Help the FSF tech team maintain email services in freedom
The Free Software Foundation's (FSF) tech team is a small but dedicated team of three staff. With your support, and with the help of volunteers and interns, we run hundreds of services on a few dozen physical machines in four data centers.
We are very excited about some of the initiatives we are working on, like deploying our upcoming forge site and other new systems, expanding our physical server deployments, and a further refresh of fsf.org. In parallel, the tech team is always working to better maintain, understand, and document our existing systems. Mastering those keeps vital systems running smoothly and lays the groundwork for future improvements.
Email is a key service we provide. Besides it being one of the FSF campaigns and licensing teams' most important ways of communicating, we also support thousands of mailing lists for other free software projects, which send millions of emails per year. Free software is extremely capable in all aspects of email, and there continue to be innovative advancements in free software email programs that we are excited to explore and adopt.
Email in freedom
Email is designed to be federated by domain. If you use someone else's domain for email, you have to use their server. Whoever controls a domain's email server can see everything that's in any email sent through it. You can take measures to defend yourself by keeping your email private by encrypting it. We maintain the Email Self-Defense Guide to show you how to do that.
As a communication service, an email server does not take away your freedom like Service as a Software Substitute (SaaSS) does. However, a service could come with a condition that makes you run nonfree software. This is why we, together with volunteers, maintain a page about Webmail Systems that can be used in freedom. In the end, running your own email server for your own domain gives you the maximum amount of freedom and control over your email. The next best thing is to use an email server run using free software by an organization or group of friends you trust.
At the heart of the FSF's email servers is a mail transfer agent called Exim. One of Exim's key functions is to send email to and receive email from other email servers on the Internet. Exim is licensed under the GNU GPL version 2 or any later version. Over many years, the Exim project has done a wonderful job of advancing its capabilities and maintaining superb documentation. The email domains the FSF tech team spends the most time administering are fsf.org, gnu.org, nongnu.org, and libreplanet.org.
We recently finished auditing and updating all of our Exim configurations. The previous configurations had grown out of fifteen years of small changes into an unwieldy behemoth! By refactoring and integrating with the Debian Exim configuration, we were able to reduce the complexity by thousands of lines and organize it into a much more manageable system. We use the Debian Exim configuration as distributed through Trisquel, an FSF-endorsed operating system.
The road your email travels
Whenever you send email to an address ending in @gnu.org, the
email server you are sending through looks up the Mail
Exchange (MX) DNS record for gnu.org and finds eggs.gnu.org. You
can test this on a GNU system by running
host -t mx gnu.org on
the command line. That is the beginning of the journey of an
email to @gnu.org. I've diagrammed the flow of email in our
systems from that point:
The email is first evaluated to ensure it is valid and not obviously spam, then is distributed to destinations like the fencepost server, Mailman lists, debbuggs, or RT (also underlined in the graphs as hyperlinks). Two hosts that may need some explaining are rt.gnu.org and fencepost.gnu.org. RT runs Request Tracker, a ticket-tracking system that we host and run for FSF staff, GNU webmasters, and translators to receive email and manage tasks. Fencepost is a general shell and email server primarily for GNU maintainers and contributors.
This is not the end of the road your email travels. For example, an incoming email that goes to GNU Mailman often becomes many outgoing emails to the list subscribers.
For the sake of simplicity, there are a few details missing from the diagrams. For example, they don't show when an email goes from fencepost to lists.gnu.org. Also, almost all Mailman mailing lists are configured so that when a message arrives from an address the list hasn't seen before, it is held for review by listhelper system, which scans it with SpamAssassin, bogofilter and CRM114 and is often manually reviewed by a few dedicated volunteers.
Help the FSF tech team's continued development of our free software systems
We hope that our free software—driven approach to email can serve as an example for individuals and organizations to run their own email servers for their own domains.
In the next year, we plan to improve the email services we provide to free software projects by evaluating and hopefully deploying some new programs such as GNU Mailman 3, public-inbox, and Sourcehut.Can you join this effort as an FSF associate member? You can start for as little as $10 per month ($5 for students), or $120 per year. Besides enabling important work at a time the world desperately needs it, your membership enables the FSF tech team to continue making technological improvements that benefit the FSF and the entire free software movement. No other organization stands for free software like the FSF does.
The more members we can count, the better we can defend everyone's freedoms against the largest companies and governments on the planet, and this starts with achieving our fall goal of 500 new members before December 31. Plus, associate members can select a special gift during this fundraiser, and enjoy all the member benefits, which include merchandise discounts, a 16GB bootable membership card, and use of our videoconferencing server.
In my fifth year as part of the FSF tech team, I'm amazed at the foundation of knowledge our team has gained and I'm extremely excited to put it to use making more improvements, deploying new systems, and retiring old ones. For all this work, we depend on the continuous commitment of volunteers and donors. Please lend a hand and join us in spreading freedom.
Graphs by Ian Kelling. Copyright © 2021, Free Software Foundation, Inc. Licensed under Creative Commons Attribution 4.0 International license.