I've been self-hosting e-mail for over 15 years and hope to continue doing so. Although it's being made increasingly difficult by big tech players. I wrote about it here: https://proycon.anaproy.nl/posts/rant-against-centralising-e-mail/
Great post!
I'm a rather dismayed to see those universities and institutes nowadays no longer as pioneers and innovators in this area, but instead as mere consumers of ready-made corporate solutions, following corporate interests and centralising solutions. I have two employers, both academic, and both have resorted to big-tech corporations that offer solutions like e-mail as a service.
Same here, my university recently switched from their Horde webmail to Exchange. The new outlook webmail is absolutely awful and I couldn't set up all the filters that I had before. Luckily I could enable IMAP login, thankfully without OAuth because imo that's another awful practice, so I can connect to it with non braindead mail clients. Still a massive downgrade and I bet they now have to run it on a 10x as powerful server because I hear Exchange is an absolute monster in terms of resource usage.
(Also, I've been self-hosting mail for probably 4 years at this point. Here's to many more!)
Aren't you afraid about some important email getting discarded without you knowing about it? Or about unnoticed downtime which results in missed mails?
Yes, I still run my own email server. It is not for the faint of heart, but once it's configured and your IP reputation is clean, it's mostly smooth sailing. I have not had any deliverability problems to date, initial setup/learning period notwithstanding.
If you're not scared away yet, here are some specific challenges you'll face:
Obligatory PSA: ProtonMail isn't any more secure than Gmail and is likely a honeypot scheme crafted by government agencies: https://encryp.ch/blog/disturbing-facts-about-protonmail/
I know the title of that sounds clickbaity, but they cite their sources. It's worth the read for those curious about ProtonMail's history and their CEOs.
Tbh, that document reads like a discovery channel 2am aliens documentary, but it's not completely without merit.
There are a couple line items about software services they're using that are shitty that sound pretty legit. The fact that they're operating in locations where they might have to hand over data sounds pretty legit. Their warrant compliance and logging/handing over a person's IP address is legit.
The CIA honeypot stuff is all really circumstantial. If the CIA was in as deep as is claimed, a lot of the real evidence people are turning up that they're not a secure as they could be would be unnecessary.
My best guess is they decided to make an email company based in Switzerland with the schtick that they're secure (banks amirite?) They're doing what they can to appear secure without spending too much money. They're not going to have legal battles to keep your data private, and they are going to comply with agencies request for data. Even if they support end-to-end encryption if they are required by an agency to turn that encryption off for you, they're going to do it.
They're probably less likely than Google or Microsoft to sell all of your data to the highest bidder, but realistically there's no such thing as secure email.
The basic assumption every privacy-concerned person should have about email is that it's never secure. Unless you use an offline cryptography program to encrypt your email text and then paste it into the email body before you send it, your emails are insecure.
Email was never designed with that in mind. If you want to communicate securely with somebody, use a medium/method that has been designed from the start for that purpose.
I use ProtonMail because it's not a massive corpo and it's open source, but I don't believe that my emails are significantly more secure than on a service like Exchange or Gmail.
Only people who hate themselves
That is past me. I am barely starting to like myself now!
Can't recommend this enough: https://github.com/docker-mailserver/docker-mailserver
Despite my willingness to self-host almost everything, e-mail remains the last frontier for me. Keeping abreast of standards, keeping up today, avoiding implications in abuse and many, many smaller issues abound ... and that's despite my fixed IP and ISP willing to set up a reverse-DNS for me.
Instead I've gone with a paid email provider that I'm REALLY happy with.
Not worth the hassle - best compromise is to get your own domain but use a provider like fastmail to host it.
If they turn sour you can move your domain to another mail host.
I think this is the solution I was thinking about in the first place. I was just musing about it being part of a home lab. I have to consider whether this solution is is better than just paying for secure email.
I stopped running my own a while ago. Its no longer really decentralized and the big players (google/microsoft) will often just blacklist you for little reason.
That said I DO maintain my own domain and backups. So i can take my email to whatever hosting provider I want.
I also noticed, during the migration, that if you simply register your domain with one of the big players (ie: Google Workspace or M365) you will often get whitelisted and email will flow easier. This was easier when they had a free tier though.
It's bad out there when it comes to hosting your own email server. This blog post shows somebody's experience in detail, and it's worth reading. https://cfenollosa.com/blog/after-self-hosting-my-email-for-twenty-three-years-i-have-thrown-in-the-towel-the-oligopoly-has-won.html
It's all so sad.
That was a sobering read. We all feel victorious when we see big tech fail after they wronged their users, but fundamental technologies that actually run the world have already been lost, and may never be recoverable for egalitarian use.
Yes, with mailcow.email and a catchall and random email system with Anonaddy.
Another happy mailcow user here. I used to have everything set up manually until a few months ago when I decided to migrate into a bigger hardware instance.
My only complaint is that I can't find a self-hosted way to protect the actual mailbox with 2FA. IMAP/SMTP have plain username/password authentication.
I originally did but the maintenance burden was killing me. Then last year Proton unified their subscription with VPN and Mail (also upgrading my Proton VPN only subscription to Proton plus) and from there I decided to just go all in on Proton mail. I integrated my domain to Proton mail and never looked back.
I do host my own mailserver for multiple years now without any issues.
I'm using https://docker-mailserver.github.io/docker-mailserver/latest/ on a rented server, not at home. I recently added DKIM and I check my setup via https://mxtoolbox.com and the like in irregular intervals to see if I can improve something.
The only downside I see is spam filtering, which obviously works better with GMail if the whole world population does the filtering for you. But the included SpamAssassin setup does work and catches most of the spam. I do check for false positives/negatives very regularly and have training folders set up so I can easily move messages into the SA training.
No. But I did consider it. Multiple times.
Why not? I'm too scared! Email is the one service that let's an attacker nuke each and everything. It's still the most central/crucial service that almost any service relies on. If I lose access to my mail account, I lose access to pretty much every service.
As much as I would like to host this myself, I simply do not feel comfortable to do it.
Pretty much for this reason for me as well.
I'm a tech hobbyist and I've run/currently run things like Nextcloud, Jitsi, Matrix, XMPP, etc. But all that seems pretty small-scale. However with e-mail, nearly everything relies on it, and from the headaches I've heard about from those who self-host e-mail, it just seems like a perfect way to screw yourself over 😅
AAAHHH!. Now I am scared too.
So much to consider it is dizzying.
I've been hosting my own mail server, ever since I got into Linux. Most companies where I worked before, used self hosted email.
I've since migrated to using mailcow, which takes a lot of the headache out of it.
When you first start, it's a bit daunting. But easily manageble, once you've gained some experience.
I did for a couple years, but moved to mailbox.org a while ago. The effort was much to high to save a few bucks and there is no real upside to it. E-Mail is a troublesome mixture of different protocols from the internet stone age held together by chewing gum (SMTP, POP3, IMAP, DNS, database or file storage, maybe ActiveSync, Web-Mailer, ...)
Even when everything is up and running there is always maintenance to keep your SSL certificates up to date, update your incoming spam filter technique, keep other mail providers assured that you are not spamming (DKIM, etc.), keep all the different system services (see above) up to date and interoperable, etc. and every few years when you want to move to a new server, provider or Linux distro you start it all over again.
I used to run an OpenBSD mailserver for my personal email address for a few years. It wasn't that difficult to setup, more tedious and annoying than anything. I stopped doing it when I started searching for a job as I was too paranoid about my emails getting rejected without me knowing about it. I don't send many emails, but when I do send them I want to know they are getting to where they need to go. I know I was never blocked by gmail, but I couldn't be sure about other providers.
Now I just use my domain name as a catchall on mailbox.org and access it using offlineimap. All my emails are saved and backed up, so switching providers is no problem at all.
I used to run my own mail server many, many years ago (early 2000s), but today it's a lot more difficult. I personally don't think it's worth it, but I do have my own domain that I can host anywhere I choose. At the moment, I'm using Fastmail. Lots of nice features, and no complaints.
I setup my own email server, it was an absolute pain to setup, especially since I had no idea about all the little details of sending and receiving email. It was kind of fun to see everything come together
In the beginning I had a ton of email go into spam boxes, especially with gmail. Later I found out that if you don't add the proper email headers like to: "Name Of Recipient" <[email protected]> it goes straight to the spam folder. (So you always need to provide a name)
I am afraid to touch anything now though, as it is currently very really stable (on a vpn btw)
I use Cloudflares email routing.
Point my domains name servers to Cloudflares and enable email routing. I can then create any email address in that domain and have it forward to any of my email addresses. Works great when signing up for accounts. The only thing you can't do is fire off email FROM said email address
Edit: can to can't
I used to, I don't any more. All the other comments are right, spam is a huge issue, and you can get blacklisted for no reason without recourse. I'm personally using migadu.com, which gives me some of the flexibility of running my own server without the hassle.
I used to run my own mail server about 2 years ago but unfortunately the spam got so bad I didn't have the time to manage all the filters. I moved over to ProtonMail since I can still use my own domain there. So I guess I would say it's not really worth it also it really sucks if your power is out and not having access to sent your power company a strongly worded email.
Running a mail server these days is not that difficult. While using pre-assembled stacks like mailcow only the DNS entries needs to be done. If you want to run it at home you should do some research on routing all the traffic through a wireguard tunnel to preserve a public IP other mail instances will accept
Yes, and I love it.
I use mailjet as a proxy on outgoing emails so that I get fewer of my sent messages rejected, which works.
It was a pain to setup but it's treating me very well.
It’s a great learning exercise but challenging to get right and ensure your deliverability and basically impossible from a residential-grade IP address (if you have a business class static IP at home you could pull it off).
I ran an email server for decades but gave in and pay to host my email now.
If google decides you’re a bad guy it’s such a pain to crawl back from that and I prefer my email to just work.
I've been running the families mail server for over 6 years now. I'm using mailinabox.email scripts to setup and manage the server.
I've not had any problems (touch wood) with email delivery. You may have issues if your domain is new, it can take a few days for the big guys to accept email from you.
I say go for it, I think too many are worried about deliverbility and that just causes more centralisation.
Good point. I am really getting pulled down to taking the easy route due to all the complexity and discouragement which is draining my initial motivation, as well as my own laziness settling in on one more thing I can just pay for.
You are right, the fight is not over. I can do my part to decentralize.
a bit late to the party here, but I didnt see iRedmail mentioned. been using this to host my own email on a VPS for a little over a year now and its great. for me its worth, you can absolutely make it secure, and its not stupid to run it off a local computer. unfortunately most ISPs make it insanely difficult to host on your home network.
I run my own email server using Mailcow. It works well.
However, I do not even attempt to directly send outbound email. It's very difficult to get your server trusted by the major providers, especially Microsoft (who are very picky about email servers). I have an account with MXRoute (which is an email provider) but only use it for outbound relaying. Inbound emails go directly to my server.
For what it's worth, MXRoute is a great provider to consider if you want to move away from the large ones (Google, Microsoft, etc) but don't want to self-host.
I used to run my own using Modoboa. I've since switched to mxroute for my email.
Nope. It can’t really be self hosted anymore, as having a residential IP is a straight track to the spam folder. It can be done if you also pay for a mail relay service, but then what’s the point of self hosting when you need to rely on a cloud service anyways.
Some dreams are born dead.
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!