PROJECTS

  • Progress: Completed 100% 100%
Introducing Searxng, the hidden gem of search engines! While it may not be as widely recognized as other options, Searxng offers a unique opportunity to take control of your privacy. By hosting your own open-source search engine, you can rest assured that everything is in your hands – from the source code to logging settings and private data. No need to trust unknown administrators. The best part? With Searxng, you can customize the default settings and say goodbye to cookies resetting your preferences. Plus, as long as your endpoint remains uncompromised, your settings will stay securely stored and inaccessible to others. Embrace the power of Searxng and experience the thrill of a random profile per search. Give it a go on Roth The IT Guy’s hosted search engine by visiting https://search.rothitguy.pro you can also add my hosted search engine to your browser!
Configuring custom search engine in FireFox

Open a new tab and type about:config in the address bar
In the search box type: browser.urlbar.update2.engineAliasRefresh
Click on the little + symbol on the right. This is what it should look like after you pressed it: boolean true value after pressing plus sign
Go to firefox Settings → Search. Or enter this in the address bar: about:preferences#search
In the “Search Shortcuts” section you should notice a new “add” button. search add button
Press the add button and fill in the name, search engine url and a keyword(optional). Example: https://search.rothitguy.pro/search?q=%s
Go to the “Default Search Engine” section and select the engine you just added.
Enjoy!

  • Progress: Completed 100% 100%
Hosting an open source authoritative as well as recursive DNS server that can be used for self hosting a DNS server for privacy & security.
The purpose is to have better privacy by not sharing data with public DNS providers. Also another use case is that an ISP may block popular DoQ, DoT, and DoH services and also interferes with unencrypted DNS traffic.
The Cloud Linux server will host the DoH service which will be configured as a forwarder in the locally running DNS server on the network.
Another option would be to forward the cloud DNS to Mullvad to increase privacy as well.
Once the configuration is complete, all DNS traffic will be encrypted between the locally running DNS server and the DoH server running on the cloud server. This effectively means that all local DNS traffic will exit from the cloud server and thus wont be visible to the network provider or ISP.
It is possible to use Cloudflare DNS over Tor hidden service too! I could configure a proxy server which can of course be made to use Tor running on the computer and use Cloudflare DNS hidden service because WHY NOT?!
I could just add the hidden service address as forwarder and since all hidden service requests over Tor network are inherently end-to end encrypted, you can use DNS-over-TCP protocol with it.
  • Progress: Completed 100% 100%
SimpleX Chat is a privacy-focused messaging platform that operates without any user identifiers, making it highly secure and private. Unlike traditional messaging services, SimpleX Chat does not store user accounts or personal data on servers. Instead, all user data is stored locally on client devices in an encrypted format, ensuring that only the intended recipients can access the messages.
The platform uses end-to-end encryption for all communications, including messages, images, videos, and files. It employs a double-ratchet encryption protocol and out-of-band key exchange to prevent man-in-the-middle attacks and ensure communication integrity. SimpleX Chat also features temporary anonymous pairwise identifiers for each user contact or group member, providing strong metadata privacy.
Additionally, SimpleX Chat supports decentralized groups, encrypted voice messages, disappearing messages, and audio and video calls.
The platform can be accessed via Tor for added anonymity. The combination of these features makes SimpleX Chat a robust choice for users seeking secure and private communication. I am now hosting my own services.

“Messages, files & calls are protected by quantum resistant e2e encryption with perfect forward secrecy, repudiation & break-in recovery.”

  • Progress: Completed 100% 100%
Currently hosting my own email server using Mailcow.
Mailcow is an all-in-one email server solution that leverages a variety of well-established and widely-used components to create a reliable, secure, and feature-rich email platform.
Each container represents a single application, connected in a bridged network.
You can get a mailbox hosted by me here!
Core Components and Their Functions

  1. ACME (Let’s Encrypt Certificates):

    • Function: Automatically generates and renews SSL/TLS certificates from Let’s Encrypt.
    • Benefit: Ensures secure HTTPS connections without manual certificate management, enhancing security and user trust.

  2. ClamAV:

    • Function: Provides antivirus scanning to detect and remove malware from emails.
    • Benefit: Protects against email-borne threats, ensuring safer email communication. (Optional)

  3. Dovecot:

    • Function: An IMAP and POP3 server for retrieving and storing email.
    • Benefit: Facilitates access to email from various clients and devices with robust support for different mail protocols.

  4. MariaDB:

    • Function: A database server to store user information, email settings, and other data.
    • Benefit: Ensures efficient data management and quick retrieval, essential for large-scale email operations.

  5. Memcached:

    • Function: Provides caching for the SOGo webmail interface.
    • Benefit: Improves the performance and speed of the webmail experience by caching frequently accessed data.

  6. Netfilter:

    • Function: Similar to Fail2ban, it integrates with Mailcow to prevent unauthorized access and brute-force attacks.
    • Benefit: Enhances server security by blocking suspicious activities and protecting user accounts.

  7. Nginx:

    • Function: A high-performance web server used for serving the Mailcow user interface and managing HTTP(S) traffic.
    • Benefit: Provides a stable, secure, and fast interface for managing email accounts and settings.

  8. Oletools via Olefy:

    • Function: Analyzes Microsoft Office documents for embedded threats like macros.
    • Benefit: Adds an extra layer of security by scanning office documents for potential malware.

  9. PHP:

    • Function: The scripting language used for most web-based functionalities in Mailcow.
    • Benefit: Powers dynamic content and interactions on the Mailcow web interface, making it responsive and feature-rich.

  10. Postfix:

    • Function: A mail transfer agent (MTA) for sending and receiving emails.
    • Benefit: Handles the core email traffic, ensuring reliable delivery and receipt of emails.

  11. Redis:

    • Function: Used for storing spam information, DKIM keys, and other ephemeral data.
    • Benefit: Enhances performance and speeds up data retrieval processes.

  12. Rspamd:

    • Function: A fast, modular, and effective spam filtering system.
    • Benefit: Automatically learns to identify spam, improving email security and user experience by reducing unwanted emails.

  13. SOGo:

    • Function: A webmail client that also provides calendaring and address book functionalities (CalDAV and CardDAV).
    • Benefit: Offers a modern, integrated interface for accessing emails, calendars, and contacts from any device.

  14. Solr:

    • Function: Provides full-text search capabilities for IMAP connections.
    • Benefit: Allows for quick and efficient searching of emails, enhancing user productivity. (Optional)

  15. Unbound:

    • Function: A DNS server that checks DNSSEC and provides DNS resolution.
    • Benefit: Ensures secure and efficient DNS queries, contributing to the overall security of the email server.

  16. Watchdog:

    • Function: Monitors the health of Mailcow containers.
    • Benefit: Ensures that all services are running smoothly and provides alerts if any issues arise.
Mailcow UI and Advanced Features

The heart of Mailcow is its graphical web interface, the Mailcow UI. It centralizes all settings and administrative tasks, allowing users to easily manage their email server through a user-friendly dashboard. Key features include:

    • DKIM and ARC Support: Simplifies the generation and management of DKIM and ARC keys for email authentication.
    • Black and White Lists: Manage domain and user-specific blacklists and whitelists to control email flow.
    • Spam Score Management: Customize spam filtering settings for each user, including options to reject, flag, or greylist spam.
    • Temporary Spam Aliases: Allow users to create temporary aliases to avoid spam.
    • Email Tagging and Sorting: Prepend tags to email subjects or move emails to specific folders based on user-defined rules.
    • TLS Enforcement: Users can toggle TLS settings for secure email transmission.
    • SOGo ActiveSync: Allows users to reset caches on ActiveSync devices for troubleshooting sync issues.
    • IMAPSync: Automates the migration or periodic retrieval of remote mailboxes.
    • Two-Factor Authentication (2FA): Supports Yubikey OTP, WebAuthn USB, and TOTP for enhanced account security.
    • Whitelist Hosts: Specify hosts to forward mail to Mailcow.
    • Quarantine System: Manage and review quarantined emails for potential threats.
    • Antivirus Scanning: Includes macro scanning in Office documents for comprehensive protection.
    • Basic Monitoring: Integrated monitoring tools to track server performance and health.
  • Progress: Planning 10% 10%
Goal: Self-host AI with the ability to add users as members via web browser to make accessible to supporters.

Add Fabric to access local AI to reduce friction of use.