Email security?


#1

I’ve used Gmail as my primary email address for a long time, but I’m interested in trying to get away from Google and use a different provider instead, and I thought that Dreamhost might be a good place to try, since I’m already getting my hosting here anyway.

However, given how many important accounts (banking, etc) go through email for things like password resets, I don’t want to give up on some of the security that I’ve gotten used to with Gmail… I know that the dreamhost panel can use 2FA, and the email connections can use SSL and so forth, but I guess the main things that I want to ask are:

  1. Are the dreamhost email servers set up to reject (and ideally, report to me) an IP after enough failed login attempts, to prevent a machine from brute-forcing my password?

  2. Is there any way to do something like device-specific passwords, or any other way for the email server to recognize if an unfamiliar machine is connecting?

  3. Can anyone else think of any good general-purpose email-related security measures that I should be looking for? (Most of the reading material I find online is talking about ways for two individuals to communicate securely to each other by email, but what I want is more about things like securely receiving password-reset emails from random websites…)

  4. Does anyone have any good smaller secure email providers to recommend, if not Dreamhost? It seems like most of them focus on either A) secure messaging within their platform (which doesn’t help me) or else B) email for companies (i.e. all their plans are for several email addresses rather than just one). I’m willing to pay a small amount (<$5/mo?) if it’s a good service. Ideally they should let me use my Dreamhost domain…

I didn’t expect moving away from the major monolithic email providers for a personal email account while keeping my security to be such a difficult thing to find a satisfactory answer to, but maybe I’m just being a luddite and should give in to the Google panopticon :S (Or else, maybe I’m underestimating the level of security offered by out-of-the-box solutions like Dreamhost?)


#2

No need to complicate things, just choose the secure version of gmail.

If you like, you can even use gmail to retrieve email from other email services. You can also set up the From field to alias other email addresses… pretry straight forward in gmail settings.


#3

I know that Gmail is secure, I said that I’d like to use something besides Gmail.