As someone in infosec, how do you handle your personal email?

@noplasticshower I self-host with Dovecot 2.3 + Postfix on a VPS.
No issues with TLS so far — using Let's Encrypt with SNI for multiple domains.

SPF/DKIM/DMARC all set up with hard fail. Deliverability has been surprisingly good.

Honestly the hardest part was getting the PTR record right with the hosting provider. Once that matched, everything was ok.

What TLS issues are you seeing on 2.4? Curious before I upgrade.

@hotarubiko thanks a lot for this view , very interesting. so basically Proton, provide you the key that they also have in their server ?

@Prometheus nice to know, any other similar services you know ?

Quick question for the infosec community: what email encryption standard do you recommend in 2026?

I have been comparing X25519 (Curve25519) vs RSA for key exchange. X25519 is ~500x faster for key generation with 32-byte keys vs 256+ for RSA.

Anyone using ECIES pattern (X25519 + HKDF + AES-256-GCM) in production?

#infosec #encryption #email #privacy

I'm using standard email solution right now, and want to see if there is good alternative ?

As someone in infosec, how do you handle your personal email?

I got tired of Gmail reading everything, so I built a self-hosted
alternative with:
- X25519 + AES-256-GCM encryption
- Postfix/Dovecot on a French VPS
- SPF/DKIM/DMARC + fail2ban
- An AI cockpit that classifies urgent vs noise

Curious what setups other infosec people use. ProtonMail?
Self-hosted? Something else?

#infosec #email #privacy #selfhosted #encryption