For a while, I’ve been looking to switch away from Gmail to maintain more control over my own data, especially something as critical as email. When looking for somewhere to switch, I had a few requirements.
- Ability to transfer existing email to the new system (more on this later)
- High reliability
- SSL/TLS for IMAP and SMTP (read “security”)
- Clear business relationsip. I had to be the customer, not the product.
- Support for custom domains
- Web interface (optional)
With all of these in mind, off I went on my search. Early on, Fastmail seemed like a clear winner. They had a mighty shiny web interface, custom domain support, and a good track record.
Out of nowhere, came Lavabit with something I hadn’t even considered. Now, their site may not have the whole “lickable” or “flat” or “hip-design-buzzword” thing going on, but their product is top-notch. It has all of the above, but brings something extra to the security showdown. Asymmetric encryption. Effectively, they’re unable to read my email without my password. With all the NSA stuff going on I felt like this put Lavabit ahead of the competition.
So now the part that took me the longest, and was the most nerve-wracking. The Great Migration. How do I migrate all that old email? First iteration was offlineimap which I already use for both backing up mail and for local clients like mutt. It has support for syncing two IMAP servers.
Turned out that was not the best idea. There were duplicate messages all over the place and I ended up completely cleaning out my Lavabit account and starting over.
Then I discovered imapsync, a utility for – you guessed it – syncing IMAP servers so you can migrate your mail. It was incredibly easy, and after reading the man page for a couple minutes I typed out this command and it worked almost entirely on the first attempt.
:::console $ imapsync \ --host1 imap.gmail.com \ --port1 993 \ --ssl1 \ --user1 email@example.com \ --password2 mahsecret2 \ --host2 imap.lavabit.com \ --port2 993 \ --ssl2 \ --user2 firstname.lastname@example.org \ --password2 mahsecret2 \ --sep2 . \ --prefix2 ""
The only nonintuitive thing is the ‘–prefix2 “”’ which I added after the first run failed before copying any mail. The problem was that the Lavabit IMAP server didn’t support the NAMESPACE extension to IMAP4 so I needed to specify a prefix myself.
Getting my custom domain configured on Lavabit was a breeze. It’s not self-service (yet) but Lavabit support was responsive and I had my domain set up in just a couple hours. You can even set up DKIM and SPF records which, if you’ve come this far, you might as well do.
My next step is likely going to be setting up CalDAV and CardDAV servers so I can liberate my calendar and contacts as well. Haven’t looked at many options other than Owncloud for that, but that’s a project for another weekend.
On my journey I also discovered a great free-as-in-freedom IMAP client for Android called K-9. The name being a Dr. Who reference merely sealed the deal. Bonus Points: It’s on Github so I can contribute bugfixes if I find problems.