Hi AT
I am working on a little side project and would appreciate a critical eye to point out any flaws in my reasoning, as I don't fully understand all of these technologies yet!
My father (an IT Pro, not really networking field though) and I got talking about what is going on in the US right now with PRISM and are thinking about installing an email server for private use, basically just for him and I and maybe my mother and sister as well (meaning not exactly high traffic).
I realize that doing so will not keep my communications out of the clutches of government snooping as even if they are secured top to bottom on my end, the people who I email and who send me email probably aren't taking the same precautions and many of them will be hotmail/gmail/whatever users so it can just be read from their inboxes instead. I am doing this for several reasons, ranging from I want to learn how to symbolic eff you lawmakers (I'm Canadian, but our NSA equivalent is part of the "Five Eyes" and therefore isn't what I would call trustworthy either). Anyway, Down to technology!
I should also note that we also at the time discussed ourselves up (forgive me if I misuse any of this terminology) as mutually redundant proxies, so that all our web traffic goes through one another's server first. Upon considering that though, I don't think that actually gains us anything since I plan to use my existing commercial VPN provider (he'd have to get one too), meaning all our traffic would already be anonymous (or is this a false assumption?)
Plus, I would have to probably get a business class internet package because 768kbps upload is not gonna cut it for routing netflix ><
Essentially, the layout would be like this. We would both have a box set up running an email server (I am most comfortable in the microsoft ecosystem as is he, and I might do it at first with Svr 2012 + exchange just to learn how (I got a technet subscription like 3 weeks before MS announced they were axing the program, yay fortuitous timing!)...but obviously licensing costs would make that a pretty dumb choice for the actual servers we use for only 3-4 users, so probably some flavour of linux like CentOS).
These computers would basically just be low power file servers, probably built on a haswell i3. I'd use DynDNS to point to them (so our email domain will end up being something like duncan-idaho@username.doomdns.com or whatever subdomain I use) They could function as routers if they were on the network edge, but again I am not sure this gets me anything that I don't get from using my existing router (Cisco RV220w). I would probably get my father to get a similar router if not the same model and then set up a site-to-site SSL VPN.
This is where I start not really knowing how to do this - I have two linux boxes set up to serve email and they can talk to one another through a site to site SSL VPN - but how do I make them actually provide redundancy for one another? In the MS ecosystem, I might at this point think it would be easier to use Hyper-V, make the servers VMs, and cluster them using Server Manager...but I don't know if that is even the best way in the MS universe. Is there a linux email server that you can easily mirror with a second server at a different physical advice, or am I coming at this from the wrong angle entirely?
Guidance appreciated!
I am working on a little side project and would appreciate a critical eye to point out any flaws in my reasoning, as I don't fully understand all of these technologies yet!
My father (an IT Pro, not really networking field though) and I got talking about what is going on in the US right now with PRISM and are thinking about installing an email server for private use, basically just for him and I and maybe my mother and sister as well (meaning not exactly high traffic).
I realize that doing so will not keep my communications out of the clutches of government snooping as even if they are secured top to bottom on my end, the people who I email and who send me email probably aren't taking the same precautions and many of them will be hotmail/gmail/whatever users so it can just be read from their inboxes instead. I am doing this for several reasons, ranging from I want to learn how to symbolic eff you lawmakers (I'm Canadian, but our NSA equivalent is part of the "Five Eyes" and therefore isn't what I would call trustworthy either). Anyway, Down to technology!
I should also note that we also at the time discussed ourselves up (forgive me if I misuse any of this terminology) as mutually redundant proxies, so that all our web traffic goes through one another's server first. Upon considering that though, I don't think that actually gains us anything since I plan to use my existing commercial VPN provider (he'd have to get one too), meaning all our traffic would already be anonymous (or is this a false assumption?)
Plus, I would have to probably get a business class internet package because 768kbps upload is not gonna cut it for routing netflix ><
Essentially, the layout would be like this. We would both have a box set up running an email server (I am most comfortable in the microsoft ecosystem as is he, and I might do it at first with Svr 2012 + exchange just to learn how (I got a technet subscription like 3 weeks before MS announced they were axing the program, yay fortuitous timing!)...but obviously licensing costs would make that a pretty dumb choice for the actual servers we use for only 3-4 users, so probably some flavour of linux like CentOS).
These computers would basically just be low power file servers, probably built on a haswell i3. I'd use DynDNS to point to them (so our email domain will end up being something like duncan-idaho@username.doomdns.com or whatever subdomain I use) They could function as routers if they were on the network edge, but again I am not sure this gets me anything that I don't get from using my existing router (Cisco RV220w). I would probably get my father to get a similar router if not the same model and then set up a site-to-site SSL VPN.
This is where I start not really knowing how to do this - I have two linux boxes set up to serve email and they can talk to one another through a site to site SSL VPN - but how do I make them actually provide redundancy for one another? In the MS ecosystem, I might at this point think it would be easier to use Hyper-V, make the servers VMs, and cluster them using Server Manager...but I don't know if that is even the best way in the MS universe. Is there a linux email server that you can easily mirror with a second server at a different physical advice, or am I coming at this from the wrong angle entirely?
Guidance appreciated!
Facebook
Twitter