iCloud sucks – OSX Server an alternative?

A while back I switched from iCloud to hosting my own iRedMail server for my email solution. iRedMail doesn’t work how i’d like and doesn’t work well with iPhone with (the z-push stuff is garbage).

As such I’ve repurposed an old mac mini to be my new mail server and so far i like it. here’s a few of the key points:

  • Unlike iCloud, server side mail filtering is not super basic, nor limited to 99 entries. One can easily install roundcubewebmail (it’s a double click install on osx server), which supports server side sieve filtering.
  • push just works correctly on my iPhone.
  • osx server handles Contacts, Calendars, Mail, Notes, Reminders, and can even handle (some) messaging.
  • Multiple domains are seemingly handled flawlessly (just make sure to correctly specify your email address in your mail client).
  • Install is quick and easy.

iCloud Max 99 Mail Rule Filters?!

So for the past year or so I’ve been using iCloud’s mail as my primary email. I enjoy using iCloud.com’s server side mail filtering (so that I don’t have to have a computer running the mail app in order to ensure my mail is filtered), today I hit the limit of 99 mail rules.

Not sure what i’m going to do…Guess a home brew mail server solution may be in the works.

Screen Shot 2014-01-03 at 2.01.25 PM

Privacy in 2014

For 2014 I’ve decided that I’m going to be much more security conscious.


A couple years ago in search of better push support on iDevices (eg iPhone), I switched from my self-hosted exchange solution to iCloud for all my email. I now have all my email addresses forwarded to iCloud.


  • E-mail is all stored (forever?) on Apple’s servers.
  • The Spam filtering sucks.
  • ‘Private’ e-mails are coming over iCloud and being archived with all my other mail (I archive my general mail).


  • Host e-mail on self-hosted (mac mini) Apple OSX Server. (All current e-mail will be forwarded).
  • PGP on all iDevices and laptops/computers.
  • S/MIME on all iDevices and laptops/computers.
  • (todo) Spam Filtering (potentially with DSPAM).
  • (todo) Setup a small encrypted mail server (Dovecot + postfix + DSPAM

Sync and Backup

Between photos, music, desktop backgrounds, application preferences, etc there is lots of stuff that needs to be sync’d these days. In the past I used a combination of many things including iCloud, DropBox, and bittorrentsync.


  • DropBox has size limitations (with free version…).
  • DropBox and iCloud are centralized.
  • Important files need to be backed up with some sort of versioning incase something is accidentally deleted or corrupted.
  • Sensitive files need to be encrypted and backed up.


  • iCloud sync for all non-sensitive application data (for any apps that support it).
  • BTSync for everything else.
    • Important and Sensitive documents will also be backed up to Synology NAS unit that does versioning incase of accidents. This also provides a fast mirror of all content.
    • Large aperture library will also be backed up to the NAS using BTSync.
    • Sensitive data encrypted with EncFS then Sync’d and backed up using BTSync.
    • Desktop backgrounds sync with BTSync.
  • Music and TV is stored on the Synology NAS and streamed via Subsonic (music), Plex (TV/Music), and Synology’s Audio/Video stations.
  • KyPass Companion (stored in iCloud) for syncing KeePass password database. (This also integrates with google chrome, I use it instead of google chrome’s password manager).


Best Practices:

  • Use a password manager, separate passwords for everything.
  • Use strong passwords (since you’re using a password manager, this shouldn’t make any difference when logging in since you’re not typing passwords anyways).
  • Downloads, Files in work, etc all go into sync’d directories now. Nothing should only be stored locally.
  • Media (Music/TV) should all be streamed, no more storing content locally.
  • Use PGP or SMIME as often as possible. Be careful with private keys (I store them in a TrueCrypt volume to make it easy to share between machines).
  • Do a clean install of OS X every now and again. Do it even more frequently if you’re downloading random stuff.

Finally discontinuing use of dropbox.

So after a few years of using DropBox to sync stuff between my computers I’ve finally fully replaced it with BitorrentSync. Over the past few months I’ve been slowly moving everything from cloud based services to self-hosted solutions for privacy reasons. BTSync works just as good as DropBox does (even better in some capacities), doesn’t have any size restrictions, and of course isn’t centralized.

One thing that should be noted is that TrueCrypt encrypted partitions don’t work as well on BTSync (though did they ever work that well on DropBox either?) so I suggest going with EncFS (or if you want an easier to setup solution, check out BoxCryptor).

I’ve also started more heavily relying upon iCloud Sync for anything that’s not important.

Moving from Amazon Web Services (AWS) to DigitalOcean

For the past couple of years, I’ve been using Amazon’s EC2 Cloud Based Virtual Private Servers for alot of my projects, but recently because some people were using DigitalOcean’s servers to mine altcoins, they have become very popular and I decided to give them a try.

After a couple months I’m very impressed. Their servers are cheaper, faster, and in my opinion much easier to deploy than amazon’s.

The only thing they lack in my opinion is the firewall that amazon provides.


Backing Up or Duplicating Google Authenticator 3-Factor Authentication from one iPhone/iPad to another

Recently I realized that if I lost my iphone I’d be in a world of trouble, nearly every bitcoin exchange I work with utilized Google Authenticator’s 3-Factor Authentication.

Here’s how to back it up (and if you have a second phone around you can put a copy on it as well).
To Backup the keys, Make a backup of your iPhone in iTunes, a local backup. You cannot use iCloud backup, it will not backup the keys (i tried), you also must enabled encryption. Pick a strong password too as if someone were to find the backup they could get access to all your 3FA keys.
Now if you lose your iphone, just connect your a new one and restore the backup, and violla the keys are there.
To add to a second iPhone, simply make the encrypted backup, then connect the other phone Restore it, then chose the backup from your other phone.
KEEP A BACKUP THOUGH! Note that it takes mtgox weeks to reset a Google Auth.