Vimeo
Bring people together with video.
Start new thread
Alexis Ohanian

Helm Personal Server - A personal server for owning your email and more

by
Business Dad with Alexis Ohanian

Helm is a secure personal server that makes it incredibly easy to own your online identity - starting with email. In 3 minutes, you can set up Helm in your home with a custom domain and have email, calendars and contacts services that work with all of your devices and is accessible from anywhere in the world.

Add a comment

Replies

Best
Ryan Hoover
Product Hunt
Wow, the design of this piece of hardware is super unique. Timing for a product like this might be perfect with all the concerns around privacy (Facebook and Google announced breaches in the past month). I'm curious who the target demo is for this though? Is it a technical niche to start? I can't see my parents using something like this.
Giri Sreenivas
Vimeo
Maker
@rrhoover Thanks Ryan! Lots of different types of demographics are interested in data ownership and control. Initially, early adopters that have taken steps to protect themselves online or have experienced an online breach are the focus for us. The product is definitely easy enough to set up that your parents could use it.
chris
This is really interesting and capitalizes on the increasing privacy concerns of the general public. I worry about two things: 1) price - $500 is a lot for the hardware; it's more than a Synology and as much as a Mac Mini. I understand it's a carefully created hardware box, but this is a pretty high entry point and will be a barrier for most people who refuse to even pay $5/mo for something like Fastmail. 2) longevity - if the product doesn't take off for any number of reasons and Helm ends up shuttering its service, I'm left with a server I have to maintain, at best, and an unusable piece of hardware, at worst. I do, though, appreciate the vision for the future here . An all-in-one device that can function as a home email server, VPN, messaging system, password manager, file sync seems much more worthy of the $500 price point than something that can only function as an email server.
David
@chrisdolle #2 was also my first thought
Dirk Sigurdson
@chrisdolle @david_rothmann1 Giri and I as founders of the company are committed to supporting Helm purchasers for the long term. If for some reason the service has to be shut down, we will provide a way for customers to migrate off the service and on to something else (i.e. your own AWS account).
Alexis Ohanian
Business Dad with Alexis Ohanian
Hunter
Initialized was the first investor in this team (@GarryTan loved their vision for consumer privacy tech years ago) and have worked closely with them to build something we're very excited about. Helm has developed a beautiful, user-friendly personal server that makes it incredibly easy for people to own their online identity—starting with email. People can select a custom domain through Helm or bring their own and have their own email on this server, in their home, in just a few minutes. The founders have a lot of experience in the security space, having previously started and sold a security company and it shows in how secure the product is. For the first time, people have an easy way to own the core of their online identity and not rely on the cloud for their email.
Rama Veeraragoo
GoodRipple
@alexisohanian really cool! Glad to see a world where we have privacy (back)
Kristofer™
CollageMo
I love hardware that's not just shaped like a box
Garry Tan
Y Combinator
This is one of the most important products for personal privacy and security because it lets you replace free services online that just harvest your data. They started with Email but this will be for a lot more than that before long. I have been using my Helm for email for a few months and it really gives me peace of mind around my data security. If you get a Helm too, our devices will actually speak securely to each other, giving us encrypted device to device email without switching apps. If you believe email should be secure by default and immune to government or corporate intervention, this is the way it happens.
David Pazdan
@garrytan curious if the team is interested in integrating solutions like orchid for more secure/anonymous internet (one step further than VPN or tor). I can sync the two teams together for a discussion, just let me know.
David Pazdan
@garrytan ultimately I'd like to see the helm give me the ability to control and host all my IOT device data/services directly from it, rather than through 20+ different externally hosted services like we currently do. (eg. option to host nest web server and my personal video footage directly on my helm, or helm 2.0 device). this will be very lucrative to me and many others out there
Kartik Sathappan
Is this dependent on a reliable home internet connection? I ask because I have a NAS with some videos and photos on it and it’s great but far from dependable, which is okay for that stuff but not for email. Curious how you overcome that bottleneck.
Kartik Sathappan
Any info here would be awesome @new_user_417c623f9f - this is something I’ve always wanted but previous solutions haven’t been reliable
Dirk Sigurdson
@kartikcooks To ensure that we can't read your email, email is delivered directly to your Helm and isn't stored in the cloud (except via encrypted backups). This means that it is somewhat dependent on you having a stable and reliable internet connection. The good thing about email is that it was designed a long time ago when the reliability of servers and networks wasn't nearly what it is today. Email servers have built in retry capabilities and you should get your email even if your internet connection is periodically down.
Kartik Sathappan
@dsigurds got it. Thanks. Love that you’re tackling email first. It really is the modern keys to your house. I’ll definitely be following your progress!
Joseph Paul
Hardest part about hosting your own mail server, in my experience, is staying off spam filters and getting my mail to actually reach the recipients inbox. Setting up the server is the easy part. Do you have any mechanisms in place to support the user staying off blacklists? I think this can be especially tricky with home internet connections, and even more when you don't have a static IP address. For me, hardest part is delivering to gmail. There is no way for you to know whether your mails get delivered unless your intended recipient tells you they didn't receive anything. Gmail's postmaster tools won't show you any data, unless you're sending tons of mails per day. Setting up DKIM, SPF, DMARC properly gives no guarantee. Sometimes they might just dislike your IP address or network. So, how do you support your customers to get their outbound email into inboxes rather than spam folders?
Dirk Sigurdson
@jsphpl Each Helm gets its own static IP address and your email is routed through it. We make sure that the IP address is clean before we assign it. We don't rely on the reputation of your home IP address. Even though email is routed through this static IP, TLS sessions terminate on the Helm, so we aren't able to see any of the email data.
Joseph Paul
@dsigurds Oh i see. Does the service subscription include you taking me off blacklists, or handling that google issue – or is that all up to your customers? That implies the next question: How do you distinguish actual spammers abusing your service from "good" users, considering TLS is terminated at the Helm? A pity though that the system relies on central infrastructure provided by you. So its not contributing anything to decentralisation. Only advantage over other approaches is that the data (when in rest) lies at my home. Apart from that, you can definitely see some metadata. How's your data privacy policy about that? Where can we find those *additional terms and conditions* mentioned under 6) in your "Terms and Conditions of Sale"? (edit) I was assuming that decentralisation was part of your value proposition. But apparently it's not. Your goal rather is to improve privacy. So no criticism here. This was just me mixing up things… ;)
Giri Sreenivas
Vimeo
Maker
@dsigurds @jsphpl Yes - we will be monitoring blacklists for IP addresses used by Helm customers. Spammers can spam much more cheaply and cost effectively than buying a Helm. That said, we are planning a rate limiting feature that will be high enough to not bother consumers/SMBs but low enough to make it entirely uninteresting to spammers. We can't see metadata for email coming in and out over TLS which is the vast majority of all email today. Our privacy policy is on our website - https://thehelm.com/pages/legal. The clause you pointed to just indicates that if we make any updates to the terms, we will make them available to the buyer. I would also argue that this is furthering decentralization in a meaningful way. The applications and data live with the user. The infrastructure that you mention isn't all that different from infrastructure you get from your ISP. I suppose this is a matter of opinion, but that's what we believe.
Joseph Paul
@dsigurds @new_user_417c623f9f Yeah, i think it's a good approach to take away the painful part of operating a mail server from the user. I agree with your ISP comparison. TLS usually runs on top of TCP, so you are seeing metadata, namely IP addresses. Back to my initial question, which hasn't been answered directly: If i buy a helm, send mail over it, and the mail doesn't reach gmail recipients – can i call you and you call google, or do i have to take care of it myself? MX Toolbox does blacklist monitoring for free, the painful part is to react when something doesn't work as expected – 100$ a year would be an absolutely fair price for not having to worry about all that communication with other mail operators. I'd even say it's cheap and i'm not sure if you can sustainably operate with that little money. But 100$ a year for setting up a VPN and a blacklist monitor and have me do the hard work myself – not sure if i would buy that…
Giri Sreenivas
Vimeo
Maker
@dsigurds @jsphpl Usually in the context of emails, I think of metadata referring to what an email server can see in the headers. We monitor and remove from blacklists IPs that are assigned to gateways. And yes, we will provide support for the scenario that you described.
Dan Dan
Does it backup your data to some other place (I see how this is redundant) but what makes my home any more secure than a data center?
Dirk Sigurdson
@tostartafire Offsite encrypted backups are provided as part of the Helm service. The key that is used to perform the encryption is only accessible to the Helm owner. Having the hardware local give you the ability to leverage something we call proximity based security. The administration functions of the Helm are protected by your password + a proximity based token. The token can only be obtained if you have been in physical proximity to the Helm.
Markus Schuette
How does Helm differ from other personal servers like Cloud by Daplie ?
Nicolo S
PumpMyGas by Optimist
@markus_schuette Doesn't do email?
Giri Sreenivas
Vimeo
Maker
@markus_schuette Well, first we are shipping soon. We have private betas out in the field. And as Nicolo mentioned it, we do email/calendar/contacts.
Robert Magrino
How many domains and email addresses can it support and is this suitable for business email? Thanks
Dirk Sigurdson
@rmagrino Helm supports a single domain with an unlimited number of users. Small businesses that are uncomfortable having all their email in the cloud and who probably don't have their own IT team to manage their email servers could definitely benefit from the ease of use and security of Helm.
123
Next
Last