this post was submitted on 12 Jun 2023
164 points (98.8% liked)

Selfhosted

40407 readers
332 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

All this new excitement with Lemmy and federation has got me thinking that maybe I should learn to run my own instance. What always comes up though is how email is the orginal federated technology.

I am looking at proxmox and see that is has a built in email server, so now I am wondering if it is time to role my own.

I stopped using gmail a long time ago, and right now I use ProtonMail, but I am super frustrated with the dumb limitation of only having a single account for the app. I get why they do it, and I am willing to pay, but it is pricey and I don't know if that is my best option. I guess it is worth it since ProtonVPN is included. It looks like they are expanding their suite.

Is it worth it? Can I make it secure? Is it stupid to run it off a local computer on my home network?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 12 points 1 year ago (2 children)

Just take a look at https://docs.mailcow.email/

This runs from a small box with everything included. It gives you all the tools and config needed for running a secure and feature rich email service. Webmail, some sort of exchange emulation, webcalender on top of a solid postfix/dovecot install with rspamd as spam filter. Everything is configurable via a nice web UI.

After 15y running my own mail service and editing a lot of config files, I use this piece of free and open software and find it very good. All you need is a box somewhere in the internet. Running from a homelab will instantly fail, expect you have a static ip.

[–] [email protected] 3 points 1 year ago (1 children)

Been using mailcow too. Pretty solid setup. Gmail doesn't play nice with spam though even though SPF, dkim, and dmarc are properly setup. I ended up having to relay through sendgrid to ensure emails for delivered.

Still don't regret it though.

[–] [email protected] 2 points 1 year ago (1 children)

Maybe google blocks large IP-blocks of vps-hosters like digital-ocean then? I moved My mail-setup from a 15y old ip with best reputation to a new one on the vps-hoster that is listed as provider on the mailcow-site. I have no problems at all, I have DMARC reports enabled and all mails to gmail are passing.

The only provider that was blocking the ip was german telekom, t-online. I wrote a mail to the abuse/postmaster and with some asking for imprint on the webpage that the ip was pointing at, they whitelisted the ip in 24h.

mailcow has some sort of dns-settings agent that shows the dns-settings for every domain, rDNS and DKIM, DMARC, SPF and check these settings with the values reported by the DNS.

[–] [email protected] 1 points 1 year ago

I'm with ovh dedicated. I just gave up on trying to fix the issue.

I don't remember mailcow having a list of recommended hosters. I'll go check that out!

[–] [email protected] 1 points 1 year ago (1 children)

Neato! There seems to be a lot of solutions for running a mail server.

Yeah, I think it is time, I need to get familiar with Docker.

Yeah, I was clueless thinking I could run it from my home. Hah. I just wanted to avoid paying for a VPS. Which is silly because I buy too much crap all the the time and have multiple subscriptions.

This is actually valauable.

[–] [email protected] 2 points 1 year ago (1 children)

mailcow lists a small german vps hoster with a fair price and the right sizing. It's not a big hoster, gmail and microsoft are not blocking the ip-range and the ASN is not listed on any blacklist.

The support is quick and helpful, rDNS was a matter of minutes to set up. You don't need any deeper knowlegde of docker, since it is a one-time job to set the things up und get the stack running. The documentation of mailcow is very good.

You can run it from home, but you will need a forward host like sendgrid and maybe a backup mx. You can set a primary ip and a backup ip wich will get all the mails when the primary host is down. I guess, there a comercial or free backup-mx services out there. No problem. If you have a static ip for your homelab or at least a dynamic dns-name, it will work. Recieving is easy. But you will need a good forward-service for sending.

[–] [email protected] 2 points 1 year ago (1 children)

Needing an extra service to forward emails seems to defeat the purpose of having everything local. Everything I read about email, being clear-text and whatever, makes it so it is impossible to improve. Email is a dead end, so I probably don't actually want to get too involved with it the more I learn.

I mean, growing up I really thought the internet would become a way to connect directly to people, computer to computer interaction. Everything requires an intermediate service, making everything insecure and expensive. What a stupid future.

[–] [email protected] 1 points 1 year ago (1 children)

That's right. Also important, email is not a playground for experiments. Once it runs, you should not touch it anymore, except for updates. Otherwise, you will do harm to your own way of communicating. One error, and you will lose all your reputation and someone spams half of the internet with your domain as sender.

An when it runs, the only thing to improve is tuning the spam-filter for your instance. Implementing all the rules that you fight the other day, because otherwise your inbox explodes. So you have to do all the shady things and block ips, filter with blacklists and check every dns for all those extra entries, needed for delivering mail... You must become a part of the problem, spammers all behind every cracked wordpress and insecure vps out there.

[–] [email protected] 1 points 1 year ago

Damn, email seems to fragile. I am getting so many perspective, but the main thing that seems like such a gotcha is managing spam, which seems like such a headache.

No, I do not want to become part of the problem.