Hi! According to Configure SMTP relay | Yunohost Documentation
when using an SMTP relay, not only a third party sends emails on your behalf, but it has full access to the content of all the emails you’ll send
I am a bit confused. Isn’t the transport encrypted with TLS nowdadays? Then the content would be safe? According to Can a email relay server decrypt and read your emails ? : privacy the answer might be both yes and no. How will it be with Yunohost and TLS? Thanks!
TLS is about encrypting the traffic between the two servers (i.e. your yunohost, and the relay) so that an attacker cannot read your email just by sniffing the network traffic between the two machines
However it doesn’t mean that the relay cannot read the content of the email.
To truly be safe against eavesdropping from the relay, or from your yunohost’s instance admin, then you need end-to-end encryption, which in the context of email is usually achieved using GPG/PGP but requires all your pen pals also use (basically you can’t just turn a switch on an be safe forever, humans gotta learn how to use the tool and it ain’t 100% obvious)
Thanks a lot for the explanation. I was not aware that, to be safe, end-to-end encryption also was required for smtp-relays. Let’s hope someday someone will come up with a more user-friendly option than GPG/PGP…
To clarify : the issue is less with GPG/PGP itself than the lack of implementation in all modern and popular client … For example, I doubt that Gmail and Outlook integrate support for GPG/PGP (while Thunderbird does, nowadays, but it took a while for it to become a default feature), despite Google/Microsoft definitely having the money to add native support for those with the proper UI/UX. In turn, this is creating a huge human/learning cost for people willing to change their practice…
On the other hand - from another reddit thread Mail server : selfhosted
– Is it cheating to just use AWS ses for outbound email?
– Not at all - you still control the inbound side and your mailbox storage. That’s still worth it. Outgoing mail is already outgoing. You can’t self-host, control, or trust the destination server, so adding SES in between hardly changes the equation. This really is a great compromise, you just have to be willing to accept that email overall isn’t a private system. Do the best you can while maintaining maximum functionality.