I use a blogging service that allows me to post to my blog by emailing text to the website. I'm concerned that my email provider can read these emails (the provider is a random person offering a small amount of server space, not a company). There's nothing important in the blog posts; I just want to maintain some privacy.

I'm not even sure that the post-by-email function will work with encryption, but I'm guessing it definitely won't work with PGP because, as I understand it, the receiver needs to be a sentient being who will use some sort of key to decrypt my emails. Post-by-email is automated.

So is there a way to protect the email content (and hopefully subject line) from being read by my email provider?

Switch to protonmail. Everything is encrypted there but the recipient sees it in clear.

Admittedly that only works if the recipient machine is also on protonmail. But your provider could easily get a protonmail address.

Do I have this right?
You use an email provider run by “a random person” to send messages to a bot that then posts the content of those messages to your blog. The “random person” doesn’t provide the bot or the blog, only the email service. Correct?

As I am/have been such a “random person” I have to ask:
Why you would do business with someone you don’t trust to behave ethically and not snoop in your sent mail?
What MTA is being used by Random Person?
What protocol are you using to connect to their mail server (IMAP/POP3)?
Do encryption schemes encrypt messages while saved on the server?
And ultimately…can’t Random Person simply read the blog?

(Aside: I am in the process of getting out of the business of providing email services. I no longer have any paying customers and just need to decide what to do about my remaining comped accounts…family members)

Correct. But the "bot" and the blog are not exactly separate; the blogging site provides the post-by-email service.

Well it's more like charity than business since the email account is totally free. I don't fully trust any email provider, professional or otherwise, but I don't have good alternatives at this point (running my own email server or not sending email at all).

I use this account only for unimportant anonymous Internet activities, I access it only via Tor or a VPN, so I'm not really trusting this person with very much.



I have no idea.
POP3

I have no idea.

Yes. But I'm not worried about random people reading the blog. I'm worried about someone knowing what I'm sending via email.

The confusing part is that what you're sending via email is getting posted on your blog for the whole world to know? Is that not right?

For your original question, I guess you have to ask the blogging service provider, it depends what they support, and that's where any decryption would have to happen.

So far as I know, at the end of the day the blog provider has to, itself, be able to decrypt and/or digitally verify the email. This requires software support on their end, and you must then send a compatible message.

While "posting to a blog via email" seems rather unusual to me, versus simply using a secure web page, in that scenario I could see great value in the provider insisting that the incoming messages be at-least digitally signed. So that it (and you ...) could then be confident that the incoming post to "your" blog was in fact sent by you, and is exactly what you intended to send. (In fact, if I did care to use such a service at all, I would insist on that.)

It is usually "trivially easy" to send and receive either GPG/PGP® or S/MIME secure emails, by means of a simple plug-in that also automatically handles verifying signatures and keys of incoming messages. It's as easy and transparent as (this ...) "secure web site." The messages simply appear to you "in the clear," with a notice confirming that they had been verified and/or decrypted. A "red flag" appears next to any incoming message that should have been signed or encrypted, warning you that it might well be fake.

Among my friends, we use such a facility quite routinely, and like any good crypto, "it just works." (Why doesn't everybody?)

Yes but the whole world cannot connect the blog content to my email address. They can see only the blog posts. Just like the whole world can read my posts on this forum without knowing the email address I signed up with. The less people know, the greater my privacy. The public can access the online content but not my email address, and, ideally, the email provider knows my email address but not the online content.

The email provider might stumble across my blog, but that's not enough to connect it to my email address (nor is it likely to happen). The email provider might follow the recipient address of my emails to the blogging site, but people can mail in text other than blog posts, and the email provider is not likely to know anything about what people can or might email to a blogging site, so that's still not enough to definitely connect the blog content to my email address.

The website owners have their own ways to ensure that security. Having the general public try to figure out digital signatures would not be a great idea.

If you mean that it's "trivially easy" after figuring out how to create a pgp identity, then finding the documentation for how to use/enable encryption in relatively obscure open source email software, then finding the names of the plugins specific to one's platform/distro, installing them, loading them in the email software...and then figuring out why the encryption options are still greyed out in the software's menu after all that, ok, maybe you're right. Otherwise, I can't agree.

LOL Just cut the email provider out entirely. You can post to your blog using a web browser, can't you?

The essential problem is that "POP/SMTP email" was never designed to provide means to verify the messages that were being sent. There was no thought given to: (1) "is this message actually coming from the stated user?" nor (2) "is this message byte-for-byte actually what the sender intended to send?"

These considerations were "grafted onto" the original protocol in upward-compatible ways. The two survivors are "S/MIME" and "PGP®/GPG." Each of these offer ways to send a "email-compatible message" with additional security content.

And, it still amazes me that neither of these have ever become "standard." Even though the most-important "web email client" provider, GMail, easily could have done so and very-briefly did.

Therefore, "still today," you must use a "plug-in."

At least – if you are still using "old-fashioned email." If you are, instead, using "Microsoft Exchange," or another similar proprietary message-handling service, these security considerations have been addressed. The problem, of course, is that "old-fashioned email" is still out there and cannot be excluded.