pfsense and OPNsense are incredibly similar as it’s a fork of pfsense but I can’t recommend it highly enough. It’s been amazing. Very stable, powerful, and easy work to work with.

They know exactly what they’re doing. Money talks, they don’t care that they’re destroying the platform. But they will when they realise what they’ve done is going to lose them money and hopefully tank their IPO.

Doesn’t seem it’s currently being developed which is a shame. I believe you can get a promo code for being a customer prior to their shutdown. Really hope DIME hits big. So sick of email. So old, only auto encrypted between users of the same paid platform, damn near impossible to self host for free, need to pay just to use a custom domain or have an alias.

Still run by the same creator that shutdown to stop gov gaining access to encryption keys. Their work on DIME (Dark Internet Mail Environment) looks quite promising and would appear to disagree with your statement.

https://github.com/lavabit/pahoehoe

It’s called Lavabit proxy. In case you doubt that link too. Their other projects that are on their website are under the same account.

If you click the link I provided it takes you to the app on the google play store which also links to their website and is registered under Lavabit LLC. Additionally if you search for the app it is open source and attached to their GitHub account.

Thanks for the awesome write up. This is a great workaround for the best of both worlds. You are a gentleman and a scholar.

Currently the app doesn’t have a lot of the functionality I require like split tunneling but I have great respect for Lavabit seeing as they were one of/if not the first encrypted email service to arrive, utilised by Edward Snowden, and decided to close shop rather than divulge keys to the gov when requested. Plus they are currently working on a new encrypted email protocol which I would like to utilise when available.

I won’t be using Proton as they seem to follow Apple’s premium pricing philosophy and require account creation. Mullvad is more respecting of privacy via not needing an account but the only anonymous way I see of paying for their service is by sending cash to them via post which isn’t very economical.

Was planning on hosting from my home server. Will definitely read up on those protocols and the recommendations. Have certificates and domain routed through Cloudflare. ISP is Optus but it’s not a business connection so that could be problematic r.e: spam filters :/

Sweet thanks. Only other thing I’ve been concerned about is opening ports into my network. Anything you’ve done to increase the security with this in mind?

By VPS I assume you mean I would need to spin up a new Ubuntu VM instead of say run it in docker along with a bunch of other services. Or are you saying I’d need to have a completely separate barebones machine?

I’m currently running OPNsense virtualised in Proxmox. It’s a little confusing if you haven’t run a custom firewall before but the setup was relatively simple and works flawlessly now that I understand it a bit better. The only downside being if you are running it on the same machine as your services and need to restart, your network will go down as well. Ideally I will get another machine just for network services as it sounds like you are doing.