Hi all,
A little background:
A while back I stepped away from GMail as my main mail provider because of privacy concerns (now confirmed), but I am still not happy with my current e-mail. Mainly I am hosting with a big US based webhost that includes e-mail.
What I'd like is to host my e-mail in a country like Germany or Sweden or something. I'd rather not host in my own country (the Netherlands) because I think it might be a good strategy to not do so.
My question:
How can I setup e-mail in a rather 'NSA-proof-way' (as a HN post called it) without (preferably) resorting to self-hosting.
Main points of interest (from 'security' point of view) (feel free to add/subtract in comments):
1. SSL/TLS (obviously)
2. Some type of encryption on the server (see 3.)
3. Preferably an employee of the company can't see my e-mails (hard one it seems?)
4. Country's laws should make it hard to gain warrants for the e-mails
Apart from this some practical issues come into play:
1. Storage space (2GB <)
2. Number of mailboxes (8+)
3. Number of connections ('many' devices)
4. IMAP, SMTP, (Push has lost love?)
5. Reliable service
6. Good support
7. Webmail
8. Either backups or SSH access to do that myself
Have I left anything out? (it is late)
I understand that encryption on the server is something you can do better yourself (http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/), but as far as I have understood managing your e-mail server is not much fun and can be a huge pain. I have to somewhat be able to rely on my e-mails working. I also understand that despite me caring about e-mails being encrypted, my recipients probably use GMail anyway, but THAT is outside of my control.
Pricing is less important as I'd first like to find out what the options are.
Any help/suggestions? Google has not been a great advisor on this one.