for willing to pay for secure email.


Ok that's 2 customers who are also HNers. I think you'd need to do better than that. We are hardly a representative of the general consumer.

There is another problem, US govt' need to get access all these messages. For example http://en.wikipedia.org/wiki/Hushmail, people seemed to have signed up, but Hushmail was forced to provide plaintext messages to US govt upon request. So they sort of compromised their main selling point.

That is probably the largest problem, you'd be stuck between a rock and a hard place. You either please your security conscious customers or please Uncle Sam. You can't please both.


"There is another problem, US govt' need to get access all these messages."

You're assuming the service has to be located within the US. Why?


It doesn't have to, but unless it is located in Iran, NK or other US-unfriendly place, US govt can always pressure the local govt to pressure the local business to turn things over. I wouldn't, for example, count on countries like Switzerland, US is already getting to its banks to turn over US accounts, and is supposed to be one of the most independent and un-influenced countries.

With the current legislation trend, eventually un-cooperative or "terrorist friendly" sites would just be filtered out and blocked, so you might have a hard time accessing your email. Some messages might never make it to you.


  > US govt can always pressure the local govt
That depends. In some places, the privacy laws are better than in the US. You would just have to choose wisely.


> In some places, the privacy laws are better than in the US.

That's nice, you still believe that the laws on file actually govern how the country is run.

Bug if you follow e.g. how the spanish SOPA-like was passed, you realize it's all a facade.


I was actually talking about writing a front-end that you could host on your own server, not a gmail clone. (I wish I could update my original comment.)


So... why don't you buy something like Rackspace email, which costs $2/mo?


Because the minimum cost is $10/mo for Rackspace email.

I personally have switched between payed google apps for domains and fastmail (those are both $50/yr and under).


Re: rackspace, you can always sign up for a trial account for something else, and once you're in, get the single email subscription for $2.


This is why I would never start a business in this space. You're saying $10/month is too much to protect the privacy of your email.


I think for most people, $10 IS too much. Although we all talk tough about privacy, most people (even here) don't have much to hide from anyone, and when the difference between definitely secure, and probably secure (in terms of privacy and ownership of data) is $10, it suddenly feels a lot more expensive.


Which takes me back to my original point. :-)


I am just about to migrate from Gmail to NeoMailbox. I'm choosing the Swiss hosting option. I'd prefer something in Iceland but the closest service I could find was OrangeWebsite and for them mail was pretty much an afterthought.

https://neomailbox.com/services/secure-email http://www.orangewebsite.com/web_hosting.php


lavabit.com


I'm not sure that an open source webmail is an easy way to become a millionaire. =P


Because not even "extremely security and privacy aware" hackers care enough to use it. That said, Zimbra is pretty bloody decent.


I would gladly switch to a different webmail provider (and pay a decent amount for this service) if they could replicate all of the benefits of gmail.


As a curiosity, what is "a decent amount"? $5/mo? $10/mo? More?


I would probably pay $200-$300/year, so maybe $15-25/month if this hypothetical service could completely match gmail in features.


I'd be really curious to see what Google makes off the advertisements served up in Gmail, compared to this price.


By the way, I meant someone creating an application you could install locally, instead of just being a gmail clone hosting everyone's e-mail at once.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: