This is my blog.
When I write shell commands in code blocks, anything that should be run unprivileged is prefaced with $, and anything
that should be run with root privileges is prefaced with #. e.g.
$ vim _index.md
means to run vim _index.md as an unprivileged user.
# rm -rf --no-preserve-root /
means to run rm -rf --no-preserve-root / as the root user, e.g. with doas rm -rf --no-preserve-root /.
Let’s say we want emails on our mail server to be encrypted at rest, such that only the user has the key. Luckily, there already exists a popular solution for encrypting emails such that only the recipient can read them: OpenPGP.
Using Dovecot Sieve scripts, we can easily PGP-encrypt all incoming email for a user.
A lot of people have done this before, and I didn’t come up with the idea. Please see the Further reading section for some recommended articles I referred to.
Simply put, a mail server sends and receives email. When ruby@protonmail.com emails klaasje@gmail.com, Protonmail’s
mail server’s MTA sends the email to Google’s mail server’s MTA. Google’s
MTA then passes the email on to Google’s MDA, which is responsible for storing
the email. MDAs also run IMAP or POP3 servers so you can read your emails and send emails with an email client.
IMAP and POP3 are protocols for email retrieval over TCP/IP.
For sending email, you would use SMTP.