Hi, guys!
This I'm kinda new here and I'm not completely familiar with the rules but I really want to share my project. We all know Protonmail, it's an awesome and anonymous service, but the problem was: we never knew what what infrastructure it's running on and what's happening in the back.
So I just decided: why not and developed an alternative: OpenNeutron. What is it capable of?
1) It's written in rust (btw I just wanted to learn this language by doing something meaningful and it kinda aligned) so it's compiled to a small self-contained binary with no external service or libs dependencies
2) It works with a legacy email stack. I tested it with Gmail and Outlook and it was capable of both receiving and sending email including attachments and everything a modern mail server should be able to do
Now comes the interesting part:
Working with legacy email stack upon receiving an email, it's instantly encrypted with user's public key and stored like that. If the attacker gains access to the files, reading the email content would be impossible - similarly to Protonmail everything is only decrypted on the client.
Furthermore I decided to build a custom communication mode and extended the existing SMTP protocol so when 2 self-hosted OpenNeutron servers are seeing one another they switch to a full end-to-end encryption mode where the sender client gets the keys relayed and encrypts the outgoing email for each receiver user with their own public key and sends that. Only the receiver client can decrypt the email after querying it from receiver server so in other words at no time does unencrypted email even touch the network making it a true e2ee stack.
So yeah here I am asking for feedback and maybe some advice. I want to warn you that the project is in the alpha stage and need time to mature but again, a feedback is probably the most important thing for me now.
https://openneutron.com/
it would've been nice if you checked it out.
It's my first post and idk how to finish it, so: thx for your time...
1 comments