9 comments

[ 4.7 ms ] story [ 25.7 ms ] thread
New rule: I'm not upvoting any kickstarter links from unknowns without a working product.
> to your existing email accounts

This implies to me that it will work on top of my existing gmail/yahoo accounts. I take it that's not the case?

> Mailelf is built to make running your own server easy

Elsewhere it says that you simply download and run the app from your computer. How is that 'running a mail server'?

In order to back, I'd need a lot more detail to convince me that the project author has a deep understanding of how the proposed system will work. A good start would be to outline how email works now, and how Mailelf will differ from e.g. Thunderbird setup with a PGP plugin.

Additionally, how the recipient is supposed to read the encrypted email isn't addressed in the description.

Mailelf will certainly work with your existing accounts. That is the primary goal so that people don't have to change email or providers. We want normal people to be able to easily use this application (which happens to have some server features). We would like to ultimately provide MTA features. However, if you know what you are doing you can already run exim or postfix as your own MTA.

The initial Mailelf app will act as a MUA (client) and take care of handling key exchanges and securing messages between other Mailelf users and existing PGP setups (existing asymmetric cryptography).

Enigmail is a great way to get stated using PGP, but it is still too high of a barrier for most people who want something more simple.

How are you protecting against the likelihood that the US Government will require you to install plaintext intercept capabilities into this (for decryption keys, etc.)? (And also that they'll gag you from revealing this, open source or not.)
... how would they gag the release of this capability in an open source product that I download and compile on my machine?

boggled

I hadn't realised you'd need to compile it from source. Oh, well, there goes the accessibility.
We will have a transparent build process to provide pre-compiled applications for users that simply want to download the run the application.

Compiling from source is encouraged though. We will provide a video guide for those that want to compile the project themselves.

That might make an interesting commit message "Pay no attention to the NSA plaintext forwarding behind the curtain". I'm sure out of hundreds of developers no one would mind. :)