All this new excitement with Lemmy and federation has got me thinking that maybe I should learn to run my own instance. What always comes up though is how email is the orginal federated technology.

I am looking at proxmox and see that is has a built in email server, so now I am wondering if it is time to role my own.

I stopped using gmail a long time ago, and right now I use ProtonMail, but I am super frustrated with the dumb limitation of only having a single account for the app. I get why they do it, and I am willing to pay, but it is pricey and I don’t know if that is my best option. I guess it is worth it since ProtonVPN is included. It looks like they are expanding their suite.

Is it worth it? Can I make it secure? Is it stupid to run it off a local computer on my home network?

  • Thoms@red.cyberhase.de
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    Just take a look at https://docs.mailcow.email/

    This runs from a small box with everything included. It gives you all the tools and config needed for running a secure and feature rich email service. Webmail, some sort of exchange emulation, webcalender on top of a solid postfix/dovecot install with rspamd as spam filter. Everything is configurable via a nice web UI.

    After 15y running my own mail service and editing a lot of config files, I use this piece of free and open software and find it very good. All you need is a box somewhere in the internet. Running from a homelab will instantly fail, expect you have a static ip.

    • SmugBedBug@lemmy.iswhereits.at
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Been using mailcow too. Pretty solid setup. Gmail doesn’t play nice with spam though even though SPF, dkim, and dmarc are properly setup. I ended up having to relay through sendgrid to ensure emails for delivered.

      Still don’t regret it though.

      • Thoms@red.cyberhase.de
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Maybe google blocks large IP-blocks of vps-hosters like digital-ocean then? I moved My mail-setup from a 15y old ip with best reputation to a new one on the vps-hoster that is listed as provider on the mailcow-site. I have no problems at all, I have DMARC reports enabled and all mails to gmail are passing.

        The only provider that was blocking the ip was german telekom, t-online. I wrote a mail to the abuse/postmaster and with some asking for imprint on the webpage that the ip was pointing at, they whitelisted the ip in 24h.

        mailcow has some sort of dns-settings agent that shows the dns-settings for every domain, rDNS and DKIM, DMARC, SPF and check these settings with the values reported by the DNS.

        • SmugBedBug@lemmy.iswhereits.at
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I’m with ovh dedicated. I just gave up on trying to fix the issue.

          I don’t remember mailcow having a list of recommended hosters. I’ll go check that out!

    • DidacticDumbass@lemmy.oneOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Neato! There seems to be a lot of solutions for running a mail server.

      Yeah, I think it is time, I need to get familiar with Docker.

      Yeah, I was clueless thinking I could run it from my home. Hah. I just wanted to avoid paying for a VPS. Which is silly because I buy too much crap all the the time and have multiple subscriptions.

      This is actually valauable.

      • Thoms@red.cyberhase.de
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        mailcow lists a small german vps hoster with a fair price and the right sizing. It’s not a big hoster, gmail and microsoft are not blocking the ip-range and the ASN is not listed on any blacklist.

        The support is quick and helpful, rDNS was a matter of minutes to set up. You don’t need any deeper knowlegde of docker, since it is a one-time job to set the things up und get the stack running. The documentation of mailcow is very good.

        You can run it from home, but you will need a forward host like sendgrid and maybe a backup mx. You can set a primary ip and a backup ip wich will get all the mails when the primary host is down. I guess, there a comercial or free backup-mx services out there. No problem. If you have a static ip for your homelab or at least a dynamic dns-name, it will work. Recieving is easy. But you will need a good forward-service for sending.

        • DidacticDumbass@lemmy.oneOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Needing an extra service to forward emails seems to defeat the purpose of having everything local. Everything I read about email, being clear-text and whatever, makes it so it is impossible to improve. Email is a dead end, so I probably don’t actually want to get too involved with it the more I learn.

          I mean, growing up I really thought the internet would become a way to connect directly to people, computer to computer interaction. Everything requires an intermediate service, making everything insecure and expensive. What a stupid future.

          • Thoms@red.cyberhase.de
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            That’s right. Also important, email is not a playground for experiments. Once it runs, you should not touch it anymore, except for updates. Otherwise, you will do harm to your own way of communicating. One error, and you will lose all your reputation and someone spams half of the internet with your domain as sender.

            An when it runs, the only thing to improve is tuning the spam-filter for your instance. Implementing all the rules that you fight the other day, because otherwise your inbox explodes. So you have to do all the shady things and block ips, filter with blacklists and check every dns for all those extra entries, needed for delivering mail… You must become a part of the problem, spammers all behind every cracked wordpress and insecure vps out there.