Mailpile targets webmail and attempts to raise funds

Email is not only one of the killer Internet applications, but it is also central to the way the free software community functions. Thus, the shift in recent years toward proprietary webmail clients poses a serious obstacle to people who value software freedom—not to mention people with all-too-real concerns about the privacy of their communications. A small team of developers in Iceland is working to improve the situation with the Mailpile project. In a short amount of time Mailpile has attracted a considerable following and a successful crowfunding campaign, although trouble is looming that could delay the project's ability to collect those donated funds.

The concept

Mailpile is the brainchild of Bjarni Einarsson, Smári McCarthy, and Brennan Novak. The trio launched the project on August 3 at the Observe, Make, Hack (OHM) conference held near Amsterdam. As Einarsson's slides [PDF] put it, the chief technical goals of the project are to make decentralization easy, make migration painless, make email encryption understandable, and to make a mail client that offers better spam filtering than that offered by the big email providers . Mailpile is designed to be "personal web-mail," meaning that it can be run anywhere from a remote server to a local machine. The interface will be an HTML, CSS, and JavaScript application that runs in the browser, while the back-end code will be written in Python. Despite the browser-based interface, Mailpile will be a mail user agent only, and users must rely on other software for mail transfer and mail delivery. The license chosen is the Affero GPLv3.

Collectively, the ability to host one's email anywhere and the ability to migrate it from one location to another protect the user from vendor lock-in. Self-hosting also preserves the user's privacy by eliminating data-mining by the email provider and ads in the client application. Naturally, hosting one's email on a remote server introduces security risks, which is why the team is also intent on building OpenGPG encryption support into the client.

Making email encryption easy-to-use is a tall order. McCarthy, the security lead on the team, described Mailpile's encryption workflow as a "core part of its construction" as opposed to "tacked on with a plugin," but there are precious few details about how this will be accomplished. The project's GitHub repository has a discussion thread on the topic that includes some interface mock-ups, although they deal primarily with how options are presented to the user. While there is definitely room for improvement on that front, the core concepts of public-key encryption may prove harder to explain than they are to show in a UI.

There is more detail on the project's blog about the other architectural decisions. One interesting facet of the design is that the message storage system is built around searching, not IMAP's traditional notion of folders. Instead, the user will be able to set up "filters" that constitute stored searches, so that a filter like from:example.com will take the place of an Example Co. folder. There will also be tags that can be applied to filter output, making it possible to construct other message-sorting schemes. The application will come with a set of "sensible" default tags and filters (like "Inbox" and "New"), and perhaps will include filters for well-known senders like Facebook and Twitter, too.

Einarsson justifies this search-driven approach by noting that "email used to be big" but now it is small—small enough in fact that an account's email metadata can fit entirely into RAM. The current estimate is that Mailpile's index consumes 250 bytes per message, including the overhead added by Python, which he calculates is sufficient on a modern system with several gigabytes of RAM. Mailpile will support several storage backends, including mbox, maildir, gmvault, and IMAP. Regardless of the source of the email, Mailpile will build a single, unified search index that is stored in a special subfolder of the user's home directory. For security purposes, the index keys can be one-way hashed, and all user settings can be GPG encrypted.

Despite the (some would say) lofty goals of Mailpile, at this stage the project is intent on writing a considerable proportion of the code from scratch—including the search engine—in standard Python. The reason is that not relying on external dependencies will make the product easier to package. The goal is to produce a tool that can be run on Linux, Mac OS X, and Windows.

The code is available on GitHub, and as of press time the web interface is only beginning to take shape, with a terminal-mode user interface offering access to more features (such as tagging and filtering) through a command-line interface. IMAP and POP3 support has not yet been implemented, nor has spam-detection or decrypting GPG-encrypted messages, but the Mailpile CLI can encrypt the local mail storage and settings with gpg-agent.

Capital ideas

Shortly after announcing the project at OHM, the Mailpile team launched a crowdsourced fundraising campaign at Indiegogo. The target amount is US $100,000, which Mailpile reached well ahead of the scheduled September 10 deadline. The launch of the campaign attracted considerable attention in the popular press, which surely contributed to the rapid meeting of the fundraising target.

As of today, the pledged total stands at $139,798 dollars and counting, but the project encountered a surprise obstacle on August 31. Novak posted a blog entry on September 5 explaining that PayPal (one of several payment methods accepted by Indiegogo) had canceled the debit card associated with the project's account, and informed him that a block had been placed on the account to prevent transferring funds out. After an inquiry to PayPal, a clearer picture emerged:

The Mailpile team felt that this request was out of PayPal's jurisdiction, and, moreover, out of line with Indiegogo's policies on the same subject. Indiegogo's policy, he said, is to transfer "all funds to successful campaigns within 15 days of their conclusion. If IndieGoGo can do it, so can PayPal."

Indiegogo is an official Paypal "partner," which does make it surprising that the two companies would be significantly out of sync. However, Mailpile's Indiegogo campaign is of the "flexible funding" variety, meaning primarily that the funds would be released to Mailpile even if the target amount was not met. But Indiegogo's disbursement policy indicates that flexible funding projects have donations from PayPal users transferred immediately to the project's PayPal account, so the "within 15 days of conclusion" rule does not apply to any donations made through PayPal itself. In a separate post on the subject, Einarsson estimated that these funds added up to $45,000.

Einarsson also said that the project has asked its legal representative, the Software Freedom Law Center (SFLC), to help resolve the situation, but that in the meantime it has disabled PayPal as a funding option. Intriguingly, his post also said that PayPal's rationale for cutting off access to the funds was to guard against "chargebacks," which is when a buyer attempts to retroactively reverse a transaction through his or her credit card company.

PayPal allows chargebacks when a purchased item is never delivered or is significantly different than it should be. It is not entirely clear that the chargeback issue is identical to concern over a budgetary breakdown, but that would explain quite a bit. After all, so far Mailpile has not delivered the software that it describes in its campaign material—it is a brand-new project that has set some lofty goals by anyone's standards.

In addition, the campaign site is quite vague on how the funds will be spent, especially those funds that exceed the target amount. In a post about "stretch goals," the team lists options like "raise our salaries" and "set money aside for a 'rainy day' or unexpected events"—which may not sound reassuring to those in the banking industry.

Late on September 5, Einarsson posted a brief update to his post about the PayPal trouble, stating just that the account had been unfrozen. No word yet on whether this means that the payment processor is backing down on its demand to see specifics about how the donated funds will be spent—nor is there any guarantee that another freeze will not be placed on the account without advance warning.

Nevertheless, the project has met its fundraising goal and is close to meeting it even without the PayPal donations, so users will get to see what the Mailpile project can produce. The campaign promises the first milestone in January 2014. Finding trouble-free fundraising for free software development may take noticeably longer, though.