Hi everyone,
First, don't get over-excited about the title of my post -- that's pure conjecture at the moment, and even if it could come true, it would come with a load of caveats.
I'm the main developer of SquirrelMail and have quite a number of years of mail server experience (I make my living as a consultant for people running such systems). I'm also a big security and privacy advocate, and am no stranger to pretty much any topic around these parts. In fact, I helped the RuggedInbox admins when they were considering adding GPG to their webmail interface, and I've run mail over Tor since the early days of Tormail.
I have recently started working on a privacy-oriented email system that we had planned to take public later this year, but I randomly came upon the fact that RuggedInbox seems to have shut down for good and thought maybe we could help...
It is conceivable that if the RuggedInbox admins wanted to hand over the password hashes for their users, we could resurrect all accounts. In fact, I suppose if they want to hand over the domain, or just redirect their MX, we could keep your mail flowing. I suppose we could take all the email data, too, but that could be a bit much.
Mind you, I've not spoken with the admins, and moreover, I'm VERY MUCH NOT looking to get into the same boat that they've been in (props to them for sticking it out so long). I've seen systems attacked by DDOS, I've seen CAPTCHAs demolished, and I've watched spammers send out their filth, triggering widespread blacklistings and it's no fun.
I am a strong believer that people should be able to find a free email account that they can use without their home IP address being exposed to recipients. I don't think you should have to give your mobile number to get a simple email account. Yet, even just these two things are VERY hard to come by, at least in one place. However, the reason for this is as much practical as it is tin-foil-hat: spammers & scammers ruin it for the rest of us. It's one thing to make a strong stance as a privacy advocate, but when people abuse your service to the point that no one else will accept your email, it becomes pointless. So, sadly, you end up with these choices that coincide with anti-privacy interests: take something from your users that links them to their real world identity.
Our planned approach to this has been something of a hybrid: we'd be offering free accounts, but they'd come with fairly restrictive policies. You'd have to pay to get more features and less restrictions. Best part is that Bitcoin payments would be welcome, allowing for users to retain their privacy during signup.
Yet, there's still the DDOS problems and the consistent stream of anonymous attacks coming via Tor, but I digress.
Our service is currently operational, but it's far from feature-complete. There are some key differences, both positive (offers automatic encryption of all incoming email, other important privacy-oriented features) and negative (I'm not coming at this as an anonymous party). There's lots more to be said, but let me not digress any further.
I'm putting this out to both the community and the admins of RuggedInbox to see what interest there is... and again, mind you, our launch was not intended to come nearly this soon, so there would probably be plenty of migration headaches if we were to attempt such.
Let me know what you think,
Paul
Thank you very much for your answer Paul. I think it is a first message after Ruggedinbox said that they want to give up.
Anyway if there is a chance at least save the domain name and all mailboxes that would be great. Ruggedinbox have been unique service exactly what many people were looking for:
very simple, full of privacy, with a little space and not commercial. So I am ready to pay for the service like that because I have been sure that it is something that guys full of enthusiasm and brave enough to make real privacy service for real people...
Hope that ruggedinbox gonna get back soon. And again I am ready to pay for the service like that.
