Homelab

I've run my own mailserver for about 20 years. I don't know if I'd recommend others do the same, but I wouldn't recommend against it either.

Once it's up and running, it's surprisingly low-friction. I have a VPS with a provider I trust, and it's running nothing else. Other than keeping everything updated, it requires very little ongoing maintenance. Mostly making sure you keep up with dmarc, TLS, etc best practices before the big providers call them requirements, instead of after.

I think the real difficulty is starting fresh, greenfield. Not only can one misconfiguration ruin your day, but if it's an issue that other providers notice, the smell hangs around for a long time. Most the big providers (gmail, microsoft, yahoo) will do absolutely nothing to work with you, so if they take a dislike to you - well you're screwed. There's no way to get in touch with them, no way to ask them to look again, etc. The juggernauts will usually give the impression they don't actually have anyone working for them at all.

You'll also learn a lot more about DNS. Whether you like it or not :)

Things that aren't so fun .. OS updates are always the terrifying one. My provider is really good about letting you spin up a new instance while keeping the old one around for a month so you can switchover when you're ready. I use that for most things - but for my mailserver, I don't want to because I don't want a new IP. I like that it's my ball and I can pick it up and go play somewhere else if I want, but the amount of reputation that the big providers pin to IP, makes this a lot more difficult than it sounds.

The other fun sticking point is monitoring. I get emails if my mailserver (or DNS) go down .. but because my mailserver is down, I don't receive them until it's back. That's not ideal, but I never seem to get around to doing anything about it. (because when it's working, I want to leave it alone. When it's not working, it's too late.)

I think the main thing to keep in mind is that it's difficult to "lab" outbound mail. There's very little "just trying something", very little experimentation, etc. Getting things wrong has too many long-term effects. You wanted to try a new MTA and now Google think you're a spammer? Putting the old one back does not fix your reputation. Putting the old config back does not fix your reputation. Doesn't matter how much you clean, that smell is going to take a long time to go away.

Depends. I have my private mail system working and for the most part it works fine. However, its indeed a bitch to deal with blacklists and ISP policies. Took me two years to convince the ISP to give me a business line with two IP addresses and no port filtering. The mail system has to be configured correctly.

Knowing I have full control over everything is great, but its not for everybody.

Been hosting my own email for over 20yrs. Get a vps at some reputable hoster, and make this a dedicated mailserver. Be sure to setup all dns records that are required, and rollout antispam measures.

You can easily host for receiving mail, but don't bother for sending. Most email services will simply mark your email as spam.

I have been an email administrator and I run my own, personal email server for about the last 4 years. I've administrated Microsoft Exchange, on-premise and online and GNU/Linux Postfix/Dovecot/SoGo. I prefer the open source email offerings to the M$ stuff.

As others have mentioned, email is something that you would probably want hosted in a cloud somewhere and definitely NOT running locally at home (most ISPs block port 25 anyways so, running a email server at home is a crazy challenge). A free-tier cloud somewhere should be enough to get you started with an open source email server. The two cloud services that I use block port 25. I had to open a ticket with their support to open port 25. But, once that port is open, you can have a full fledged email server.

Check out https://www.iredmail.org/. It's open source, easy to get started, rock-solid, secure, and they have tech support via their web forum. ( I say 'they', but it's literally like one dude). This is what I use for my personal email server. I have custom IPS and Geo-IP filters for security. It's been running issue free for the past 3 1/2 years. I've never missed an email lol.

Use https://mxtoolbox.com/SuperTool.aspx for troubleshooting delivery issues. And, to learn all about the different DNS records a healthy email server needs.

Running an email server is challenging, but it's not something to be afraid of. It is labor intensive, requires active administration and not something that you would want to simply "set and forget". But, with the right administration, running your own email server can be very rewarding.

Doing it for the experience and lab of it? Sure.

Doing it to actually use, fuck no. Email is the most vulnerable part of any org. You need to have a proper spam filter, dmz, web domain, several DNS records, certificates etc in order for mail to even flow in and out. It'll just be a headache and there are so many free options.

If you want your own special email domain, get suite for 1 person at 12 bucks a month and have it all just work.

Nay, emphatically. Out of the box, a new SMTP server is treated by peers as yet another spam delivery vehicle. You have to prove to the world you're not a fly-by-night spammer. There are certain things you have to do with your domain's MX record, as well as in terms of SMTP server configuration. Oh, and if you're ever caught with an open relay on port 25, that will get you blacklisted instantaneously...

There are a lot of things that are fun to lab. Email is not one of them, seriously— leave this to a cloud provider.

The day Exchange stopped being one of the things I had to manage was a good day indeed 😅

I keep seeing these posts and have a question, is it possible to host an internal only email so I can get notifications from pfsense or truenas scale?

https://youtu.be/eHxVvqzEtmc?si=BU6TYxt3cxl9yxdW

It's like this

Everything looks good, and wonderful but there's always a surprise waiting for your.

Coming from an exchange engineer with over 11+years experience

Honestly it's fun and all but I wouldn't recommend for anything work related. If I were to run a mail server at home I'd make sure I get a mail gateway you can proxy your mail through that manages blacklists and reputation.

Unless there's a strong academic reason, it's probably more work than it's worth for the average person. It becomes a vector for attack, and there's external infrastructure that has to be maintained as well (DNS, SPF, DKIM, etc)

I'm running my own mailserver on a VPS for about 4 years. I'm using https://mailinabox.email/ It's a one command installer that installs everything you need for a mailserver to run, including roundcube webmail, nextcloud, DNS server, static html page hosting, and it runs on low resources, I'm using a very cheap VPS server with 1 core and 1GB RAM, I pay 3.79 euros monthly for VPS and it's been running great.

Isn't this question asked on this forum every few months? It's easily searchable.

Waste of time, massive headache, constant security threat. Set a relay up for outbound so you can get consolidated root mails and system alerts. But skip the inbound and let Apple/Google/someone else manage the threat surface.

I once set one up on a raspberry pi. It was compromised in about 5 minutes.

I heard that it is a thing you most likely do not want to have set up

waste of time IMO. Most messages will not make it through spam filters because of a bunch of reasons. Just writing your friends would be pointless.

I set one up for a while and it was a royal PITA! I have since switched to a managed email account using my own domain. So much less trouble. It's just not worth it in my opinion.

Worst idea ever. Just pay somebody $10 a month to host your domain and let them suffer lmao

If you want to do it for fun and learning, ok I guess.

But nobody really does it anymore.

For actual mail that I would use, just go with a mainstream provider.

If you want to actually learn real-world skills, get yourself your own 365 tenant with a single license. Well worth the spend (or free if you can get a partner license).

Absolutely not. It's notoriously hard.

Ask that question about anything, and ask these same questions about the same:

Do you want to learn? Do you have a reason to want to have understanding and control over it? Do you have the time, resources, energy and aptitude?

You've just answered your own question :)

Some people have a deep distain for the idea of self-hosted email, but there's literally no good technical reason you can't do it yourself. I think people react so strongly and insist it shouldn't be self-hosted because they couldn't hack it ;)

(yes, I'm poking them for fun)

Seriously, the only compelling reason they mention isn't compelling: if you're worried about deliverability, pay a reputable service for smarthosting through them. Problem solved, and you still get to 100% control your own filtering, logging, storage and access.

lol everything we do on this sub is mostly a waste of time...

I would recommend to setup your own email server, or should we just all give up, like we gave up to Cloud providers?

There was an XKCD about this years ago. Basically, the answer was 'no.'

If you work in IT or similar these concepts may become important, and that makes the effort worth it to me. Otherwise, I agree with the other commenters.

Here's an entertaining lecture that summarizes how terrible modern email is.

Don't do it, fam.

But if you insist...

• https://www.linode.com/docs/guides/email-with-postfix-dovecot-and-mysql/
• https://github.com/LukeSmithxyz/emailwiz

Outlook.com gets all the features of 365 for free.

Setting it up is easy. Getting the major providers like gmail to not flag your stuff as spam, that’s the real challenge

Cool to know you can do it, not cool to maintain one all the time.

Even I've moved mail to the cloud these days.

No, it won't give you any good work experience. Everyone uses Office 365 or Gsuite these days, and most of the orgs still using on-prem Exchange are trying to switch.

See docker-mailserver which is a full fledged email solution including spam assassin and anti virus. I use it for my business emails. Works perfectly

I for myself can say yes.

It is much cheaper than a package on a ISP, where you pay monthly your Domain and most time have limited mailboxes.

Why should I pay 10 or more Euro for my ISP, getting randomly mailboxes without DNSSEC, DANE, DKIM and so in, when I can get all of this for monthly 5 Euro. Ok I pay actually arouns 8 Euro, but have a fully featured plesk, which is nameserver for my domains, yes I said DOMAINS. I have all actually security features working, all my domains are best rated by security checks, have automatic reputation check and prevention.

So why pay 10 or more for mid-class ISP mails or around 8 Euro for full featured own plesk, where I can host as much mails, subdomains and other.

Ok, I'm an IT person, but my configuration isn't that complex and also I dont have to do time taking maintainance, because plesk is automatically updating most things.

I do. But the domain I use it for is occasional sending. If it was for my job/business probably not.

I do not notice any delivery problems though. What you will need aside from DKIM/SPF, is a static IP and the ability to create reverse dns records.

I have Comcast business and I was surprised they did the reverse dns for me, but it has been working great. I get 10/10 on mail-tester.com.