this post was submitted on 11 Jun 2024
58 points (95.3% liked)

Selfhosted

40006 readers
553 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
58
Simple mail server (lemmy.world)
submitted 5 months ago* (last edited 5 months ago) by [email protected] to c/[email protected]
 

Hello,

I want to deploy a simple mail server so that it can be used for users to register themselves or reset passwords, etc.

Is there an easy one to deploy (in docker if possible) ?

top 38 comments
sorted by: hot top controversial new old
[–] [email protected] 25 points 5 months ago

You are asking for a world of pain here.

[–] [email protected] 24 points 5 months ago

I wrote a blog some time ago why selfhosting email sucks

https://nx2.site/email-selfhosting

If you just want the email server for only you and your friends, or for internal messages, selfhosting email can be fun, but your main email should probably not be selfhosted.

[–] [email protected] 15 points 5 months ago

If you do self host I suggest reading carefully the Gmail guidelines for mails. They are the leaders in the field and they dictate the level of security required.

DNS forward and reverse, DKIM, SPF, DMARC, ARC, DANE, bounce signature etc. Email is indeed a very complicated thing to host. I work on emails system all day and and I wouldn't host my own mail.

Even worse I'm hoping email disappear and another technology takes it place. Emails are unreliable and outdated, they need to go.

[–] [email protected] 14 points 5 months ago

As already mentioned several times, selfhosting a mail server is not recommended unless you're particularly interested in hosting a mail server, but with that said, you might find this project interesting:

https://maddy.email/

[–] [email protected] 14 points 5 months ago* (last edited 5 months ago)

Please, just don't. It's pain in ass

[–] [email protected] 13 points 5 months ago
[–] [email protected] 11 points 5 months ago (1 children)

There is Mailcow. But simple is relative I guess cause you still gotta configure a lot around it to not end up on every spamlist out there

[–] [email protected] 2 points 5 months ago* (last edited 5 months ago)

Dmarc/dkim/SPF/certs. Fun times!

I got a mall server running, yet it's almost more as an inbox.

[–] [email protected] 10 points 5 months ago

I once came to the conclusion that there is no easy mail server

[–] [email protected] 9 points 5 months ago

Things have been going well for me, using docker-mailserver.

I followed the setup guide, did everything in the DKIM, DMARC and SPF documentation page. The initial setup required more involvement from me than your standard docker-compose self-hosting deployment, but I got no issues at all (for now, fingers crossed) after the initial setup : I never missed any inbound e-mails, and my outbound e-mails have not been rejected by any spam filter yet.

However, I agree with everyone else that you should not self-host an important contact address without proper redundancy/recovery mechanism in case anything goes wrong.

You should also understand that self-hosting an email address means you should never let your domain expire to prevent someone from receiving emails sent to you by registering your expired domain. This means you should probably not use a self-hosted e-mail to register any account on services that may outlive your self-hosted setup because e-mail is frequently used to send password reset links.

[–] [email protected] 8 points 5 months ago* (last edited 5 months ago)

I agree with everyone here that self-hosting email is never easy, but if you still decide to go down this route then here are two tips that I personally found very helpful, especially when you decide to host it at home:

The first is to get an SMTP relay server. That's just another mail server that yours can log into to actually send its mail, just like an email client would. That way you don't have to worry about your IP's sending reputation, because everyone will only see the relay's reputable IP.

Second is to configure a Backup MX. That's an additional MX DNS entry with lower priority than the primary, and it points to a special mail server that accepts any mail for you and tries to deliver it to the primary server forever (or something like an entire week). So when your primary server is unreachable other sending servers will deliver mail to the backup, and it delivers the mail to the primary as soon as that's back online.

You can get these as separate services, but some DNS providers (like Strato for example) offer both with the base domain package. It makes self-hosting an email server much simpler and more reliable in my experience.

[–] [email protected] 8 points 5 months ago

If you need to throw in the towel on email self-hosting, don't be ashamed. Mail servers are one of the more difficult projects to run. If you do end up outsourcing this, I recommend SendGrid, it's reliable and free.

[–] [email protected] 8 points 5 months ago* (last edited 5 months ago) (1 children)

You don’t need a mail server to send emails

Use an smtp smart host like smtp2go

[–] [email protected] 1 points 4 months ago

+1 to this worked for me, only issue was they block common free emails (like gmails etc) from making accounts but porkbun made it super easy to make a email forward that worked!

[–] [email protected] 6 points 5 months ago

Interesting how you use "simple" and "mail server" in the same sentence.

[–] [email protected] 6 points 5 months ago* (last edited 5 months ago) (2 children)

I self host my email. It was hard work to set up. 0/10. Would not come again.

[–] [email protected] 2 points 5 months ago (1 children)

i self host my mails for almost 20 years now, it was hard work in the beginning, now it's just a few updates a year. no problem with blacklists or anything, a good hoster is probably beneficial, 10/10 would recommend, even just to learn how all of this works

[–] [email protected] 2 points 5 months ago

That's true. I did learn a lot, but the idea of setting it all up again gives me anxiety.

[–] [email protected] 1 points 5 months ago

I second this comment. It's been a long time since I set one up and it was a pain. And from what I can tell it's only gotten harder.

[–] [email protected] 6 points 5 months ago
[–] [email protected] 6 points 5 months ago
[–] [email protected] 4 points 5 months ago

This is a can of worms, but you’re probably looking for something like Postfix. Running your own mail server is complicated. You need to set up SPF, DKIM, DMARC, and make sure outbound traffic on port 25 isn’t blocked. You need to check if your IP is on any block lists. You can do that here:

https://mxtoolbox.com/blacklists.aspx

[–] [email protected] 4 points 5 months ago (1 children)

I I agree with everybody else saying that the email server should not be self-hosted. But I have a specific exception to this rule, which I was keen to try, but I never did this or take this with a pinch of salt.

I do self-host on my services, but at the moment I keep myself hosted email on a public server, not on my home server.

Since I am using a tunnel to access my services from outside, my home server is actually using my public server ip. moving my email self-hosting to my home server would not actually change the front facing IP address of that email server, and no harm would be done to my mail server.

But is it really worth it? Probably not. Since I would still need some kind of backup email server out on the internet for the rare situations where my home server is cut from the internet due to power outage or ISP being down.

You want full reliability for your email server. So your home connection without UPS or backup connection isn't going to cut the cheese fully.

So, I would suggest you don't self-host your email on your home server. You can still self-host your email, but on a public server. Be aware, though, that is a difficult task which will require lots of effort and many months to get it done right and accepted everywhere.

[–] [email protected] 8 points 5 months ago (1 children)

I host my own mail. When it's down, the mail just gets delivered after I get online again. Almost all mail servers are configured to retry over a period of several days before giving up.

Once my health insurer sent me mail by post to tell me that my mail server was down. That was kinda funny.

[–] [email protected] 3 points 5 months ago (1 children)

What if your home network goes down while you are away for a week and you cannot get it back online?

Not a risk I am willing to take, so a backup server would be required.

[–] [email protected] 1 points 5 months ago

The longest outage I've had in a decade is when my primary SSD died a 2 months ago and I had to reinstall using config backups. It was down for around a day.

I've thrown a UPS on it and flown overseas for a week or two. It's basically just email for me and the kids.

I've had longer outages on hosted services, TBH.

[–] [email protected] 2 points 5 months ago* (last edited 5 months ago) (1 children)

I would not go down the route of doing it myself. Take a look at something like: migadu if it is simple mail hosting you are looking for.

[–] [email protected] 3 points 5 months ago (1 children)

Migadu is great but they state in their policy that automated (non-human) outgoing email like for password resets are not allowed.

[–] [email protected] 1 points 5 months ago

Yeah, you a right. Didn't read that requirement carefully enough.

[–] [email protected] 2 points 5 months ago

I used nixos-mailserver with success, and very little configuration. Most of it was dns, and thr guide walked me through it. You would have to a nixos box somewhere though. I spun one up on my vps for it.

[–] [email protected] 2 points 5 months ago* (last edited 4 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
DNS Domain Name Service/System
IP Internet Protocol
SMTP Simple Mail Transfer Protocol
SSD Solid State Drive mass storage

4 acronyms in this thread; the most compressed thread commented on today has 5 acronyms.

[Thread #798 for this sub, first seen 11th Jun 2024, 08:15] [FAQ] [Full list] [Contact] [Source code]

[–] [email protected] 2 points 4 months ago (1 children)

I'd advice against it, aside from spam filters, and it being a general PITA, there is a chance your ISP will block any outgoing mail traffic (in my case orange blocks it)

[–] [email protected] 1 points 4 months ago (1 children)

Which orange ? I’m with orange Belgium.

[–] [email protected] 1 points 4 months ago* (last edited 4 months ago)

All you need is a local smtp server that relays to another, "real" smtp server. I have a postfix that is configured to use the Proton smtp servers (before that it was Googles). No issues on Telenet.

[–] [email protected] 1 points 5 months ago

I found this docker option.

https://hub.docker.com/r/apache/james#!

Although it's pretty cheap to have someone else host it.

https://www.ovhcloud.com/en/emails/mail-hosting/

[–] [email protected] 1 points 5 months ago

you could try mailu. that should be simple and Provide you with everything You need

[–] [email protected] 1 points 5 months ago* (last edited 5 months ago) (1 children)

This tool is for your use case. It comes with bonus privacy features like unique address for each service so they can’t cross track you

https://simplelogin.io/

[–] [email protected] 2 points 4 months ago

SimpleLogin is for mail aliasing, not transactional mail.