What is a Private Email Server and Why Does It Cause a Big Fuss?
As most voting-age adults in the United States have heard, someone running for the highest office in the land has made the news in a big way for arranging a unique way to receive their emails.
This person set up a private email server. Politically, it has been one of the biggest news stories of 2016.
But that's politics. However, the whole topic of what is a private server and how it works has gone mostly unexplained. This article addresses that. It won't clear up what all the fuss is about; but it will give you straightforward insights into what (technically and technologically) this high-profile person did, along with a little bit of why they did it.
It also answers a question that might have crossed your mind: Can anybody, including you, set up their own private email server?
And should you?
No. Don't set up a private server.
That's the message from IT and security experts on the topic. You'll learn why they say that soon enough.
But first—what is a private server?
A private server is a physical computer that you own and operate, and has all the operating systems, software and programs in place to provide essential services, including email. "Need a textbook definition?" A private server is a machine or virtual machine that is privately administrated. As servers need an adequate Internet connection, power and can be noisy, they are often located in a colocation center.
A private email server would be the email system that's offered by the private server.
In other words, with a private email server you have your own email system, from computers to programs. You run it, use it, manage it and limit (allow and prevent) access to it.
But WHY would you need a private email server? Don't you already have email accounts?
The politician in the news supposedly set up a private email server for "convenience." They had two types of correspondence—work (official government correspondence) and personal or non-job related.
They didn't want to mix the two. Surely, you can relate. Can't you?
Your email accounts: Work and non-work.
You most likely have a work email account. Your company sets up all the hardware, software and email system. Then they give you an email address to communicate with other employees, businesses and customers. And friends too: Because you can give friends your work email address.
However, your company doesn't want you doing too much personal email on your work email, and you're probably fine with that.
You have a personal email account too, or a few. It might be with your Internet Service Provider (ISP), such as email@example.com; another personal email might be a Web-based account, firstname.lastname@example.org. Your ISP, or Google or Yahoo take care of the IT work. They operate and own servers/computers, network connections and email systems. All you do is email away.
And you probably don't send too many job-related messages on your personal email. And you like it like that.
The privacy issue.
Both your ISP and employer might have access to your emails. That is, they can easily peer into your accounts if they wanted to or if they were coerced to by a court order. Also, a hacker might target your employer's or your ISP's email network and tap into thousands of email accounts. Including yours.
It happens all the time. Technology and networks are far from fool-proof.
If that really concerns you, you might think about taking matters into your own hands and controlling your communications by setting up your own private email server.
That's where the idea comes from.
Saving Private Servers.
Still, "don't do it!" the experts say. Don't set up a private server because it most likely:
- Won't do what you hope it will do (keep you safe)
- Cost a boatload of money to set up
- Would be extremely difficult to set up, operate and maintain
- Would most likely wind up being vulnerable to hackers, malware and more
- Will create quite a fuss if people wonder what you're up to
But let's say you don't care and still want one. What's involved?
Hire an expert. Or become one.
Here's the to-do (or how-to) list involved with setting up a private email server. Nearly all security and IT professionals say it is an imposing task. First come the purchases. You would need to obtain the following:
- The server, which is about the size of a tower home computer
- An operating system, either a version of Microsoft Windows or Linux
- Microsoft Exchange Server or another exchange program to manage email flow
- A digital certificate, to certify that the server has been encrypted.
- A domain name, since the email would be yours (such as email@example.com)
That's step 1.
With purchases in hand, a tech-savvy IT person would work on step 2, which is setting it all up. This includes:
- Installing the operating system, email and other software
- Installing antivirus programs and spam filters
- Setting up firewalls, specifically one for email (a message-transfer agent)
- Obtaining and connecting a high-end business-class Internet connection
And because connecting to your email network remotely is the norm for most everyone (especially on-the-go politicians), your other email-enabled devices (smartphones, tablets, etc.) would also need to be configured for the private email server. (Some people, depending on their occupation, may have the added step of setting up special security clearances and measures.)
Mission: Next to Impossible.
"It's a pretty big job to maintain a server like that and make sure it's properly configured," Says Peter Firstbrook, an Internet security researcher at Gartner, Inc., a leading technology research company. He adds that whoever did that would "have to continue working to maintain security systems and deal with any breaches."
Is it worth all the trouble and effort? Probably not. Because as we have learned from news headlines from around the world, it's not easy for huge corporations to hide all their emails from prying eyes, despite the latest hardware and software. Just ask Sony.
Imagine how hard it would be for the average Joe.