[HN Gopher] Mail-in-a-Box: a mail server in a box
___________________________________________________________________
Mail-in-a-Box: a mail server in a box
Author : tambourine_man
Score : 145 points
Date : 2023-11-24 17:58 UTC (5 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| dmitrygr wrote:
| Uh huh. And what percent of the mail you send will be silently
| dropped by gmail (not even spam folder)? Sadly that game is lost.
| compilator1 wrote:
| None, if apropriate relays used. Mailchannels or mail.baby for
| example. The game is never lost if there is active gamers.
| beeboobaa wrote:
| So you go through the effort of setting up your own mail
| server only to send all your outgoing email through a third
| party? Why even bother at that point?
| SoftTalker wrote:
| There's value in running your own inbound server. Some of
| the big services will silently drop "spam" into the
| bitbucket. It's just gone. I've had this happen on
| Microsoft 365 accounts.
|
| By running your own server you can deal with spam as you
| see fit. I get very little so I deal with it using the
| "delete" function in my MUA.
| kevincox wrote:
| Personally I do it because most of the services I tried
| were dropping mail that I cared about. No amount of
| "whitelisting" with their provided tools would prevent
| this. Almost all big inbox providers perform a very early
| filtering step before even considering user rules and
| filters.
|
| But I don't want to bother with outbound reputation so I
| still use relays to send messages.
| ttul wrote:
| You can use MailChannels for free via Cloudflare and there
| are no volume limits.
| danbtl wrote:
| The game is certainly not lost. There are many of us running
| their own mail servers. Gmail will accept mail from your domain
| if you don't send spam.
|
| You should try it.
| dmitrygr wrote:
| I have. that is why i say the game is lost.
| zoky wrote:
| Then either you didn't configure your server correctly or
| you were trying to run a server on an IP address that's
| part of a blacklisted netblock (e.g. residential).
|
| I've had a mail server in colo for over a decade, and I
| even recently had to change IP addresses on that server,
| and I've had zero deliverability issues. Set up SPF, DKIM,
| and reverse DNS, and obviously don't do anything stupid
| like send spam or leave an open relay, and you should be
| fine.
| drdaeman wrote:
| > Then either you didn't configure your server correctly
| or you were trying to run a server on an IP address
| that's part of a blacklisted netblock (e.g. residential).
|
| This is frequently the case but not always. Sometimes you
| don't have any server issues, and originating IP is
| totally fine, but your messages are 250-accepted then
| somehow just disappear into the void without reaching the
| recipient mailbox (not even the "spam" folder).
|
| Fortunately, it's rare (in my experience), but super
| annoying when this happens, because with FAANGs there's
| absolutely no way to reach out for any technical support
| (unless you know someone who works there and they can
| help you).
| dmitrygr wrote:
| This is what killed me.
| jeroenhd wrote:
| Gmail generally works fine. Outlook works too most of the
| time.
|
| "Outlook Enterprise" is a mess that refuses email for no good
| reason. Sometimes it's because Microsoft's DNS resolvers are
| broken (and can't validate SPF/DKIM), sometimes it's because
| the mail server rewrites message headers and then tries to
| validate the signature (which fails, obviously).
| drdaeman wrote:
| Set up an embassy. Register your domain for Outlook, but
| don't really update the DNS (just add Outlook to SPF and
| DKIM to pass the validation, but don't change the MX). Then
| tell your MTA to send through Outlook servers when the
| destination is there (detecting this is a bit tricky),
| otherwise route normally.
|
| I haven't really implemented this in production, but it
| worked for me one time as a proof-of-concept when I had an
| issue with disappearing mail - my message went through that
| time. Later it worked without any tricks, so I haven't
| bothered.
| gwbrooks wrote:
| This sounds amazing. Know of any walkthroughs online?
| brirec wrote:
| Maybe your domain isn't on blocklists, but what about your
| IP?
|
| Assuming you don't send spam, the question of whether or not
| your IP is on blocklists is primarily a function of both how
| long you've had your IP address, and how well-behaved its
| neighboring IPs are.
|
| For example I just tried checking[^1] the public IPv4 address
| of a VPS I've been managing for about a year. It's never sent
| or received _any_ email for at least as long as I've been
| using it, but it's showing up on two blocklists![^2]
|
| Surprisingly, my home IP address (which is a dynamic IP, in a
| pool of other residential IPs) is only on two blocklists[^3]
| as well. I would have expected more, because in my experience
| IPs known to be residential are almost always blocklisted,
| just as a matter of fact!
|
| Of course this doesn't check the main blocklists used by
| Microsoft and Gmail. I'd expect my home IP to be on those
| (because I'd expect the entire pool to be), but _maybe_ my
| VPS might not be!
|
| Anyway, the point I'm trying to make is that whether or not
| the battle has been "lost," it's definitely stacked against
| anyone who doesn't start out with essentially a known-good,
| static IP address that you can control the reverse DNS record
| for.
|
| You could do absolutely everything else right, but if you
| can't get ahold of an IP address from a reputable provider
| that isn't known for spammers using their service, you'll
| _probably_ have a lot of trouble with delivery of outbound
| mail. And that's not a battle that I want to fight right
| now...
|
| [^1]: https://whatismyipaddress.com/blacklist-check
|
| [^2]: spam.dnsbl.sorbs.net and dnsbl-3.uceprotect.net.
|
| [^3]: dnsbl.sorbs.net and dul.dnsbl.sorbs.net
| KomoD wrote:
| Yeah... this tends to be the issue. Also, I wouldn't even
| bother trying to get removed from the UCEProtect
| blacklists, it's literally just extortion. (luckily I use a
| small hosting provider so they're not even on the
| UCEProtect lists)
| johnklos wrote:
| You're naively ignoring the simplest solution: smarthost
| through a provider with a good reputation.
|
| You still get to control your incoming email, your
| filtering, you get logs of everything, you control your
| email at rest, and you'll still get good logs for outgoing,
| but deliverability simply is no longer an issue.
|
| So, what other objections do you have for email self-
| hosters?
| askiiart wrote:
| The game is far from lost. You need to be able to set PTR,
| which you can do by sending from a cheap VPS, otherwise
| basically everything will block you as spam. Other than that,
| it's not too exclusive, for lack of a better word.
| kiney wrote:
| I been running my own mailserver for ~two decades. Never had
| much deliverability problems and none at all with google.
| Outlook sometimes is a problem but I always got it fixed.
|
| Nowadays I user docker-mailserver which is a bit more low level
| than mail in a box but much easier to setup than everything
| from scratch
| asmor wrote:
| Is that two decades on the same IP space?
| KronisLV wrote:
| > Nowadays I user docker-mailserver which is a bit more low
| level than mail in a box but much easier to setup than
| everything from scratch
|
| Can second that this is some wonderful software, easy to get
| started with, nicely documented and works without any
| significant issues: https://docker-
| mailserver.github.io/docker-mailserver/latest...
| sgt wrote:
| Fearmongering.. I have been running my own mail server since
| 1999. No deliverability issues that I can recall.
| dvko wrote:
| Have been running Mailinabox since 2018 on a EUR5 VPS. 0 issues
| with email deliverability. Or anything really. It just works.
| cherryteastain wrote:
| I recently set up my mail server using docker-mailserver and I
| can send stuff to gmail and outlook no problem. Just have to
| follow instructions and set up DKIM, SPF and PTR records
| properly.
| ajosh wrote:
| FWIW, I use MIAB and my e-mails aren't dropped regularly from
| what I can tell. Before this, I was using a mix of CPanel and
| gmail but for a variety of reasons, I wanted to take greater
| control of my e-mail.
|
| I signed up with a small VPS/hosting provider that offered a
| decent amount of storage space with their VMs. I don't send
| spam and have maintained the domain name for a lot of years. I
| checked the IP for blacklists before migrating the domain to
| it. I may have had to e-mail one blacklist provider about being
| removed but if I did, I don't remember it.
|
| Since MIAB sets up DKIM and SPF, your deliverability is pretty
| good out of the box. I don't send spam and so I think the IP's
| reputation has been getting better and better over the last few
| years. The truth is that for personal e-mail, the majority of
| messages are inbound and that's really not a problem.
| upofadown wrote:
| Yes, sure, Gmail sucks. There is no sense in losing a lot of
| sleep over it.
| llamaInSouth wrote:
| goal: "Not make a totally unhackable, NSA-proof server."
|
| who in their right mind would say something like this?
| leshokunin wrote:
| Someone who understands they can't make a small email server
| project that can resist a state-scale adversary,and won't
| bother with people arguing for that level of privacy.
| NBJack wrote:
| Somebody being honest? Would you prefer they lie and say the
| opposite? Or just let the target audience assume otherwise?
|
| Most folks I've seen do this put such a statement (in the
| postive) under "non-goals".
| llamaInSouth wrote:
| everyone already knows this though.... Ive never seen any
| software with zero bugs... maybe he is trying to bring
| awareness to the fact that programmers suck
| mcosta wrote:
| I guess this kind of projects attracts some paranoid "nsa
| is spying me" kind.
| ajosh wrote:
| If my memory serves the project started around the time of a
| popular blog post called NSA-Proof Your E-mail[1]. It may have
| been Josh's inspiration for the project, I'm not sure. In any
| event, the techniques described are pretty standard mail
| hosting and so MAIB's techniques are pretty much the same. I
| think it's just saying that while it does improve some things,
| it's not going to be what that blog post promised.
|
| [1] https://medium.com/@cyberpunk_networks/nsa-proof-your-
| email-...
| johnklos wrote:
| Any reasonable person might.
|
| It's more secure, generally, than Google, or Microsoft, or
| Yahoo, if you know what you're doing, for all of not having the
| possibility of getting locked out of your own email for no
| discernible reason and with no real recourse, for not allowing
| intrusion through other mechanisms of their massive
| infrastructure, or for not allowing access to your email at
| rest. Also, many large cloud providers _still_ have issues
| where one customer can masquerade as another. They don 't
| learn.
|
| Since there's no way to ever know with any certainty whether
| employees at any large provider is looking at your email (we
| already know they're scanning it), then you can never have any
| certainty at all about how private it is. If you set up an
| email server that uses SSL / TLS for SMTP delivery and
| reception, then you'll have logs showing whether email you sent
| or received communicated with the sender's / recipient's email
| server directly, using encryption, without anyone in the middle
| being able to intercept.
|
| We can't control the fact that if the NSA really wanted, they
| could likely make a certificate for any domain that appears
| legitimate to our servers and do a MITM. Therefore, while I'd
| assert that my servers are much, much more secure than
| Google's, I'd never be so naive to say it's "NSA-proof" because
| of limitations of the Internet that don't necessarily apply to
| the NSA.
| abdullahkhalids wrote:
| I have been running mailinabox with a hetzner server for 2-3
| years now.
|
| - Setup was largely painless. Main problem was making sure dns
| settings at my domain registrar were correct.
|
| - Almost zero problems with mail delivery on the big providers
| [1]. Last time my email was dropped was by amd.com.
|
| - Last year had to do a major version upgrade to mailinabox and
| it was a huge hassle. I think they need to improve on this.
| Rolling updates are painless.
|
| Here is my advice to people who are on the threshold of wanting
| to host their own email, but are unsure because of mail delivery
| issues. Well, there are zero problems with incoming mail. So
| setup mailinabox and use that email to register for websites [2].
| Use it for all your mailing lists etc.
|
| Do it for a few years and see how it feels. Occasionally send out
| email. If enough people do it, then over time it will become
| easier for more people to host their own email.
|
| [1] I have a theory that I deployed. I asked a whole bunch of
| people with gmail/hotmail email addresses to send me emails first
| on my new email. I then replied to them. I think this ensured
| that from that start I was put on the good lists.
|
| [2] Use websitename@yourdomain.come to register. Easy to block
| spam this way.
| asmor wrote:
| I've done MiaB from 2015-2017, and I've always had
| deliverability issues from Digital Ocean. Microsoft is
| particularly nasty, and Gmail kept marking me as spam silently
| instead of rejecting mail.
|
| I've decided to just move on and pay Fastmail. Email isn't
| private anyway.
| dingdingdang wrote:
| Same, ran very (technically speaking) clean MiAB setup for
| local business and after 2 years we had to drop it due to
| delivery issues with MS business accounts. Invoices missed,
| etc. - a royal pain in the arse. Only a full migration to
| gmail biz domain fixed things fully. Email. Yikes.
| Arnavion wrote:
| >Last time my email was dropped was by amd.com.
|
| They have something weird going on. I had to make an account
| with them to redeem a game key, and they wouldn't deliver the
| account verification email to my custom domain hosted by
| Fastmail. I used a gmail address and the email came instantly.
| Then out of the blue 24h later the emails to my custom domain
| were delivered (by which time the verification codes had all
| expired, of course).
|
| I saw a bunch of discussion where other people reported the
| same thing like
| https://old.reddit.com/r/AMDHelp/comments/yr9tqq/amd_rewards...
| - they got emails instantly when they switched to gmail but
| other domains didn't work.
| oynqr wrote:
| Maybe it's being greylisted and their server doesn't retry
| soon enough?
| gunapologist99 wrote:
| > - Last year had to do a major version upgrade to mailinabox
| and it was a huge hassle. I think they need to improve on this.
| Rolling updates are painless.
|
| Ran into this too, multiple times. Just not worth it if it
| breaks the underlying OS.
| ajosh wrote:
| My experience has been that MAIB version updates are usually
| very smooth. Regular OS update (apt update/apt install) are
| smooth. The big problem is that the recommended path is to
| install on a fresh system when moving between OS versions. In
| the most recent release that required that, I actually did an
| in-place upgrade of the OS by running do-release-upgrade twice
| and leaving the config files as-is. I followed some steps that
| were posted on the forum. I ran into one or two minor issues
| but they were the sorts of things I'd expect to see running an
| "unsupported" upgrade. Other than the OS updates which just
| take time to download and install, the total work doing it this
| unofficial way was maybe a couple of hours. That's necessary
| every 2-3 years, I think?
|
| I do have a few things that I've customized. Updates to MIAB
| will overwrite them if they're involved in the services it
| provides. Recently NextCloud updates have been better about
| removing all of your plugins. The only problem I ever had with
| it during an update was when the SQLite DB got corrupt. That
| basically made it so you had to reset NextCloud.
| abdullahkhalids wrote:
| It's not the hours of work that is problematic (though that
| should go away too). It is the stress of somehow losing my
| mail. Of course I have backups, but still I would rather not
| deal with the hassle of recovering from them.
|
| I really wish, we were in a place where such software were
| designed for NixOS.
| jimmaswell wrote:
| It was flat out impossible for me to get Outlook to accept my
| mail server. They'd only give me some vague response with no
| actionable steps to resolve it. I gave up and used a gmail
| account to route everything outgoing. That way mail still shows
| up as from:jimm@jimm.horse but rides on Google's reputation.
| Defeats the purpose a little but there's nothing more I can do
| (apparently unless I buy my own non residential ISP line, host
| the server in my house, and build reputatiom forever, but
| that's an absurd length to have to go through. ideally we'd
| have antitrust legislation forcing MS et al to be fair towards
| smaller email and save the open internet overall, but I'm not
| holding my breath.).
|
| https://news.ycombinator.com/item?id=35691618
| AussieWog93 wrote:
| Damn, that's a cool URL.
|
| Had no idea that Bronies were still a thing, or that hardcore
| about it.
| fuomag9 wrote:
| AWS ses is basically free (literal cents) if you send <1000
| emails per month if you want an alternative (this is what
| I've been using for 2+ years)
| jimmaswell wrote:
| Thanks, I'm pretty happy with my setup though. I use my
| server for lots of other stuff at the same time as email.
| Grimburger wrote:
| I've never in years ever been allowed out of their sandbox
| which restricts it to verified addresses.
|
| This doesn't seem to be uncommon.
| graypegg wrote:
| Your [2] note about using website names in emails is an awesome
| but underrated benefit. I've been doing that with hey.com email
| at the moment. (Using a custom domain, any address that doesn't
| have an inbox goes into the "catch all" box. I can upgrade an
| address to a real one by setting up a free alias address which
| is pretty simple in their UI.)
|
| I've only caught one sold email being used for spam so far
| (sketchy wristwatch store that wanted an email to unlock some
| discount I never used) but really happy I'll know about the
| next one.
| gwbrooks wrote:
| Used MIAB for years -- one install, about 20 domains, most low
| volume but 1-2 sending tens of thousands of emails a month. Some
| notes:
|
| * Every thread that mentions hosting your own email brings out
| the it's-pointless-do-do-your-own-mail zealots; ignore them. If
| you're interested in trying it, try it.
|
| * The only deliverability issues I ever had were with ATT
| networks because they don't use modern TLS; that was fixable.
| Mail to Google? Goes through, doesn't go into spam. Mail to
| Microsoft? Ditto. And this is on a _Digital Ocean VM,_ which isn
| 't the most reputable IP pool in the world.
|
| * MIAB will happily be your full-fledged authoritative DNS
| server. Although I've since migrated to separating DNS from mail
| hosting, it was _very_ convenient for a long time.
|
| * Setup is dirt simple. And you get MTA-STS as well as
| DANE/DNSSEC right out of the box.
|
| * The backup function worked without issue the one time I needed
| it. I'm sufficiently paranoid that I also do regular snapshots of
| the whole VM.
|
| * There's a fork, Power Mail In A Box, that updates the UI, adds
| the ability to plug in relayhost settings, and does a few other
| nice things. It hasn't been updated in about a year, but was
| similarly solid.
|
| My only quibble with MIAB, and the reason I migrated to Mailcow
| recently, is that I wanted to easily set up per-domain relay
| settings from the UI.
| brightball wrote:
| To echo this, IP reputations update every few months. You may
| just need to buy and hold to clean it up.
| eurekin wrote:
| I'm on the fence. I wanted to do a super simple app hosting
| service on the Odroid SBC. I have few services running, but two
| of them: Authelia and Gitea need smtp for some actually valid
| reason.
|
| Would you recommend hosting for that use case?
| gwbrooks wrote:
| If all I needed was SMTP? I'd likely just use Amazon SES or
| Mailgun.
|
| I know some folks have concerns with the privacy of that(1),
| and really want to run their own SMTP. If that's the case,
| Mail In A Box can do the job, or you can go with a pure SMTP
| solution like https://github.com/ix-ai/smtp (not endorsing it
| -- it's just been on my radar) or a roll-your-own
| Postfix/Exim solution. The latter requires almost zero
| resources after it's set up; slap it on a $20/year VM and
| you're done.
|
| 1. Chasing privacy with email is a chimera. If you really
| want private communications, email is not the tool.
| bugsmith wrote:
| Amazon SES is great, because you pay per email and the rate
| is incredibly cheap. Mailgun is very expensive though, and
| the problem is they have a very limited free tier, and then
| you must jump up to a $35/year package that gives 50,000
| emails - this is simply far too much for many projects
| early on in their rollout.
|
| I prefer something like Brevo, which has smaller jumps per
| tier or even something like MXRoute for $49 per year (limit
| of 300 emails/hour)
|
| Edit: Completely forgot about ZeptoMail by Zoho -
| incredibly good value service.
| eurekin wrote:
| Oh, that's only for "fun". Playing with quick deployment of
| throwaway apps. No real privacy expectation. Of course it
| would be nice to learn along the way
| 3np wrote:
| Sounds like MIB is overkill and way more than you need.
| I'd still suggest setting up a dedicated self-hosted
| postfix for your services yourself. Start with local-only
| delivery. Then you can set it up to forward using
| external services (or indeed MIB or something similar if
| you end up self-hosting email on top of that) should you
| want to and you consolidate future changes of automated
| external mail delivery to a single point.
| zaps wrote:
| A gift real special / so take off the top / Take a look inside /
| it's my mail in a box
| dingdingdang wrote:
| Ah, Lonely Island ... been years since anything that
| good/hilarious came out!
| forwardemail wrote:
| Included in our comparison list here
| https://forwardemail.net/en/open-source/linux-email-server#e...
| codetrotter wrote:
| I think having "encrypted SQLite" as a column is a bit too
| specific, and biased to favor your own product in the
| comparison. I think a more fair column would be "encrypted at
| rest" - even if it comes out that your own solution is the only
| one that ends up with a green check mark.
| forwardemail wrote:
| We also thought of renaming it to "Mailboxes Encrypted
| Individually". We really wanted to make it clear that each
| individual mailbox is encrypted. Any other suggestions?
| robertlagrant wrote:
| Why does that matter? As in if I as a user have three
| mailboxes, they're encrypted individually? Or each customer
| has their mail encrypted separately to other customers? I
| think the latter is worth mentioning more than the former
| (though if you're doing the former you're of course doing
| the latter also).
| forwardemail wrote:
| Correct, the former. There are no other open-source email
| servers (or closed even) that does the former that we
| know of. The deep-dive write-up is here if you want to
| read more https://forwardemail.net/encrypted-email.
|
| Edit: It matters because if someone has access to the
| filesystem, or our MongoDB database, then they still
| can't read/write to your email mailbox because they don't
| have your IMAP password (which we only show to you _once_
| for 30 seconds and render in-memory). We use
| ChaCha20-Poly1305 encryption on the SQLite mailboxes
| (which is generally considered quantum-secure[0]).
| Passwords are generated[1] via Node.js `crypto.pbkdf2`.
|
| [0]: https://crypto.stackexchange.com/a/90311 [1]: https:
| //github.com/forwardemail/forwardemail.net/blob/d537fc...
| gauravphoenix wrote:
| On a somewhat different note, I have been using iCloud custom
| domain hosting feature. The spam filtering is horrendous. Anyone
| else has this problem? I am tired of checking the spam folder
| everyday and I find legitimate emails almost 2-3 days a week. Of
| course, I click on not-spam but I think Apple's servers just
| don't learn very well (maybe due to focus on privacy?)
| throw0101b wrote:
| See also "Welcome to ISPmail - a guide to your own mail server",
| which is based on Debian:
|
| * https://workaround.org
|
| * https://workaround.org/ispmail-bookworm/
|
| Ansible playbook(s) available:
|
| * https://github.com/Signum/ispmail-bookworm-ansible
| blkhawk wrote:
| I JUST finished my server migration 2 days ago. Because the
| configuration was such a hassle I just duplicated my setup. Why
| wasn't this posted like 2 months ago when I started?
|
| I could have tried this so easily on the new server before moving
| from the old one.
|
| I am using a traditional provider as "frontend SMTP". Decided
| against doing my own because I need to send and receive emails
| for job hunting atm.
| fevangelou wrote:
| I'd say Mail-in-a-Box, along with Modoboa and iRedMail, are
| perhaps the only serious open source email server setups right
| now, that are not based on Docker. Commercial ones do exist in
| the form of cPanel and Plesk (if you need some sort of support),
| although the underlying software is pretty much the same.
|
| The only downside with MiaB is it is unnecessary complicated to
| update (both the software AND the server OS). This shouldn't be
| too hard to address in the future...
|
| References:
|
| https://modoboa.org/en/
|
| https://www.iredmail.org/
| oriettaxx wrote:
| iredmail (free version) is useless, so expect to pay
|
| I use Ispconfig
|
| they are both ordinary stuff, very very old style
|
| (these all should be in docker swarm nowadays)
|
| Ah, a great _modern_ tool in front of ispconfig is proxmox mail
| gateway
| nanna wrote:
| Free iredmail makes updating extremely labourious. You have
| to manually update every package to each version step by
| step. It's a nightmare which is why the paid for version
| exists. I'm not opposed to paying but beware what you get
| yourself into.
| nikolay wrote:
| I've been using Mail-in-a-box for years, until suddenly it
| wouldn't upgrade anymore. And I ended up having a defunct server.
| V__ wrote:
| Also worth a mention: mailcow, really painless setup and update
| process.
| Avamander wrote:
| At this point Stalwart and rspamd two combined will most likely
| offer a better experience. In terms of supporting modern
| standards, security and offering enough configurability without
| requiring arcane knowledge. You can get a good setup with way
| less effort and fragile components.
|
| The hodgepodge of software used by MIB is just not good any more.
| eminence32 wrote:
| Does anyone have a recommendation about where to host an
| internet-facing mail server? I've been running my own mail server
| on various VSPs (digital ocean and linode), but sending email is
| not quite as reliable as I'd like it to be.
|
| Are there different hosts I could try? Or am I better off paying
| for something like fastmail and using them as a smarthost?
| oynqr wrote:
| Hosting on Hetzner Falkenstein since 2015 with zero
| deliverability issues.
| dqv wrote:
| N.B. this may only work with hosts that don't use UCEProtect
| and, honestly, if they're legit, they won't use UCEProtect
|
| I have two email servers running on Digital Ocean just fine -
| one set up in 2016 and one set up in 2021. It's a matter of
| doing the initial work to deal with the rejections - following
| the process the various hosts have set up. There will be a few
| block lists that you need to submit tickets to to have your IP
| unblocked. You'll want to create bulk sender accounts (even if
| you're not) with Yahoo, Microsoft, and Google. It's mostly
| superstition - "may this web form bring blessings upon my IP".
| Don't bother actually trying to check any of the reports in the
| UIs - only Yahoo sends emails to abuse@ for spam reports for
| small senders.
|
| You'll want to join the Mailop list [0]. I'd say it takes about
| a month or two, mostly spent waiting, before you are in the
| clear and have perfect deliverability. Yes, it's annoying. Yes,
| it can feel hopeless. But it clears up pretty quickly. I've
| only since had problems with smaller providers and it usually
| gets resolved by contacting them.
|
| [0]: https://www.mailop.org/ - I think people who work at
| Yahoo, Google, and Microsoft all monitor this list
| zcdziura wrote:
| I host my own mail server on Vultr. One thing to note if you
| want to use them is that, by default, they block outgoing SMTP
| ports by default. You have to file a support ticket to unlock
| that port for your account, and you need to have a server
| running under your account on their infrastructure for at least
| a month before they'll unblock the port.
|
| It's a bit annoying, but they do it to prevent people from
| using their infrastructure to send spam. And you only ever have
| to do it once.
| johnklos wrote:
| Smarthosting is the best solution since it prevents the
| necessity of being at the whim of rather shitty companies that
| only take action when things get really bad, like Digital
| Ocean.
| sammyjoe72 wrote:
| I ran a miab for about 5 years, maybe around 2018, I also
| actively tried to do extra things that would improve delivery,
| including registering postmaster accounts on the various
| postmaster whitelist tools etc in order to increase the chances
| my mail would be delivered.
|
| Unfortunately if you host your mail on linode/digital ocean, you
| will eventually be blocked, and mst of your email will end up in
| spam folders.
|
| This year after 13 years of running my own mail services, I
| finally gave up, I was sending emails and then sending followup
| "did you get my email" messages from gmail
| jwr wrote:
| Don't believe the armchair scare-mongering "experts" that will
| undoubtedly tell you in these comments that no big provider will
| receive E-mail from you.
|
| I've been running my own mail servers for the last, well, 25
| years or so. It's fine, if you get your own IP, don't get unlucky
| by inheriting one after a known spammer, and just keep a clean
| server.
|
| Don't let other scare you into "having to use" Gmail or other
| huge ad-tech E-mail providers. That's not what the Internet was
| designed for.
| davidy123 wrote:
| Same here, but for 30 years. It's really no trouble.
| type_Ben_struct wrote:
| It largely depends on where you're hosting your mail server.
| Certain providers (e.g. Digital Ocean) are a complete no-go.
| Their IP ranges are completely untrusted.
| rafaelturk wrote:
| I'm looking for SES alternative in a box, I wish I could send my
| own emails no need to manage inbox, just send.
| tamimio wrote:
| It's all fun and games until you lose big client email offer
| because MS outlook decided to mark yours as a spam.. not a scare
| tactic but a warning that if you do that, make sure you have
| parallel communication channels with whoever your communicating
| with, just in case.
| type_Ben_struct wrote:
| I've used both and personally prefer https://mailcow.email/
| ill0gicity wrote:
| I've been using Mailu (https://mailu.io/) for years and have had
| no problems. I love that it has the concept of domain admins so
| that people can manage mailboxes for their own domains. DNS isn't
| automatic, but meh. Upgrading is easy (Docker + automatic
| migrations).
| pdntspa wrote:
| Does it really need to install Nextcloud just to do DAV? That
| just seems like overkill.
| rtuin wrote:
| I've been using mail in a box since 2016 for a handful of
| personal domains. It's easy to setup and very low maintenance.
| Backups are solid too.
|
| Just make sure your hosting package/provider allows and supports
| self-hosted mail. PTR dns records specifically as without your
| mail might work but much ends up in spam boxes. The mail in a box
| setup guide covers this too.
| mfashby wrote:
| I've been using maddy.email running quietly on my RPi for a
| couple of years now. I think it's 'simpler' than mail-in-a-box
| because it implements IMAP, SMTP, all in one server which can be
| backed by a database, instead of managing installation and
| updates of many different programs. It also does DKIM
| automatically and uses ACME/LetsEncrypt to automate certificate
| management.
|
| It doesn't have as many features as mail-in-a-box though for a
| example no webmail or Cal/CardDAV, so I have to run those
| separately. It would be great to extend the project
|
| Another similar project is stalw.art mail server. I haven't used
| that yet but it looks promising, and it supports JMAP (a possible
| IMAP successor)
| layer8 wrote:
| I wonder if there's a good reason this is based on Ubuntu instead
| of directly on Debian. It seems the latter would be simpler.
| robwwilliams wrote:
| Always relevant link on this topic that debunks much of the Why
| You Should Not...
|
| https://poolp.org/posts/2019-08-30/you-should-not-run-your-m...
| johnklos wrote:
| This isn't the kind of thing I'd run - I'm still running old
| school Sendmail, IMAP-UW and Cyrus SASL - but it's good to see
| resources that make hosting email more accessible to everyone.
|
| There are altogether too many people who think it's their place
| to tell others they *shouldn't* self host email, and I think
| that's a horrible take. It's not too different from saying, "I
| couldn't learn Finnish, so you shouldn't even try".
|
| Actual, technical objections are fine, but most of the time
| objections brought up by gatekeepery people just show a lack of
| understanding and experience. For instance, the most common is
| "you'll never be able to deliver to...", which is ridiculous.
| Even if you're on a network that has a bad reputation, you can
| always smarthost through other providers, and you'll still have
| all the advantages of having logs and your own filters for
| incoming email, plus the security of possessing your own data.
|
| The Internet is a better place when less centralized, so it's
| nice to know that we still have people who haven't thrown their
| hands in the air and given up to Google / Microsoft / Amazon :)
___________________________________________________________________
(page generated 2023-11-24 23:00 UTC)