I am trying to find an email system (that preferably work with any email account) for kids.

The features I am looking for are (possibly):

- messages can be sent to any email account

- answers must only be read after the contact is added and the supervisor confirmed its safety

- or each message from strange accounts can be marked as safe without adding the sender to the contact; process repeated for each message

- messages from contacts are received faster, do not need to be previously read by supervisor account

- a copy of all messages can be read by the supervisor account at anytime, even after they are erased within the safe account

I found a few paid services with similar features (tocomail, zilladog, kidsafemail, zoobuh, emailforkids.org). But none have interfaces in other languages but English.

Such a system (or program) is not that hard to develop. Do you know any FOSS (free and open-source software) such system? Or some practical alternative method to achieve this safety?

Haven't done it recently but one idea might be to setup your favorite email (e.g. postfix) along with a spam filter that treats everything that is not whitelisted as spam and "quarantines" it. You can then review any "quarantined" email as the "Supervisor" and release only those you want to get through. You can then whitelist any sender you deem safe so that sender doesn't get quarantined in future.

A satellite system with postfix would work. It's a good approach, if you have the skill or the inclination. But setting up mail servers properly, even a satellite, is getting much harder these days.

At the other end of the scale, you can do a heck of a lot with filters in Thunderbird. Though that leaves a lot of wiggle room for the kid. But then this is more a social issue rather than a technical issue, especially as they get older. What age range are you talking about?

Regardless of the technological solution(s) you try as supplements to supervision, there will always have to be a larger share of social approaches.

The satellite system you mean is like the spam filter that MensaWater suggested? Do you know any guide (or documentation) I could use? Making it all from scratch is hard for me.

Thunderbird is not the best option here. It would always need a computer. But I will play around with its filters a bit and see what can be done with them.

A simple mobile access (with a browser) would be practical and wanted. I am thinking of something running in a website (so the kids access the safe page only, possibly without knowing the real password for the used email account).

The kid to whom I started my search is 8 years old.

I am thinking this kind of program or service could be used (ideally) by 16 and youngers, from the point we sometimes need them to use things to communicate with us and with their friends.

is it really to protect children or to censor email ?

My aim is to protect children, like the service examples I gave in the first post (they have websites, you can easily read about them there). But to censor is possible with similar systems...

Children start to use eletronic devices much sooner than I did. Email is a very flexible thing that can do almost everyhing that other technologies or services offer. But it is too free, so it needs some adjustments for the use I want with it.

A service like Facebook (and its now owned Whatsapp), that does not care at all if people are doing right or wrong inside it, is not an option. But most people do not read things like Reuters Investigates - The Child Exchange, and use it anyway. Further, the facts showed in this reportage were not showed by media channels in many countries around the world. I want to offer a better option for a few families I know (at least), that consider using some popular services to have a better contact with their children, when a natural and real presence is not possible. Please do not discuss this paragraph or this reportage in this thread. Open another one (and quote or link it to this) if you want to do so.

Do services like Gmail, Lavabit, Mailpile, and Protonmail have strong server-side filters you can use to white list addresses? I'm assuming a collaborative approach between you and the kids. They can be part of the solution early on and maybe they'll learn good habits that they'll carry on into their teens.

Mail is something I used to do a little, but prefer to outsource. The problem with doing it yourself these days is that you have to set up a lot just to get on the playing field (DKIM, SPF, DMARC) and even once you've done everything correctly, the big players will still shunt all of your mail to their spam boxes for years to come. They won't unfilter you until your domain proves itself as a non-spammer but since you're always in their spam filter, you never get to square one with that. Even some internationally recognized people, running their correctly configured domains for years now, still are in that situation. You can do it but it has to be kind of a calling to enjoy it.

You said a few words that I will search what they are: DKIM, SPF, DMARC.

Well. The free mail servers I know, do not offer the kind of features I am thinking here. The bad people around will use one of them, their messages will not be considered spam. I need to start with an empty white list.

Messages from this new service should not have a hard path to the "not spam" world. They would be on the recipients' contact list.

I have a free account in Fastmail (which is closing its existence for such accounts), with a different domain. Sometimes it happens with Gmail recipients that my simple and normal messages are considered spam. Yandex, Yahoo, Hotmail, Outlook and others never had problems with me. The same thing happens to a friend that has an Yandex account: spam only for the Gmail users.

Now let me look around a bit...

More ideas are very welcome, always!

DomainKeys Identified Mail (DKIM)... good. Seems to be fairly easy to achieve. Also mature.

Sender Policy Framework (SPF)... good, although some controversies make it a bit unsure.

Domain-based Message Authentication, Reporting and Conformance (DMARC)... more complicated. I am not sure to have understood everything in my skim of its Wikipedia (en) article.

These do not seem something that would add too much work in setting up a "safe mail for kids" service.

Great. I'm pretty sure all three are needed these days. One additional method that helps a lot against incoming spam is greylisting. But if you are whitelisting, I'm not sure how much benefit you would get from the effort.

Lavabit, Mailpile and Protonmail seems to have a different security focus than what I am trying to find here.

Yahoo, Yandex, Hotmail, Outlook, Gmail and all other free mail services are equivalent, as I see. None have any feature that would make me choose it, except IMAP access (which is freely given by all which I mentioned here).

The security I aim to get is much simpler than end-to-end encryption, guarantees of no user data storage in the server, and so on.

Features I am trying to find, or to find how to do them:

- be able to read only messages from previously approved addresses

--> An empty and user defined address white list is possible? I have never seen or read about them.

- messages may be sent to any possible address; answers will need aproval before they are read, as said before

--> This way it is more practical, the account safety should not need different habits in our daily use

- in the possible use of normal and free webmail services, we should access the real account with a different password, safely stored on the safe service server; the kids access with a different password, and not directly to the server provider

- when messages are erased, they will be moved to a hidden trash (which will be safely stored in another folder in the real account)

- IMAP access for the safe account would be very good, but seems the hardest feature to obtain, to me

Incoming spam is not a big issue to me, since I am considering using, for example, an Yahoo account.

I have never dealed directly to white, black and grey lists. Where can I read about their use in mail services or servers?

My mail server experience pre-dates their necessity. spam is a $20 billion - $50 billion / year burden on us in lost productivity and other costs, and about 88% of SMTP traffic is spam. It's been going for years that way. That's not the cost of doing business, that's a parasite killing the host -- us.

Anyway, RFC 5321 talks about the expected delays a sending SMTP server must tolerate. With greylisting, the receiving SMTP server fails the first attempt of a new address to deliver mail and according to the standard legitimate servers must retry after a period. Spammers don't wait, so close to 100% of those that do retry are legitimate and can then be whitelisted automatically, as far as the spam is concerned. So I guess you'd be talking about setting up two levels of whitelisting if you go that route. It's pretty easy to set up in OpenBSD and Peter N M Hansteen has described it in detail in his book The Book of PF, 3rd ed., and in some of his presentations. The specifics won't carry over to Postfix or Exim but OpenBSD is easy enough to install, configure, and maintain, that I suggest that it at least be considered.

But it can be done with the others, too. For example,
https://debian-administration.org/ar...ing_with_exim4
https://postgrey.schweikert.ch/

Whitelisting is well-documented, too.
http://www.postfix.org/ADDRESS_VERIFICATION_README.html

It is surprising that the amounts of spam are that big...

Thank you!

I will be reading these now. Unfortunately I cannot "mark posts as useful" - because we are on the general forum?

I am reading the first URL. (:

Can I install postfix without root access? (same question, no answer: http://askubuntu.com/questions/79046...-non-root-user)

I have an account and a subdomain in a Debian server. This means, at least, that I will use different ports to do something. But I also need postfix installed and running in an user folder.

Some smaller operations may depend on root. But they need to be as little as possible, so the server is not much reduced for the other users.