Development

Mailpile's first beta release

By Nathan Willis
September 24, 2014

The Mailpile project made quite a news splash in 2013, capitalizing on public anger over the government Internet surveillance disclosed by Edward Snowden, and launching a successful Indiegogo campaign to fund development. What Mailpile promised was a simple-to-use webmail experience that users could self host: all the convenience of GMail, but none of the ads, user-tracking, or spying eyes. Now, the project has announced its first beta release. The good news is that the fundamental email features are in place. The security and privacy features are also nearing completion—although, naturally, users should be wary of over-reliance on pre-release software for such matters.

Piling on

The beta was announced on September 13, with pre-built packages made available for Windows and Mac OS X, and a tagged release on GitHub available for Linux. The tag, interestingly enough, designates the release as version 0.4.0, although there does not appear to be a detailed roadmap between here and an eventual 1.0 release, which the release notes estimate will arrive in December.

The release includes a guided set-up process, but those interested in only taking a peek may prefer to check out the live demo running at www.mailpile.is/demos (for the curious, the screen shots shown here come from the live demo, rather than from the author's personal email). Installing the Mailpile beta locally requires OpenSSL, GnuPG, Python 2, and a handful of common Python libraries, but no external web server is required. Launching Mailpile opens the user interface running at http://localhost:33411.

We last looked at Mailpile just over a year ago, shortly after the project's public debut. At that time, the team—Bjarni Einarsson, Smári McCarthy, and Brennan Novak—pitched Mailpile as "personal web-mail." That is, an application that offered the ease-of-use (both within the interface and on administrative tasks) that contributes to the wide popularity of webmail services like GMail, but is private, decentralized, and offers security that a commercial service cannot match.

The original brief for Mailpile also specifies that the application will be implemented in HTML and JavaScript, running from a local web server, where it can remain under the user's control. Nevertheless, Mailpile itself does not handle the more security-sensitive tasks of sending and receiving mail: it requires either a separate mail server running on the local machine, or a POP/IMAP account on a remote host. At this point, the beta is quite simple to set up and get started with (at least when used with a remote email server).

It remains to be seen, though, whether or not the same degree of smoothness can be extended to include setting up local mail receipt and delivery. Considering Mailpile's public focus on the importance of user security and privacy, it is a bit odd to see its continued reliance on remote mail servers.

Usability

But, considering how complex some of the steps involved could be, Mailpile's guided setup and configuration process is remarkably smooth. During initial setup, users are asked to create an encryption key and passphrase that will be used to protect storage (but is not, for example, used for signing outgoing messages or decrypting incoming ones), and similar walk-throughs step through the process of setting up SMTP, POP, and IMAP configurations (which are, perhaps confusingly, called "routes" in the interface).

The user interface, on the whole, is definitely an improvement over the default UIs found in other common free-software webmail packages (such as SquirrelMail or RoundCube). The icons used are more-or-less self-explanatory and all of the buttons one would require during everyday use are both easy to reach and located close to where they are needed.

That said, there are some aspects of the UI that feel awkward. Icons and functional "action" links vary wildly in size. The "trash" button in the composer window, for instance, is 14 pixels tall, while the "reply" button is 40 pixels tall. Perhaps there is a case to made for varying the size of buttons considerably, but it feels more like a lack of design unity than a conscious choice. Similar inconsistencies are found in color, alignment of UI elements, and whether icons are labeled with text. There are other spots where functionality is simply missing. For instance, when an email thread is opened, every message is shown in collapsed form (with only the first line readable). Clicking on the message expands it, but there seems to be no way to collapse it again.

But, from an interface perspective, the most interesting choices are the conscious decisions, such as Mailpile's decision to eschew "folders" for a single "tag" namespace. An arbitrary decision, some might say, but one that integrates well with the project's emphasis on search as the main method for interacting with a message archive. GMail also took this approach at the beginning, but over the years it strayed away from it with "Priority Inbox," "Important/Not Important," "Categories," multiple flavors of "stars," and other such features that provide different avenues through which to wrangle a busy email account.

Only time will tell whether Mailpile can succeed without also complicating its simple model. Already, the sidebar that lists a user's tags also includes a set of special tags that show all file attachments, all photos (which are also shown by the general "attachments" tag), and all hyperlinks. The last category in particular could become a lengthy list indeed, especially if one subscribes to mailing lists or corresponds with online merchants who liberally sprinkle links into their missives.

Features

Sending and receiving messages works in the beta release, as do attachments, tagging, spam filtering, and basic OpenPGP usage. There is some functionality missing, such as HTML-message formatting, and the release notes point out several hiccups—in particular, when using IMAP (which is still missing several key features, such as synchronization) and when working with attachments other than images. Clicking on any of the "settings" options raises an error, at least on the demo.

Unfortunately, several of the known issues in this beta release relate directly to Mailpile's key feature: end-user security. Basic PGP signing and encryption is supposed to work (although there is an issue when dealing with non-ASCII characters in key IDs), but PGP/MIME support is currently broken. More troublingly, outgoing TLS connections neither validate certificates nor specify strong cipher choices. The automatic PGP-key-lookup function in the contact-editing screen seemed to hang indefinitely in my tests.

But not all is darkness on the security front, according to the project. The team has published a detailed security roadmap staking out its long-term goals and outlining how it intends to reach them. There are some creative and ambitious targets on the list.

For instance, the user interface can display Gravatar images for remote contacts. The plan is to send HTTP queries for Gravatar images over the Tor anonymizing network in order to guard against snooping. Tor is also planned to be used for masking search engine requests, PGP key lookup, and fetching HTML mail resources. Other goals include support for the Dark Mail protocol, whenever it sees the light of day, and automatic lossless conversion of attachments to "safe" data formats (although the examples listed, such as PDF-to-PostScript, are not explained in detail).

Perhaps the most ambitious security goals, however, are those that come late in the list, such as "implementing a user interface which helps the user avoid making common mistakes" and enabling access from remote locations—including mobile devices. So far, the Mailpile team has done a good job of building a slick webmail-like user interface; building a slick and foolproof PGP interface is at least a different challenge—and likely a harder one, too.

The most practical challenge, however, will be seeing how much of this work the team is able to do by the scheduled 1.0 release date in December. That date, unfortunately, is not merely some arbitrary selection. The project has been operating for the past year using the funds it raised from its crowdsourcing campaign, and the beta announcement estimates that three or four months' worth of money remains. Then again, if the beta proves popular and if the project can show enough progress on the security front prior to running out of cash, that could easily be enough to motivate another successful round of fundraising from Mailpile users.

Comments (5 posted)

Brief items

Quotes of the week

Now, tell me, does a “community ombudsman” rank higher than a “chief cat-herder”? Should I trust the opinion of a “Chief Community Officer” more than a “community gardener”? I can’t tell.

— Dave Neary, responding to Aaron Seigo's recent criticism of "community managers".

I want to thank systemd for my renewed interest in the BSDs.

— Jason Dixon

Fire means "Easy to install" because easy is hot!
Curve on a monitor is "Cross-platform" because an OS supports monitors!
Rocket means "Lightweight" because space travel is inexpensive and has minimal requirements!
Empty brackets mean "Open Source" because there is nothing to hide!

— Robert Martinez deciphers some interesting icon choices by the Gogs Git-hosting service.

Comments (1 posted)

PyPy 2.4.0 released

PyPy is an optimized implementation of the Python (2.x) programming language; the 2.4 release is now available. As is often the case, performance improvements top the list of changes in this release. "Benchmarks improved after internal enhancements in string and bytearray handling, and a major rewrite of the GIL handling. This means that external calls are now a lot faster, especially the CFFI ones. It also means better performance in a lot of corner cases with handling strings or bytearrays." Various bug fixes and an update to the Python 2.7.8 standard library are included as well.

Comments (5 posted)

Wayland and Weston 1.6.0 released

The version 1.6.0 releases of the Wayland display manager and Weston compositor are available. Wayland improvements include better error handling and an improved self-testing infrastructure. On the Weston side, they have made a number of xdg-shell protocol changes ("Yes, we broke it again since 1.5.0"), some keyboard repeat improvements, a switch to libinput by default, and more.

Full Story (comments: 37)

Tracker 1.2.0 available

Version 1.2.0 of the Tracker semantic data-storage system has been released. Among the changes are support for new file types, a Data provider feature "to allow 3rd parties to supply their own data to Tracker to be indexed, for example for an online or proprietary service ", and numerous build fixes. Also noteworthy is that "Extractor is now 'crash-aware';" a separate data source is now available for content whose metadata cannot be extracted, a situation that previously would cause repeated failures of tracker-extract, often triggering crashes.

Full Story (comments: none)

GNOME 3.14 released

The GNOME project has released GNOME 3.14. "This is another exciting release for GNOME, and brings many new features and improvements, including multitouch, captive portal support, greatly improved sharing settings. This release also includes improved and redesigned applications for weather, maps, PDF viewing, running VMs, and more. The Wayland support has matured to the point where it is ready for day-to-day use." See the release notes for details.

Full Story (comments: none)

Newsletters and articles

Development newsletters from the past week

What's cooking in git.git (September 18)
What's cooking in git.git (September 19)
Haskell Weekly News (September 18)
LLVM Weekly (September 22)
OCaml Weekly News (September 23)
OpenStack Community Weekly Newsletter (September 19)
Perl Weekly (September 22)
PostgreSQL Weekly News (September 21)
Python Weekly (September 18)
Ruby Weekly (September 18)
Tor Weekly News (September 24)
Wikimedia Tech News (September 22)

Comments (none posted)

Best practices for the new era of open source (opensource.com)

This opensource.com article holds out Ansible as an example of a project worth emulating and delves into the reasons for its success. "The idea that a user can try something out over a lunch break, and understand it—and then learn what is left to learn—is a key success driver for open source software. Too many projects fail needlessly because they don’t invest in this critical idea."

Comments (18 posted)

Hutterer: libinput - a common input stack for Wayland compositors and X.Org drivers

Here's a post from Peter Hutterer on why the X.Org input stack is a mess and the new "libinput" stack is needed. "It looks like a big happy family at first, but then you see that synaptics won't talk to evdev because of the tapping incident a couple of years back, mouse and keyboard have no idea what forks and knives are for, wacom is the hippy GPL cousin that doesn't even live in the same state and no-one quite knows why elographics keeps getting invited. The X server tries to keep the peace by just generally getting in the way of everyone so no-one can argue for too long. You step back, shrug apologetically and say 'well, that's just how these things are, right?'"

Comments (14 posted)

Page editor: Nathan Willis
Next page: Announcements>>