Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


mxroute.com vs mailcheap.co - Page 4
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

mxroute.com vs mailcheap.co

1246

Comments

  • henkbhenkb Member

    Yeah, me two. Lower latency may result in better performance (not that it is bad, but crossing an ocean takes time)

  • WSSWSS Member

    @jarland could setup an EU MX for incoming, I guess, and do GeoDNS garbage- but I'm sure he's probably more interested in getting rid of CPanel first.

  • jarjar Patron Provider, Top Host, Veteran
    edited March 2017

    @WSS said:
    @jarland could setup an EU MX for incoming, I guess, and do GeoDNS garbage- but I'm sure he's probably more interested in getting rid of CPanel first.

    Thinking about slowing down on the idea of getting rid of cPanel. I do prefer local servers over EU for privacy reasons, but it's always up for consideration. I just don't trust EU to protect customer data in any legal sense, not in the long term. I trust myself holding a box of matches under the server and daring anyone to come at me.

  • @jarland said:

    @WSS said:
    @jarland could setup an EU MX for incoming, I guess, and do GeoDNS garbage- but I'm sure he's probably more interested in getting rid of CPanel first.

    Thinking about slowing down on the idea of getting rid of cPanel. I do prefer local servers over EU for privacy reasons, but it's always up for consideration. I just don't trust EU to protect customer data in any legal sense, not in the long term. I trust myself holding a box of matches under the server and daring anyone to come at me.

    Nothing wrong with CPanel in your use case, I've seen you explain multiple times why you use it and agree with your reasoning. Can't please everyone :)

    Thanked by 1jar
  • WSSWSS Member

    @jarland said:

    @WSS said:
    @jarland could setup an EU MX for incoming, I guess, and do GeoDNS garbage- but I'm sure he's probably more interested in getting rid of CPanel first.

    Thinking about slowing down on the idea of getting rid of cPanel. I do prefer local servers over EU for privacy reasons, but it's always up for consideration. I just don't trust EU to protect customer data in any legal sense, not in the long term. I trust myself holding a box of matches under the server and daring anyone to come at me.

    I didn't mean for storage, just as a backup MX which shows as a higher priority in the EU which still goes to your primary storage server. Just a bit of DNS trickery. :)

    @austenite said:
    Nothing wrong with CPanel in your use case, I've seen you explain multiple times why you use it and agree with your reasoning. Can't please everyone :)

    I'd think he'd be trying to get rid of it because he always has to explain why, and continues to get shit for it. Good thing he didn't build it on ISPConfig. :D

    Thanked by 2jar austenite
  • WSSWSS Member
    edited March 2017

    Wrong thread. That's TWO for TWO today!

  • mailcheapmailcheap Member, Host Rep

    @jarland said:

    @WSS said:
    @jarland could setup an EU MX for incoming, I guess, and do GeoDNS garbage- but I'm sure he's probably more interested in getting rid of CPanel first.

    Thinking about slowing down on the idea of getting rid of cPanel. I do prefer local servers over EU for privacy reasons, but it's always up for consideration. I just don't trust EU to protect customer data in any legal sense, not in the long term. I trust myself holding a box of matches under the server and daring anyone to come at me.

    Prefer illegal surveillance? ;)

    Pavin.

  • jarjar Patron Provider, Top Host, Veteran
    edited March 2017

    @mailcheap said:

    @jarland said:

    @WSS said:
    @jarland could setup an EU MX for incoming, I guess, and do GeoDNS garbage- but I'm sure he's probably more interested in getting rid of CPanel first.

    Thinking about slowing down on the idea of getting rid of cPanel. I do prefer local servers over EU for privacy reasons, but it's always up for consideration. I just don't trust EU to protect customer data in any legal sense, not in the long term. I trust myself holding a box of matches under the server and daring anyone to come at me.

    Prefer illegal surveillance? ;)

    Pavin.

    Easier to fight illegal than legal at least haha

    But yeah here I have at least legal justification to argue and local assistance against bad practices, where overseas I have neither.

  • mailcheapmailcheap Member, Host Rep

    @jarland said:

    @mailcheap said:

    @jarland said:

    @WSS said:
    @jarland could setup an EU MX for incoming, I guess, and do GeoDNS garbage- but I'm sure he's probably more interested in getting rid of CPanel first.

    Thinking about slowing down on the idea of getting rid of cPanel. I do prefer local servers over EU for privacy reasons, but it's always up for consideration. I just don't trust EU to protect customer data in any legal sense, not in the long term. I trust myself holding a box of matches under the server and daring anyone to come at me.

    Prefer illegal surveillance? ;)

    Pavin.

    Easier to fight illegal than legal at least haha

    High profile cases and huge payouts are tempting.

    Pavin.

  • @jarland said:
    I vote mxroute. Shit wrong account.

    No for real, if I haven't said it in this thread yet, @MailCheap is awesome.

    Yep have to say Pavin's been rather accommodating, there's a few minor niggles with the way quarantine works in the software stack @mailcheap use that I'm sure will get improved upon as the underlaying project develops.

    Stability wise the only issues I've had with my dedicated instance have been self inflicted and Pavin sorted it out within a few minutes of reporting the issue. (It was due to a deviation from the standard config I'd requested and an interaction with how my client behaved)

    Thanked by 1mailcheap
  • daffydaffy Member

    @jarland said:

    Thinking about slowing down on the idea of getting rid of cPanel. I do prefer local servers over EU for privacy reasons, but it's always up for consideration. I just don't trust EU to protect customer data in any legal sense, not in the long term. I trust myself holding a box of matches under the server and daring anyone to come at me.

    You should host here in Norway. We have quite nice laws regarding privacy here.

  • MikePTMikePT Moderator, Patron Provider, Veteran

    @jarland said:

    @WSS said:
    @jarland could setup an EU MX for incoming, I guess, and do GeoDNS garbage- but I'm sure he's probably more interested in getting rid of CPanel first.

    Thinking about slowing down on the idea of getting rid of cPanel. I do prefer local servers over EU for privacy reasons, but it's always up for consideration. I just don't trust EU to protect customer data in any legal sense, not in the long term. I trust myself holding a box of matches under the server and daring anyone to come at me.

    PM me and we can discuss a few ideas that we were about to launch... Though we gave up on that project. So feel free to pm me.

  • jarjar Patron Provider, Top Host, Veteran
    edited March 2017

    daffy said: You should host here in Norway. We have quite nice laws regarding privacy here.

    My biggest concern with countries I have no legal rights in is that policies are footballs that gets kicked around. What is true today may not be true tomorrow. Here I at least have a legal foothold, a legally recognized voice, and I can physically throw the server into a bonfire.

    Thanked by 117brownj
  • Thanked by 1simonindia
  • MaouniqueMaounique Host Rep, Veteran

    jarland said: What is true today may not be true tomorrow.

    And, of course, in US that is not an issue now.

  • jarjar Patron Provider, Top Host, Veteran
    edited March 2017

    Maounique said: And, of course, in US that is not an issue now.

    It's just a matter of physical presence for me. What is true or changes tomorrow I have more direct influence in when it's at my front door, as opposed to a country I may not even be able to step foot in. It gives me more options, legal or otherwise.

    I fear EU especially is about to see a lot of changes in the next ~2y, where the US will probably remain fairly consistent throughout that time in relation to anything that impacts me. Just prediction, of course, nothing more.

    The enemy I know is better than the enemy I don't, etc.

    Of course, no perfect decision. Just trying to do right by everyone best I can. I stay on my toes, as things change I do my best to as well.

    Thanked by 1Maounique
  • jarjar Patron Provider, Top Host, Veteran
    edited March 2017

    I still may expand overseas btw, I mean I have my concerns about my ability to have a legal standing there, but if people want it and I'm up front about who I am and where I reside, that seems like a solid plan.

    Plus not totally trying to step on Pavin's market. So it'd be clearly secondary.

    Thanked by 1MagicalTrain
  • MagicalTrainMagicalTrain Member
    edited March 2017

    @Jarland you will definitely have my (tiny tiny) business when you expand to the EU.

    Backup MX is always nice.

    Thanked by 1jar
  • mailcheapmailcheap Member, Host Rep

    @jarland said:
    I still may expand overseas btw, I mean I have my concerns about my ability to have a legal standing there, but if people want it and I'm up front about who I am and where I reside, that seems like a solid plan.

    Plus not totally trying to step on Pavin's market. So it'd be clearly secondary.

    Got to do what's good for the business :)

    If privacy is really important to someone, then they should use client-side encryption; everything else is a trade-off.

    Pavin.

  • MaouniqueMaounique Host Rep, Veteran

    mailcheap said: then they should use client-side encryption

    Yes and no.
    You cannot expect the regular joe the reporter to manage things like those and never slip. Also, even the best of us have bad days. One mistake and you are gone to the dogs.
    While if your data is extra encrypted on the server and not even the host can access it, you have 2 layers of safety instead of one, the possibility of both being broken at once is almost zero.
    The problem with the email people which don't know each other or even trust each other have is that not all use the same provider, so the content can be intercepted at the least protected end. That is why everyone should encrypt and, where possible, use own email system. EFF should help setup something, after all, it should be easier than Tor.

  • mailcheapmailcheap Member, Host Rep

    @Maounique said:

    mailcheap said: then they should use client-side encryption

    Yes and no.
    You cannot expect the regular joe the reporter to manage things like those and never slip. Also, even the best of us have bad days. One mistake and you are gone to the dogs.

    Any email provider worth their salt offers encrypted submission and transmission; so its not a case of one mistake and you being done for.

    While if your data is extra encrypted on the server and not even the host can access it, you have 2 layers of safety instead of one, the possibility of both being broken at once is almost zero.

    The provider can always access your data if they wanted to. If one has to trust the provider to encrypt data at rest, then its a trade-off. You're implicitly trusting some company, oftentimes a big faceless corporation to encrypt your data and hold onto their encryption keys.

    The problem with the email people which don't know each other or even trust each other have is that not all use the same provider, so the content can be intercepted at the least protected end. That is why everyone should encrypt and, where possible, use own email system. EFF should help setup something, after all, it should be easier than Tor.

    "Intercepted" where and by who? Encrypted submission and transmission makes sure the email is not intercepted by criminals in transit. Intercepted at the datacenter means a court order and the provider handing over the keys. This is where I truly believe the EU is better; at least you don't have to worry about FISA courts and illegal surveillance.

    If you want to be protected from criminals, choose any solid email provider that offers encrypted submission and transmission; if you're running from the govt. you need to use client-side encryption and without a doubt you have to be very careful even on bad days because why? ** You're running from the govt.**

    Pavin.

    Thanked by 1Yura
  • YuraYura Member
    edited March 2017

    +1 to what Pavin said.

  • MaouniqueMaounique Host Rep, Veteran
    edited March 2017

    mailcheap said: Intercepted at the datacenter means a court order

    We all know that is not how it is done. we also know that, if an order is given, is also abused much beyond it's scope. These are facts, who does not wish to believe them, or trust some government agency, their business.

    mailcheap said: Any email provider worth their salt offers encrypted submission and transmission; so its not a case of one mistake and you being done for.

    That is not what I meant and you know it. I mean intercepted at the other end, say, I send mail from my protonmail account to an yahoo email. I leave aside the third party hacks and only consider court orders dealing with "national security" because some 3 letter agency has a favour due to some chinese agency and nobody really cares or watches what are those used to, after all, some terrorist organizations are recognized by the chinese too. Reporting on chinese crackdown on muslims, for example, may be considered hampering the crusade, therefore, spying on email of someone doing that completely justified for Trump driven whackjobs. If we rely only on our own encryption, say, due to the pressure on getting the article on time, something is screwed up and encryption does not happen. You cannot take back your email, you know, then the chinese authorities know and you are sent to prison or worse, because http://www.reuters.com/article/us-china-policy-law-idUSKBN1500OF

    mailcheap said: "Intercepted" where and by who? Encrypted submission and transmission makes sure the email is not intercepted by criminals in transit.

    See above. I find it concerning someone entrusted in handling emails of subscribers has no idea how surveillance works and is putting any faith in some laws.
    The secret agency are secret because they have to abscond from the law. So called parliamentary supervision and special courts are only rubberstamp organizations where carefully picked people with black files kept secret are giving their approval for whatever "is needed".

  • mailcheapmailcheap Member, Host Rep

    @Maounique Conspiracies aside, no honest provider is going to hand over data without a valid court order. If someone/some agency is willing to break the law, they can easily get a $5 wrench and beat it out of you; no amount of encryption is going the save you from a determined foe who's above the law. This is exactly why you need the law.

    Pavin.

  • MaouniqueMaounique Host Rep, Veteran
    edited March 2017

    mailcheap said: no honest provider is going to hand over data without a valid court order.

    Honesty has nothing to do with it. If the alternative is to be charged with helping terrorists or child molesters, your "morals" and religion will not allow you to remain on "the wrong side of the law". You will still remain honest to your religion and morals, you will help the good guys win the good fight in god's name.
    This should not be left to the appreciation of the spy agencies or providers, if you want your data private, you should never rely on the law or courts. It is either too expensive, too slow, too cumbersome, too stressful and too much pressure on you to find justice, it may be too late anyway, even if we consider they wont hack into your server and download whatever they want, court order or not.

  • @mailcheap said:
    Conspiracies aside,

    Given all that's been reported since at least Snowden, this is no longer a valid way to dismiss concerns.

    no honest provider is going to hand over data without a valid court order.

    In the US, ISPs are currently lobbying to do exactly that for nothing more than a few dollars.

    This is exactly why you need the law.

    The law is increasingly being sold to people who have no interest in protecting your rights.

    Thanked by 2Maounique Waldo19
  • mailcheapmailcheap Member, Host Rep

    I think we've come full circle as to why you need client-side encryption. See my above post.

    Pavin.

  • MaouniqueMaounique Host Rep, Veteran

    mailcheap said: I think we've come full circle as to why you need client-side encryption. See my above post.

    Nobody contests that, however, it is not enough and may not work in all conditions. As more providers provide encryption, it will be increasingly hard to single out people and pressure them, not to mention retrieve the private/anonymous data. It is like arguing that SSL should be enough to offer protection for privacy/anonymity.
    I may understand if the argument is difficulty to implement something like that, but if it is "my morals and the law" are enough to protect someone else's privacy, then we have a problem right there.

  • mailcheapmailcheap Member, Host Rep

    @Maounique said:

    mailcheap said: I think we've come full circle as to why you need client-side encryption. See my above post.

    Nobody contests that, however, it is not enough and may not work in all conditions. As more providers provide encryption, it will be increasingly hard to single out people and pressure them, not to mention retrieve the private/anonymous data. It is like arguing that SSL should be enough to offer protection for privacy/anonymity.
    I may understand if the argument is difficulty to implement something like that, but if it is "my morals and the law" are enough to protect someone else's privacy, then we have a problem right there.

    If not for client-side encryption what're you suggesting. At rest data encryption? And what would be the potential benefit to encrypting at-rest data already sitting in a secure datacenter?

    As I see it:

    Most email providers now have their data in a secure datacenter/multiple secure DCs. This data is accessed by users and transmitted b/w servers using SSL encryption. In addition, providers such as myself offer webmails that support client-side encryption.

    Now consider something like Protonmail: which offers additionally at-rest encryption and feed you a lot of BS about how they store data not in the cloud and how CH is a privacy haven when in fact its no different than any other EU country (esp. after the recent surveillance laws passed there).

    From the perspective of a criminal trying to access your data: in both cases its not possible.

    From the perspective of a valid court order: in both cases the provider has to comply and hand over the keys/data.

    I'm genuinely interested in privacy -not nearly anonymity- and if there is some obv. advantage to at-rest encryption I'm more than willing to hear it out.

    Pavin.

  • @mailcheap said:
    If not for client-side encryption what're you suggesting. At rest data encryption? And what would be the potential benefit to encrypting at-rest data already sitting in a secure datacenter?

    Overreach. Protection of metadata. Those seemed to be the issues that Lavabit shut down over. It's naive to assume your data center is absolutely secure from all forms of compromise. It may be a bit much to expect a mass market email provider to go the extra mile, but it reflects poorly on any provider when they speak against the very idea of additional security.

    From the perspective of a criminal trying to access your data: in both cases its not possible.

    Famous last words. Breeches happen all the damn time. Sometimes the criminals are actually from the government.

    From the perspective of a valid court order: in both cases the provider has to comply and hand over the keys/data.

    They can fight it if they feel it is unlawful despite being "valid". But there's very little you can do to put the genie back in the bottle if your unencrypted servers were already seized.

    Thanked by 1Maounique
Sign In or Register to comment.