wth

Apple’s approach to privacy is actually pretty good (given their competitors). Its not perfect, but its improving.

They provide a number of E2EE tools, such as passwords/keychain, health data, home data, iCloud messages, payment info, safari tabs and history. You can also now select « Advanced Data Protection » which provide E2E encryption for iCloud Backup and iCloud Drive.

Apple fought the government over getting tools to unlock devices, although in the end the government can just buy 3rd party tools to do it. Having said that - given the National Security Letters at the time, its possible that Apple had to hand over the tool anyway.

Do you get the same from Google with your android phone? Dropbox for your storage? Your phone company for SMS? None of those provide E2EE. There are other tools out there that can do E2EE, but apple does provide a fair number. Again - they are not perfect.

Repairability has just never been a high priority for them (which is bad). But it is becoming so, thanks to various governments forcing the issue.

I’m an old Linux-head (actually started out developing tools for 10’s of variants of unix - compilation flags providing custom versions). I would love to have my mac mini running linux though, that would be awesome. I don’t think you can yet.

I think their engineering is pretty good, personally. I travelled a lot with a laptop from 2000 to about 2020, and my windows laptops would always die after 2 years - hinges, cracks in the body, screen cracks and so on. Moving to apple’s laptops in about 2011 meant I got 5 years out of each (air then a pro). I’m now on a second pro, but the old pro is still trucking along.

I’m not going to defend all their decisions, there’s a lot of questionable stuff in there (keyboards, sticking to lightening, mice…). But their hardware, both laptop, mini and pro) has been solid.

You are right about repairability. I think that has never been a key feature for them hence the glue, security screws and other crap. Fortunately there are governments around the world that are pushing for repairability, consistency with usb-c, replaceable batteries and more. So I think all manufacturers will be upping their game now, which is awesome.

All manufacturers reduce cost - supply chain management and manufacturability are the processes to drive that. Apple are really good at the supply chain side, that was Tim Cook’s focus as COO. What I don’t like is that they are able to keep their incredibly high margins (far higher than any other manufacturer) thanks to their software, interoperability and walled garden.

I have a lot of apple kit - I appreciate their over-engineered approach to a lot of hardware, and I like their approach to privacy.

But they do make mistakes in design - the puck, the aerials, butterfly keyboards, unrepairability of design…

And one thing I really hate is their response to those errors. Its almost always to blame the user. I just wish they would be honest.

And the puck mouse.

Client behavior has nothing to do with email delivery though. That being said, I run my own mailserver and have MacOS/iOS clients and have never seen a connection error.

Never! Impressive to not even have a transitory error. Congratulations. My comment on client connection was nothing to do with delivery and more to do with user’s being annoyed at errors. But since you never get errors…

My 5 year old brother color laser is awesome. Cheap to run and toner doesn’t dry out, and it doesn’t wake up in the middle of the night and clean (i.e. use up) the ink.

However having seem comments like this, I think I will hold off on any firmware updates.

While technically that is true, if you have any other users they will be annoyed. And anyone running iOS will almost immediately get regular popups about the mail server being down (because iOS checks for new mail frequently - and yes I know this can be adjusted) and so they will be telling you straight away.

Also - I’m not convinced that all email servers obey the SMTP standard.

I forgot to mention - spam isn’t too bad with a well trained SpamAssassin.

Plus you will need to learn your virtualisation tool really well because of all the networking routes required and operating it on the command line. VBoxManage is your friend, but its just not friendly.

From a security perspective - I did everything in Linux, and only opened the required ports (plus ssh, which I moved to a random high port number). I have auto-update on for security patches, but NOT for regular patches (because Zimbra tends break things, so you need to snapshot first).

I’ve been running my own mail server for about 15 years now… Let me offer some insights.

• Its used by me and the family, so I do have other users who expect things to work.
• I used commodity hardware, with a Linux host (and guest).
• the mail server runs in a VM, so it is trivial to: stop, copying the VM to USB, restart.
• Maintaining uptime isn’t too bad, but when the mail server goes down, you need to get onto it quickly. I’ve had power supplies fail, HDD’s fail, memory fail.
• If you should happen to be out of town when a failure occurs (I’ve had this twice), then the server stays dead until you are back. That does not make your users happy. If its more than 4 days, then the SMTP standard says email is lost.
• There have also been a few software issues with Zimbra (my current tool) - the stats daemon filled the disk, the upgrader broke permissions all over the place multiple times. Each of these requires time to investigate, research online etc. Snapshotting is awesome! Right now I have a problem where the VM disk file is growing, but the space used inside the VM is not. I have zero’d out free space and compacted the VM but don’t know why it is happening yet. More research needed.
• You will learn to hate blocklists. There are many, and there are meta blocklists. You have to watch them because at any time, you will be added and your email will silently get dropped. Sometimes the blocklist trashes whole subnets because of a single actor, sometimes even more, and so you will get included due to other bad actors. Getting off a blocklist is hard… you send emails, you fill in web forms, you look for a contact details, you wait… Then some number of days/weeks later, you are off again.
• You have to learn DKIM, SPF, DMARK, managing DNS etc.
• I used to use self-signed certs and live with the warnings. Now I used Lets Encrypt, which is awesome!.
• You can try to get reverse DNS working, but that’s up to your ISP (who usually don’t care, so good luck). No rDNS can be viewed as bad by email recipients so your spam score starts at >0.
• If you run it at home, you will be part of a block of IPs that are known to be home users, so your spam score starts at >0.
• I’m lucky in that I run it on a spare public IP address on my server housed at work. But that will need to change soon.

I started using native Linux mailboxes, later added roundcube (web UI), investigated Mailinabox, but now use zimbra. That gives me calendar/contact sharing, email/calendar/contacts to iOS devices (which is the main way my family get email), and lots more. Moving data from one to the other took a couple of days of effort. (Yeah… I know its supposed to be trivial, but its not when you include tool research, testing, execution one at a time etc).

Bottom line - you will learn lots, you will lose many weekends and sometimes a weekday here or there as you try to handle emergencies, it will never be set-and-forget.

My original rational was learning, privacy and my own domain and nicer looking email addresses than [email protected]. I’m looking for an online alternative as its time to lighten the load, but I have a lot of services that we use in Zimbra.

Good luck with it!

I can’t find it now. But I took an image while waiting for a crash… https://files.catbox.moe/3om0a8.jpeg

Note that as I said later my scrolling ability seemed limited.