Insurgent


This is Insurgent, a pubnix built with privacy and simplicity in mind.

We provide everyone a simple 512MB account with mail, XMPP, contacts, and calendar services, free-of-charge, managed using a minimal remote shell.

Joining

Insurgent is currently in its closed beta period, this means that we’re testing our systems with a small set of users, and that registrations are currently being dealt with using an invite system.

However, we’ve opened an invitation system where existing users can invite up to 3 users to Insurgent.

If you’ve received an invite code, run the following command to create your account:

ssh new@insurgent.es

Managing

Once you’ve created your account, you’ll now be able to log in into your Insurgent account and manage it using our shell user management utility by SSHing into your user, similar to this:

ssh amilich@insurgent.es

Here you’ll be able to do things like monitoring your quota, creating a new calendar, changing your password, or deleting your account.

Access

We do not provide or endorse any client to access our services, as we believe that users should bring their own client (BYOC) that suits their needs rather than us trying to fit them all. So, with that out of the way.

Mail

Your mail client should be able to accept the following configuration:

ProtocolServerPortSecurity
IMAPmail.insurgent.es993SSL/TLS
SMTPmail.insurgent.es465SSL/TLS

Your username/email is just your Insurgent user (ex. amilich), and your password is your friend Mark’s password.

XMPP

XMPP access is disabled by default, you need to log into your user shell, open manage, and enable XMPP access.

Your XMPP client should automatically fetch all necessary configs after typing insurgent.es as your instance.

Calendars/Contacts (DAV)

Your *DAV client should be able to accept the following configuration:

ServerUsernamePassword
dav.insurgent.es(your Insurgent username)(your password)

While most clients won’t require this, there are some *DAV clients which might require you to specify the URL to your collection like this:

https://dav.insurgent.es/user/collection

Support

As is expected from an email provider, we only provide support through email.

Note that when emailing us, you should be using your Insurgent account (and if possible, sign your emails). If you email us from another provider, you will have to provide us your password and date of sign-up to validate your identity.

NO PASSWORD RESETS, EVER.

FAQ

Who runs Insurgent?

Insurgent is run by Runway23, a limited-profit cooperative headquartered in Mexico City, with a fully-remote team spanning across the globe.

Insurgent is a project built inside Runway23’s startup studio where we provide it all necessary resources to build and develop it.

Where is Insurgent hosted?

Insurgent is hosted in Spokane, WA, using rented hardware from Crunchbits.

We have plans to self-host Insurgent on our own hardware in Mexico City later on.

How do I get an invite?

During our closed beta period, all Insurgent users get issued 3 invite codes which they can use to invite other users; these users can then invite another 3 and so on. So the trick really is to find a friend who recently got invited.

Now, please, for the love of god, do NOT harass and annoy our users asking them for an invite code. If you end up getting one and we know how you got it, you’re getting banned.

How much does Insurgent cost?

Insurgent is free to use, and will always be.

We have plans to offer yearly subscriptions for things like more storage.

How do you make money?

We don’t! We actually lose money from this.

Currently, the costs to run Insurgent are lower than if all our team members were paying for a premium email service each, and Insurgent piggybacks off our existing infrastructure which we also use for other projects.

Do you sell my data.

No.

We will simply never, ever, sell your data. Fuck that shit.

How do you handle my data?

As Insurgent is ran by a Mexican entity, we are required to follow the Mexican data protection laws (ie, LFPDPPP), and provide our users with means to enforce their ARCO rights.

Although our servers are located in the US, we still try to comply with the GDPR and its underlined mechanisms.

You can review our Privacy Policy to learn more about how we handle your data in this regard, and how we do our best to follow both European and Mexican law.

Is my data secure?

Yes, we encrypt our servers using full-disk encryption, and encrypt the containers and databases, all using different keys and passwords.

This should be enough for any bad actor trying to get into our servers, as they’d need two sets of keys to be able to decrypt our data — which we regenerate every major system maintenance period.

We have plans to implement per-user encryption to add another layer to that, and make it impossible for even us to read your data.

Can you read through my data?

Yes.

We are not really interested in it though, and we recommend you to add another layer of security yourself by signing and encrypting your emails using tools like OpenPGP.

Do you store logs?

Like wooden ones? Yeah.

Computer ones? Not really.

Insurgent does not store any logs related to user activity; we only keep logs used for system management and security purposes (ie, admin logins, init system statuses, disk quotas, etc), and they’re wiped after 90 days.

Do you hand over my data to law enforcement?

Yes.

As required by Mexican law (ie. Chapters 189 and 190 of the Ley Federal de Telecomunicaciones y Radiodifusión), we must maintain a mean for law enforcement to request data and we are required to hand it over.

We are not too sure how this is handled in the international aspect of things, but we are willing to cooperate with foreign law enforcement agencies as long as it does not put in risk the integrity of other users and it is being done in good faith without attempting to violate the human rights of our users.

You can read more about how we handle this in our corporate website for legal affairs here.

Is Insurgent open source?

No, but we plan to make it so soon as we polish our deploy configuration.

Who is “Robert” and why does he keep emailing me?

Robotic Overlord Bombarding Endless Redundant Transmissions, or as we call him around the office, R.O.B.E.R.T, is our system notifications bot. He sends out things like newsletters regarding Insurgent and Runway23’s operations, notifications about your account, etc.

He tries to be as polite and unobtrusive as possible, but if you’re receiving a lot of emails from him, maybe try to listen to what he’s saying for a bit…

Does Insurgent have 2FA?

Ya 1 factor’s ur username’s the other’s ur password

Can I have multiple accounts?

Sure, all we ask you is that you don’t make them to abuse/bypass storage limits or to abuse other services.

This doesn’t apply to Lighty, you get one account, okay?

Do you support aliases or inbox delimiters?

No, but we plan to.

For delimiters, give us a while, we’d love to.

For aliases, maybe; but it’ll probably be paid.