Forward Email (new features)

Privacy Project Showcase
45

:wave: Hi folks and happy new year! :tada:

To keep you folks apprised, here’s a brief update!

We’ve recently optimized and refactored the entirety of our MX server in our codebase and merged it into our GitHub monorepo. This means our code is way more maintainable and easier for community contributions. We’re also actively working on self-hosting (@shaunw is leading that effort) and have made a lot of progress (e.g. think 1-click deploy). As of today, we’re still the only 100% open-source email provider.

We’ve released two highly-requested features in the past few weeks:

  1. All messages now (including forwarding) support OpenPGP/WKD. This means IMAP and forwarded emails support PGP encryption. Note that since Proton Mail rewrites your emails, we do not support PGP encryption for Proton Mail and it is explicitly disabled in our codebase, see https://github.com/forwardemail/forwardemail.net/blob/ce46d825d9963c90a026f93fddaec2630109a7dd/helpers/send-email.js#L225-L244 for insight. If we did not go with this approach, then a banner would appear in your Proton Mail inbox warning you about the message (since they rewrite headers, see 1, 2, 3, and 4 for more insight).

  2. :beach_umbrella: We also released our vacation responder :palm_tree: (e.g. out of office auto-reply) feature, see x.com for more insight. We use this feature ourselves in order to send an automated reply whenever someone emails support@forwardemail.net.

:scroll: We’re still working on our whitepaper and hope to release it this year – and then conduct 3rd party security audits afterwards.

:earth_americas: :floppy_disk: Currently we are transitioning our infrastructure to a new data center with bare metal hardware (think 10 new servers running blazing fast AMD powered hardware :tada:). Over the next few weeks we’re warming up those IP addresses and will be introducing them.

Our plan is to move away from Vultr and Digital Ocean completely (or as much as possible). This new data center is powered by DataPacket, which are the same folks that power Mullvad – and a company we take inspiration from.

We put an extensive amount of R&D time and effort into our new infrastructure. We focused down to the hardware and on performance, e.g. AMD processors which are incredibly performant for single-core apps running Node.js (single-threaded). We also have lightning fast NVMe SSD drives with LUKS encryption :key: and multiple upstream connections running to the servers. A lot of time went into benchmarking, cost comparison, and reliability comparison. For some insight, we also explored:

  • PiKVM for remote KVM and bastion management.
  • Libreboot, Dasharo (with custom server hardware), disabling Intel ME on on 1-2U servers, trusted boot, custom switches (e.g. with pfSense), etc.
  • Experimenting with Apple Silicon, Ubuntu Asahi, Mac Mini’s in 1-2U racks (with 3D printed rack mounts and remotely controlled servos).
  • Touring data centers in-person & reviewing contracts.
  • Discussing custom hardware quotes with Apple Business (ultimately we chose AMD for our processors).

We’d love to go into more detail, but we’re a small team & limited on time! :pray:

Happy new year,
Forward Email
https://forwardemail.net

19 Likes