I give up.
I tried left and right to try to install an email server so I could degoogle my life.
But therechnical barrier is thick and Google keeps adding more to it. Forget it. I can’t even get thru the installation process much less trying to get my shit off Google.
I figure, I don’t actually have any need for my email addresses. Just like my phone number. I never call anyone. I’m going to discourage my kids from using email at all. I’ll remind everyone I know that I don’t use email at every opportunity I get just like I remind people to not call me and that my phone number is not available.
Between spammers and Google, I just don’t need this headache in my life. My mom is much less technically savvy than the average pet. So Google will just siphon her data and when the megabits are full then you just delete the old stuff.
You don’t need it. No one will spend their life reading your emails when you’re gone or watching your videos or listening to your recordings or viewing your photos. There’s no need to worry about just deleting the pile of shit you’ve accumulated. I’m this done.
Why people keep spreading this misinformation? It’s plainly not true and I am the living proof of that.
Been using my email self hosted (on VPs) for decades now, never had serious issues at all. And it’s all my family primary addresses
I don’t say it’s impossible. It’s just not worth it 90% of the people, especially for beginners.
Never said it’s for beginners. It’s not.
You must understand what you do and do it properly. IT’s not drop a container and run mindless. Regardless, you can do it if you take the proper precautions and have fun doing it.
I think the general gist is as beginner self hosters we get more and more comfortable too “easily spin up a docker webserver”
At some point we arrive at “what other services can i host” and email is a pretty obvious addition expecting it to at least not be more difficult then running nextcloud.
It may be doable but hell is it not a comparable challenge.
I fully agree …
Email server require to understand what and why you are doing. This is a steep step up from spinning docker containers.
Nothing against docker containers, I run quite a few myself… But indeed a successful email server is a different beast.
Many people also try self host it at home, and this is a serious issue with email due to the residential ip address as well.
But it can be done successfully and it’s a great feeling of accomplishment when you do it. And you learn way more than using containers
Also all containerized solutions for email require the understanding and additional steps like DNS done properly as well .
I worked for years on a large email infrastructure for a job and for me it’s absolutely not worth it either.
I would prefer to take a subscription on a reputable host.
Why?
Because even if I do everything perfectly at setup (TLS, SPF, DKIM, DMARC) that will still be precarious.
The security of SMTP is a patchwork of protocols added on top of it and a bunch of opaque reputation systems. If anything ever goes wrong with my email my domain’s reputation would fall. And that’s the thing, once your domain reputation goes too low, you can’t fix right away and say “my bad” and recover. Your mail will be silently blocked like Spam until a few days of sending perfectly clean emails. You need time to recover.
So mail self hosting is accepting that at any time if you make a slight mistake, your communications to other will be almost impossible for days. And again since a lot of it is reputation based you can’t fix the issue and recover immediately.
The business I was working for had everyday scenarios like that. A client that failed to update its DKIM and didn’t notice right away. When they do their reputation on for example Cisco’s platform is super low and we filter them as spam. And then it took days for them to recover even if they fixed the DKIM just one or two days after their mistake.
On the other hand I could take a protonmail subscription and use a domain that has so much volume and is tracked so carefully in term of reputation that I know my mails will be received and have all the necessary security done right.
These reputation systems are inherently difficult for small volume mail domains. There is no other users ln your domain so one mistake is all it takes to start having delivery issues and most importantly silent failed deliveries that you dont know about.
Is it possible? Yes. Is it necessary? Not really. If you can pay for a privacy respecting host…
Hence for me it’s not worth it because there are privacy respecting providers so it’s not like I absolutely have to self host it.
One wrong config entry, and you have an open relay and a domain that can never be used for SMTP again, yay.
Actually managing an email server properly is demanding, as it is one of the most attacked services. Of course, you can also take the easy route and just pray.
Sorry man, i understand your fears, but it’s not that difficult. Granted, you need to STUDY and UNDERSTAND what you do, it’s not just deploy a container and run. But hey, you can give up on learning new stuff and don’t run risks ever, in that case you should also stop driving a car, since it’s much more dangerous than running an open relay by error.
Also, use mailcow stalwart or any other already packaged solution if you want to be safe.
I used mailcow, got an open relay immediately. Stalwart seems to do things a bit better.
I host so many services and it is not that I don’t want to learn new stuff. The effort is simply too high for a single service. And since there are very good providers which fully encrypt your data, I went this route to keep my mind off this part of my system.
I fully understand your point, but the mailcow as open relay seems strange. Anyway, it’s a risk/cost tradeoff right? Everybody should do it’s own assessment and experimentation. But after the initial setup, it’s zero maintenance. The only maintenance i do is keep the stack regularly updated, and it broke twice in 20+ years (dovecot new config format, WTF…)
I had long discussions with some mailcow contributors and it turns out, that some default settings can lead to an open relay if you are not careful. The biggest problem is that they use postfix. Postfix is not bad itself, as it is probably the most battle tested mail server. The configuration of postfix is a different story. And even if I prefer battle tested GNU/BSD software, postfix would be one of the rare exceptions where I would be careful.
I had a postfix running for years without issues, when I self-hosted SimpleLogin, and I fully agree with you. Once it runs, you only need to make sure that the security is managed.
Because it works for you, doesn’t mean it’s easy. If you have the experience, and done it at least once successfully, it’s “easy”. Compared to the average self-hosted configure and run a docker image and reverse proxy it’s objectively harder to run.
The issue is not running the individual components or servers, but that there’s infrastructure and to some extent crypto involved, which is just outside of the comfort zone for many. You tried to host it like any other thing on your homelab? Nope. Has your VPS been involved in spam? Enjoy the blacklist you’ll never find out about and the debugging why it doesn’t work. No experience in managing your DNS? Have fun getting DMARC/DKIM/SPF to work.
Theres just way more stuff that needs to be done, and a lot of it will fail silently.
I fully agree with you: it’s NOT easy. And you must understand what you do. It’s not just deploy a container and run happy.
I might say this is the first serious step for a selfhoster, something that goes over and beyond just hosting a service for yourself and fun, since it federates (modern term fur how email works) with the outside world.
Are you scared of hosting email? don’t do it. You want to learn and improve your skills and you are happy with running the risks associated? go for it.
Anyway tools like stalwart and mailcow do provide full instructions for DKIM/DMARK and DNS records that you only need to follow, so today there are easier options than the “old days”.
Anyway you don’t have to do it on your primary email from day one, just use a test account/domain and see how it goes. Keep using your gmail account and spin it up on a secondary domain, if it works good… switch over in 6 months or 2 years as you are confortable. OTherwise, keep gmail and stop.
This is literally what you’ve called misinformation.
Again, not everyone is self-hosting only for learning and experimentation only. Making a deliberate call that mailing infra might be too hard might be too hard, have too big of a knowledge gap, or is simply not worth the effort is something I’d call more serious than hardlining on “self host everything or stay on gmail”, especially in the case of mailing, where it’s pretty much impossible to self-host on your own hardware / network.
Full instructions do not reduce any effort or resources involved or complexity of the problem. And the problem is that you’re suddenly moving from “I’m hosting a few services” to being balls deep in networking, dns, and a deceivingly easy protocol which blows up in complexity due to being federated and absolutely dominated by big providers at the same time, and all of the extensions for security.
Except for learning, self-hosting serves a purpose. You might want privacy, you might not want to be dependent on corpo infra or external services at all, you might want to host something that offers something more or better than a SaaS solution - but first of all, it needs to work. For mail, you gain none of those. Self-hosting on your own hardware (or rather network) is pretty much impossible, so you’re reliant on a hosting provider at least. There is basically zero difference in functionality between mailing servers or providers. Sure, you’ll run into problems when copy pasting instructions, but those problems will break the service. Fucking up your DNS or networking will break your whole server. At the same time, while failing silently it will costs a magnitude of effort more than most other usually self-hosted services.
Just because you can do it doesn’t mean it is feasible
It comes with a lot of downsides
Isn’t that the gist of selfhosting?
Yes you can do it, yes you can have it done for you by somebody else. The first is fun, and risky, the second is less fun and less risky. We are all here for the fun… and probably we all don’t care too much of the risks. But why shut down everybody who ask about email selfhosting with a don’t do it? Let them try, make errors and fix them, maybe they learn something new, maybe it works out for them
What is the worst that might come out of it? Some spam? A blacklist? Come on, you can survive both. Don’t use your primary email account as self hosted from the beginning maybe, to mitigate all those risks, no?