Mounting your email?

Email
Comment *
File	Select/drop/paste files here
Password	(Randomized for file and post deletion; you may also set your own.)
* = required field	[▶ Show post options & limits] Confused? See the FAQ.

Flag
Oekaki	Show oekaki applet (replaces files and can be used instead)
Options	Do not bump (you can also write sage in the email field) Spoiler images (this replaces the thumbnails of your images with question marks)
Allowed file types:jpg, jpeg, gif, png, webm, mp4, pdf Max filesize is 16 MB. Max image dimensions are 15000 x 15000. You may upload 3 per post.

File (hide): df9e727130aa0ef⋯.png (5.58 KB, 255x197, 255:197, nfs-folder-icon.png) (h) (u)

File (hide): dc1ee19bce22c4b⋯.jpg (14.13 KB, 480x360, 4:3, hqdefault.jpg) (h) (u)

▶Mounting your email? Anonymous 07/04/18 (Wed) 23:36:57 No.938587>>938935 [Watch Thread][Show All Posts]

So while browsing through the mutt wiki on gitlab, I come across this statement.

>you have to get your mail transferred somehow. In organizations this sometimes is provided via NFS, which means the remote mail-server filesystem appears on your local machine as if it were local, too (keyword "mount"). As end-user normally you don't notice a difference, and likewise there is no need for you to configure anything with your MUA. As regular private user (or even in organized environments) you typically have to download (and can even store back) your mail via IMAP or POP

This makes me wonder. Would it be practical or reasonable for the average email self-hosting anon to do this for his mail, bypassing IMAP or POP entirely and just mounting the mail directly? It doesn't sound completely crazy when you think about it. Looking at Debian's documentation for NFS:

>There are three different modes that nfs can operate in with Kerberos, which should be specified in the mount/export options:

>krb5 Use Kerberos for authentication only.

>krb5i Use Kerberos for authentication, and include a hash with each transaction to ensure integrity. Traffic can still be intercepted and examined, but modifications to the traffic will be apparent.

>krb5p Use Kerberos for authentication, and encrypt all traffic between the client and server. This is the most secure, but also incurs the most load.

so with krb5p, you'd be able to encrypt the transfer too!

Or hell, since setting up Kerberos for this would be a bit overkill, why not SSHFS?

You could legit mount the email over SSHFS!

Am I retarded?

▶Anonymous 07/05/18 (Thu) 00:23:43 No.938600>>938601

Yes you're retarded but the cool kind of retarded I want to see this implemented

▶Anonymous 07/05/18 (Thu) 00:28:22 No.938601

>>938600

to be perfectly honest, I don't actually self-host yet. cock.li is good enough for me. But when I do eventually self-host, I am absolutely gonna do this.

▶Anonymous 07/05/18 (Thu) 01:03:56 No.938606

oh and it would certainly be way simpler/more minimalistic with SSHFS. You wouldn't have to install an IMAP/POP3 solution on the server. Although you would have to get the libfuse stuff on client-side

▶Anonymous 07/05/18 (Thu) 10:00:16 No.938731

It's completely practical, but you can't exactly use this unless you're self-hosting, since you need access to the actual maildir.

Plan9 serves email on the filesystem using 9p, which is an even better solution since it can be implemented on top of any other protocol.

▶Anonymous 07/05/18 (Thu) 18:29:26 No.938935

>>938587 (OP)

It's completely possible, even practical. Host your own mail server, set your SMTP daemon to deliver to a maildir and do whatever you want with the directory.

My workflow for my primary email account is to ssh into a VPS running OpenBSD and OpenSMTPD and open mutt. On my machine mutt reads from a mbox-type mail spool, although I could easily set that up as maildir if I wanted to go to the trouble of converting my mailbox and updating my configs. I use scp to transfer attachments between my server and desktop. I don't run IMAP or POP daemons at all.

▶Anonymous 07/05/18 (Thu) 19:05:20 No.938944>>939809

Some of the early Linux distro sites-- this being back around 1992-- provided NFS access. (Sunsite being one?)

They didn't bother with the Kerberos shit, because it was a PITA just to get working, and the Smart People allowed on the Internet back then knew it was retardedly pointless to fantasize that MAGICAL SOFTWARE IS SECURE.

▶Anonymous 07/07/18 (Sat) 19:42:32 No.939809

>>938944

That's what content and package signing is used for. Secure transport layer between you and some domain name impersonator is everything you can be sure of on today's web, not the content origin or authenticity, unless it's software packages and you got the keys from developers in person.

▶Anonymous 07/08/18 (Sun) 12:31:12 No.940134

I would not bother with Kerberos or SSH and use OpenVPN instead. This way you only have to worry about security and encryption once and can use the remote machine as if it was part of your LAN from then on.

/tech/ - Technology★

General

WebM

Theme

User JS

Do not paste code here unless you absolutely trust the source or have read it yourself!

Favorites

Customize Formatting

Filters