Since June 2009 I’ve been using Gmail for my email, and I have to admit it’s been great. Really convenient, excellent searching facilities, available from anywhere. In terms of ease of use it’s a huge step forward from my old approach, using GNU Emacs’s “vm” package and manually syncing mailboxes between my desktop and laptop as necessary.
But in light of the latest round of revelations of the NSA taking a giant-sized dump all over the Internet, that’s got to change. I need to take control of my own email. (And no, NSA spies, it’s not because I have something to hide. It’s because my personal correspondence is none of your damned business.)
But I have no idea what I should be using instead — it’s years since I paid any attention to MTAs, largely because Gmail has been so good. So can anyone tell me what I should be using?
Here’s what I need.
- It has to be open source. Not because I won’t spend money, but because that’s the only way the code can possibly be trusted not to be backdoored.
- It has to keep archives on my own computers, not on some other entity’s host.
- It has to be able to build indexes of those archives so I can meaningfully search my email. (I assume I can keep both archives and indexes on encrypted partitions.)
- It has to support PGP in the most painless possible way, both for signing all my mail and encrypting when sending to someone who I have a key for.
- I want it to be usable both on my Ubuntu desktop box and my MacBook.
- I want it to automatically synchronise between those two machines without my needing to do anything.
- I’d like it to be usable from a mobile device, too, though I’m not sure at the moment how that could work.
Any suggestions? Recommendations? Warnings of what to avoid? Have I forgotten anything?