Is it useful to have your own mail server as a non-business? Just a private person. Configure SMTP and IMAP for it, sync with outlook I think.
Yay or nay, waste of time? What are your thoughts?
You must log in or register to comment.
No.
I would say absolutely not.
have been running my own mail server(s) since early 2000. If Hillary can, you can :)
but of course there are downsides as well, you need to expose services from the outside, you need to allow SNMP inbound, you need to deal with DNS and various mail security enhancements, deal with anti-spam and do mailware/virus scanning etc. on top of that you would need to consider some kind of “high” availability. if your server goes down = no emails…
for me its worth it, my exchange server have been running for the last 10 years or so, I publish both webmail and use the outlook and/or mail in my phone.
I have multiple domain (10+) and run my own DNS.
The only thing I can’t do is send emails… I have to rely on my ISP for outgoing emails, but that’s a good thing as generally my emails are not marked as spam as they comes from a trusted source.
Ask that question about anything, and ask these same questions about the same:
Do you want to learn? Do you have a reason to want to have understanding and control over it? Do you have the time, resources, energy and aptitude?
You’ve just answered your own question :)
Some people have a deep distain for the idea of self-hosted email, but there’s literally no good technical reason you can’t do it yourself. I think people react so strongly and insist it shouldn’t be self-hosted because they couldn’t hack it ;)
(yes, I’m poking them for fun)
Seriously, the only compelling reason they mention isn’t compelling: if you’re worried about deliverability, pay a reputable service for smarthosting through them. Problem solved, and you still get to 100% control your own filtering, logging, storage and access.
As a fun project, yes.
As an actual day2day email, no.
Unless u have actual redundancy with 24/7 uptime and static IP, it may caused missed emails. Even if u do, the price is a factor u may need to consider.
Missed emails? Don’t clients retry?
I selfhost everything I want except for email, just not worth it imo.
setting up email is easy, configuring it so you don’t get caught in spam filters, and you don’t get a ton is a full time job. I did it for awhile and just didn’t find it worthwhile any longer.
My first IT job was as mail admin.
I wouldn’t wish that shit on anybody.
same, hire a service, to deal with spam and spam list is hard.
i use proxmox mail gateway, i host both the gateway and mail server as vms on the same machine
Same, became quite skilled on exchange server, bad career path…
I remember that job and also building the server myself from scratch. Qmail, Squirrelmail, Dovecot and all that. It lasted about a year until we bought something as it was hell. Now days with IP reputation and spam filters - even if the server ran, you’d never get anything delivered outbound.
OP, the most I would do is an SMTP server that relays through Gmail for delivering alerts from monitoring systems. Anything else is pain.
Mailcow.email
Mailinabox
I finally built my own mail server because if something broke my alerts would sometimes hit the maximum limit for a non-business gmail account and not get delivered.
I learned a lot, but it is a pain in this day and age. I had to set up SPF and DMARC records to get it to deliver to gmail. I guess the next adventure is DKIM.
Assuming you’re using postfix as an MTA, it’s not too hard to get OpenDKIM up and running.
My mail admin experience is pretty dated these days, but I followed this guide back in the day and had it working.
Unfortunately I’m using Citadel, which doesn’t have a lot of awesome documentation.
Guess I get to learn some more.
That’s all we do for clients that need on-prem equipment to scan that don’t support integration with Gmail/outlook online. Spin up an SMTP relay for things like scanners, alerts, Databases, etc. and just run that straight into Google/Microsoft Mail servers.
Our latest migration was with MailEnable and going to Exchange online, which was a collosal mess.
I 2nd the 2nd paragraph
Everyone should at least give it a try, if only so your decision not to is well informed instead of following cargo cult advice.
100% on this suggestion.
i use to setup qmail to host a few domains, works really well, even mail blast is like really efficient. picked up a lot of fundamental about email, dns, ssl along the way.
just make sure you put a good filtering system before the email reaches your server. like mimecast, proofpoint, etc.
nowadays, you can further secure your access to pop3,imap on email server using service like cloudflare tunnel.
I’ve been hosting my own email server for 20 years. Not at home though, fuck trying to do it on a dynamic IP. Also fuck 123-reg for mangling my DKIM and making me think I was going mad.
Honestly, not everything needs to be a firsthand experience to know it’s not something I want to do. Hosting my own email is definitely something I’m good with living through others vicariously.
Email and DNS. I have self-hosted both and I have no regrets. What I ALSO have is zero desire to do so again in the future.
Nah, I can’t think of hardly any reasons why I’d want to, so many things to consider. Just not worth my time
Nope. Spam mail
I have the Proxmox mail filter in front of my Exchange. It works wonderfully well. No spam gets through.
I for myself can say yes.
It is much cheaper than a package on a ISP, where you pay monthly your Domain and most time have limited mailboxes.
Why should I pay 10 or more Euro for my ISP, getting randomly mailboxes without DNSSEC, DANE, DKIM and so in, when I can get all of this for monthly 5 Euro. Ok I pay actually arouns 8 Euro, but have a fully featured plesk, which is nameserver for my domains, yes I said DOMAINS. I have all actually security features working, all my domains are best rated by security checks, have automatic reputation check and prevention.
So why pay 10 or more for mid-class ISP mails or around 8 Euro for full featured own plesk, where I can host as much mails, subdomains and other.
Ok, I’m an IT person, but my configuration isn’t that complex and also I dont have to do time taking maintainance, because plesk is automatically updating most things.
This talk will probably be helpful in convincing you why it’s not worth it
I’ve run my own mailserver for about 20 years. I don’t know if I’d recommend others do the same, but I wouldn’t recommend against it either.
Once it’s up and running, it’s surprisingly low-friction. I have a VPS with a provider I trust, and it’s running nothing else. Other than keeping everything updated, it requires very little ongoing maintenance. Mostly making sure you keep up with dmarc, TLS, etc best practices before the big providers call them requirements, instead of after.
I think the real difficulty is starting fresh, greenfield. Not only can one misconfiguration ruin your day, but if it’s an issue that other providers notice, the smell hangs around for a long time. Most the big providers (gmail, microsoft, yahoo) will do absolutely nothing to work with you, so if they take a dislike to you - well you’re screwed. There’s no way to get in touch with them, no way to ask them to look again, etc. The juggernauts will usually give the impression they don’t actually have anyone working for them at all.
You’ll also learn a lot more about DNS. Whether you like it or not :)
Things that aren’t so fun … OS updates are always the terrifying one. My provider is really good about letting you spin up a new instance while keeping the old one around for a month so you can switchover when you’re ready. I use that for most things - but for my mailserver, I don’t want to because I don’t want a new IP. I like that it’s my ball and I can pick it up and go play somewhere else if I want, but the amount of reputation that the big providers pin to IP, makes this a lot more difficult than it sounds.
The other fun sticking point is monitoring. I get emails if my mailserver (or DNS) go down … but because my mailserver is down, I don’t receive them until it’s back. That’s not ideal, but I never seem to get around to doing anything about it. (because when it’s working, I want to leave it alone. When it’s not working, it’s too late.)
I think the main thing to keep in mind is that it’s difficult to “lab” outbound mail. There’s very little “just trying something”, very little experimentation, etc. Getting things wrong has too many long-term effects. You wanted to try a new MTA and now Google think you’re a spammer? Putting the old one back does not fix your reputation. Putting the old config back does not fix your reputation. Doesn’t matter how much you clean, that smell is going to take a long time to go away.
+1 to this.
I find in the IT field that people who run their own mailservers are significantly better engineers than those who do not.
What does a provider make trustworthy for you?
That’s a lot more difficult to put into words than I thought it’d be.
I think the big thing is that they’re not in the race to the bottom. Their customers choose them for their level of services, not because they were the cheapest host in a list. So spammers don’t want to use them because they’re not the cheapest, and they don’t want to host spammers because that ruins their value proposition to their regular customers.
What else … small enough that they’re not faceless. and I’m not nobody to them either. They’ve been at this at least as long as I have, so it doesn’t feel like they’re going to disappear tomorrow. And they’re fairly active with their community through a good old-fashioned mailing list. Which also helps to get to know them and what level they’re working on. It’s nice knowing that when I mail them, I don’t get through to an AI, or an L1 on a script, I’m gonna get Andy.
It’s a tough one though, because trust is earnt, not researched. But I do prioritise putting a mailserver on a provider that keeps a clean house - because you don’t want to find yourself getting blocked because your neighbours misbehave.
tl;dr; everything AWS ain’t.
That’s a nice writeup. Especially the mailing list part struck with me.
So which provider is it.
I’ve gone through a lot of providers in the last decade. Currently everything sits in the DC of my current employee, but I feel like a freeloader, which I am clearly am.
A provider that isn’t on the ball about managing outbound spam will quickly find their IPs (if not the whole prefix) blocked. If someone runs a spambot from a VPS, and then you get the recycled IPv4 address when the instance is removed, what’s to tell Microsoft you’re not also a spammer?
I’ve been an admin for a couple of different companies that sent statements to customers. Keeping our legit email systems off spam lists was a daily challenge.
I work for a cloud provider, and even if I wanted to, I could not check for outgoing spam, other than reacting to the NOC mails.
Most mail server use transport encryption, which I can absolutly not inspect.
I never said anything about monitoring outbound SMTP traffic.
The more realistic mitigations are e.g. periodic scanning for open relays, actually handling abuse email reports, RBL checking
I have an Exchange vm setup the last 3-4 years now. I use smtp2go for outgoing email. Works really well. I primarily use the system for alerts emails and mailing lists I use. If it breaks its an annoyance but nothing critical. I have a mail filter in front that all incoming mail goes through.