It's not the initial setup. It's the maintenance over the years that really makes you question the universe, life and the decision to host your own mail. When you can't send that important mail because $big_provider is blocking you. When someone decides to run a persistent brute force attack from a botnet, eating up 100% of your CPU and you have no meaningful ways to block it. When you need to explain to people why they can't send you that 100 MB video attachment which they sent to other people just fine but only your address is bouncing and why don't you fix your email already. When you need to research, understand and implement standard X pushed by $big_provider because otherwise things will stop working and you have a ton of better things to do. When you get a random alert that email volume is too large and you panic because someone hacked your server and is probably sending spam but realize it was just triggered by a huge kernel patch series sent by someone on a mailing list. When a zero-day CVE for your mail software just hit the top of the HN and the fix is not in your distro yet and you scramble to find a workaround. When a bunch of weird log lines appear in your mail logs and you don't understand where they are coming from and they seem benign but can't lose the feeling that someone is trying something malicious. When you constantly fear that you'll lose that good IP and domain reputation and one day wake up with half of the internet blocking you.
> It was easier than I thought to create a mail server that works as well as Gmail’s<p>No it isn't and no you didn't.<p>The article doesn't even cover basic stuff like email rules and spam filtering (incl. tuning and spam learning). It doesn't "look after itself" like the author wanted (article doesn't mention any update strategy). The author acknowledges that email servers are "open to attack" but this setup doesn't seem to include any security improvements over traditional setups. In fact, maintaining this looks harder due to the amount of custom scripts and lack of good documentation.<p>And of course it doesn't cover any of the things that actually make Gmail special like labels, having a consistent set of apps for web and mobile, push notifications (esp. on iOS), really good spam filtering, really good search (incl. OCR for attachments), high availability, image proxying, smart suggestions, datacenter security, Google doing code and infrastructure audits all the time, using reproducible builds, ...<p>It's great that the author is experimenting and learning, but if I had any private data hosted by the author, I would be worried now.
The nicest email stack is: postfix, dovecot, rspamd and rainloop.<p>EDIT: go check it out :-) <a href="https://www.rainloop.net/" rel="nofollow">https://www.rainloop.net/</a><p>EDIT 2: I don't understand why other comments are so agressive against the author for sharing how he runs his own mail server, I'm not sure if it comes from one's frustration, failures, unreasonable expectations about email, but I noticed that everything related to servers or email receives this hate (here on HN, eh?). Come on, let's start a new year where we appreciate someone sharing their experience in running a mail server :-)<p>Happy Holidays!
I recently got into running my own mail server on my NixOS instance using[0]. The server has a total of 1.5 GB RAM and 10 GB of disk space, but it was sufficient to get 10/10 on mail tester[1]. Here's my 12 line mailserver config[2]. It was quite liberating once everything was set up, because then you know you are in full control of your communications.<p>It was more annoying to set up DNS than the mailserver itself, is there a good way to automate that as well?<p>[0] <a href="https://gitlab.com/simple-nixos-mailserver/nixos-mailserver" rel="nofollow">https://gitlab.com/simple-nixos-mailserver/nixos-mailserver</a><p>[1] <a href="https://www.mail-tester.com/" rel="nofollow">https://www.mail-tester.com/</a><p>[2] <a href="https://github.com/siraben/dotfiles/blob/master/server/mailserver.nix" rel="nofollow">https://github.com/siraben/dotfiles/blob/master/server/mails...</a>
> The blog article is the setup to make Docker Mailserver act like a Gmail server.<p>I'm not sure what a Gmail server is. I was expecting this to include a web ui, admin ui, and the things that actually make Gmail hard to move away from. The docker-mailserver container doesn't seem to include something like that or am I just not seeing it?<p>The killer feature for Gmail has always been the spam protection and the fact that the emails I sent actually get delivered.
This is nice, but even though I've administered email servers for a quarter of a century, I haven't got the foggiest clue what makes an email server "Gmail-like". What does "Gmail server" mean?<p>I would think, if anything, that what Gmail has that typical email servers do not is somewhat decent webmail, but that can't be it because webmail isn't even mentioned.<p>Or is this another one of those instances where people use "Linux" to refer to all things Unix? I genuinely would like to know.
In my experience [1] running a small private mail server is very much doable, and a good learning experience.<p>[1] <a href="https://jschumacher.info/2021/05/running-a-private-mail-server-for-six-years-easy-peasy/" rel="nofollow">https://jschumacher.info/2021/05/running-a-private-mail-serv...</a>
I think those projects:<p>- <a href="https://mailinabox.email/" rel="nofollow">https://mailinabox.email/</a><p>- <a href="https://github.com/modoboa/modoboa" rel="nofollow">https://github.com/modoboa/modoboa</a><p>are better replacement.
They are battery included with a webUI
So many negative comments, sheesh.<p>Many of us run our own small email servers quite successfully, even in 2021. Every time there's a post about it on HN, all these commenters come forward to say it's a fools errand, that it's nearly impossible, nobody should try it, anybody who says it's a good idea is a lying idiot, etc.<p>Sure, it's not for everyone and there are pitfalls that require effort and sometimes creative solutions to overcome. We should celebrate these projects like we do with other similarly challenging projects that get posted.
You can't replicate Gmail, but with Mailcow I've gotta say the whole process is pretty seamless. You can throw it onto a 5 euro VPS at Contabo, run docker-compose up and be done. Just regularly run the update and backup scripts to make sure you're up to date but that's it, really.<p>Exchange ActiveSync, multi domain + multi aliases with catchalls, (temporary) aliases, mail delivery rules, TLS requirements, you name it, all configurable in the web UI. There's even a built in DNS checking tool to verify that all the necessary records are set up right.
If you just want your own address, iCloud+ now supports custom domains. You might already be subscribed to it and not know it. This also includes private relay and email hiding. It might be the easiest way to move your email out of gmail.<p><a href="https://support.apple.com/guide/icloud/add-a-custom-domain-mma473945269/icloud" rel="nofollow">https://support.apple.com/guide/icloud/add-a-custom-domain-m...</a>
I had to manage email infrastructure for years as part of my job and I really don't see how running your own email server can be a good idea for anyone. Setting it up superficially might be a quick and easy task but maintaining it stable takes hell of a lot of effort. I seriously cringe every time I see this type of guide and articles, it just makes me think that people who write them have zero experience running a mail server and have no idea what it takes to set up one that is secure and stable.<p>For majority of people best middle ground is to buy a cheap domain and a cheap cPanel/web hosting and just use that to host emails. You'll be done in 5min, it will cost you a cup of coffee and you won't have the headache maintaining anything other than passwords.
AFAIK Digital Ocean blocks outbound connections to port 25. Has the author actually tried this setup?<p>Source: <a href="https://docs.digitalocean.com/support/why-is-smtp-blocked/" rel="nofollow">https://docs.digitalocean.com/support/why-is-smtp-blocked/</a>
You know, it's possible to build a house by yourself in about a day or two with no knowledge of carpentry. But I wouldn't want to live in it :)
incoming email is easy. Outgoing email is a whole different ball game. I tried setting up an SMTP server on digital ocean and found it to be impossible due to the fact that all Digital Ocean IP ranges are on various blacklists. I moved the server to AWS and was able to eventually get a running SMTP server, but it requires additional steps to gain the trust of AWS and outlook.com and other providers. It SHOULD be possible to set up an email server if you never never never never never send marketing email. If you DO send marketing email, then your stuff should be sent straight to the garbage bin and you should be on a blacklist. That's the whole point of spam.
What's a good way to monitor a self-hosted mail server? I can easily set up uptimerobot.com or similar and get alerted if my website fails, whether it's a DNS, IP, firewall, nginx, TLS^, application, or database issue. Is there a way to check my mail server and get alerted if it is not accepting emails for some reason?<p>^: uptimerobot.com specifically doesn't warn you if your site works but is using an expired certificate, be careful there
Good article - seems comparing with Gmail upset some peeps but well done for having a go and trying to not just using off the shelf saas for every little things. Progress should have made it easier to host stuff ourselves not harder right?
Let's say I'm tired of self-hosting my email (for all the reasons previously mentioned by others). What's a good option of privacy-conscious provider I can move my domains to?
Now you have your own mail server. Great!
But if you don't know how it works or if you don't have something that will help you maintain it, sooner or later it will break.
You can deploy an email server almost instantly by getting a cheap vps with cPanel on it -- with everything you needed already configured, including spam filtering, security, etc.
Uhm, what about MailCow[0]? found it quite a while ago. Didn’t test it so far.<p>[0]: <a href="https://mailcow.email/" rel="nofollow">https://mailcow.email/</a>
It opens with some fair points why somebody might not, but the main reason —perhaps on par with the constant security headaches— isn't there. You will <i>never</i> block spam as effectively as Google, Microsoft, FastMail, etc.<p>They see [for lack of a better word] infinite times more spam and ham than you'll ever be able to train your little Spam Assassin database, and millions of users to sort through it.<p>Email without spam control is not a pleasant experience.