I was interested in hosting my own mail server that provides a similar level of privacy for users as Protonmail, ie the server admin cannot read any emails, even those which are not E2EE with PGP. Is there a self-hostable solution to this?
I’m aware the server admin can’t read emails that were sent encrypted using the user’s PGP key, but most emails I get are automated emails from companies/services/etc without the option to upload a public key to send the user encrypted email. If you’re with a service like Protonmail, the server admin still cannot read even these emails.
That can easily be achieved with dovecot and a sieve script.
but then the admin can still read the mail while it arrives ;-)
That’s true of protonmail too
but maybe only for emails from outside, not for emails from within protonmail? haven’t read any specs of protonmail yet…
For internal emails yes they are encrypted on the client side. OP can use PGP or S/MIME for that too.
There’s no such thing E2EE email. The protocol doesn’t support it.
That’s not really true, S/MIME is a thing
And gpg, which op mentions. But the devil’s in the details with encryption.