Ask HN: Do You Host Your Own Email?
I often see comments about how it's a bad idea or not practical or whatever in 2022, so I'm curious what others do here. Do you run a mailserver/host email accounts on your domain? Use a free service like Gmail or Hotmail? Go with a paid setup like ProtonMail or FastMail? A sort of combined setup where you host your email on another service but have it tied to your domain?
What's your setup for your email account these days?
208 comments
[ 4.3 ms ] story [ 227 ms ] threadi recently moved to microsoft o365 basic, which is good and also gives the smtp etc, so you get any client to work. The biggest pro i miss is a catch all mail solution, which was amazing for protonmail. i didnt have enough time to tinker with o365 to find out catch all mail so far, everything else it beats protonmail hands down.
About a third just point to my name servers and accept email for my domains and most of the popular email domains to give spammers a feeling of accomplishment and to pre-populate ISP DNS caches. Those servers just dump the email into a single flat file. I use these for sending to known malicious entities or when I need a throw-away temporary email address. I just grep out what I need from the text file.
The remainder of my domains just point to non-routable public addresses.
Dovecot and Postfix, SpamAssassin and ClamAV; greylisting, SPF and DMARC but not DKIM. I handle mail for my family, some friends, and a few mailing lists.
Look at the bit about "backup MX for a remote site".
The specific thing you are asking for, however, isn't a backup MX so much as a second delivery to a local mailspool, which is also doable now that you know what it's called.
It’s pretty easy over a TCP connection (SSH for some reason didn’t work for me, so I’ve set up a Wireguard VPN between my hosts - also allows me to replicate KeyDB for Rspamd without having to set up a PKI for it), and works like a charm - backup MX receives mail if primary is down, and uses local Dovecot replica for delivery. When primary comes back online dsync makes sure they’re both consistent copies.
That said, I used to host my mail server for a while and my mail always went to Gmail inboxes. My recipients don't use some exotic providers like outlook or yahoo, so it was pretty smoooth for me. I know that people have issues with self-hosting mail, so may be it was just luck for me.
My opinion is that as long as you correctly configured stuff on your side, it boils down to IP history and reputation. So buy VPS from some expensive provider in a reputable country (so spammers are unlikely to host in this provider), ensure that received IP is clean (and its subnet is clean), set up DNS, keep it running for few months and it should be good.
* Mail in a Box for a bunch of low-volume domains, hosted on a major cloud provider VM. Total SMTP volume ~2k outbound emails a month. This was previously hosted on my own server in a datacenter.
* Plesk/Postfix for a higher volume domain tied to a nonprofit, SMTP relayed out through Amazon AWS. Total SMTP volume ~100k emails a month. Likely moving this to a standalone Mail in a Box installation as well.
Neither has given me any deliverability issues, but I did take the time to register with Google Postmaster, Microsoft's similar service, etc. The only problem I ever encountered was a spammer getting hold of a transactional account last year for about a week -- Google put a hard bounce on not just the server IP but also all domains tied to it. Took about 2-3 weeks before they decided to trust it again.
Would someone remember the name? I've tried to search for microsoft's postmaster but did not find anything.
For the past five years I've been using mail-in-a-box. (http://mailinabox.email) It is generally problem-free, but problems can arise if you host it on a sub-par provider (or provider network).
I highly recommend it!
https://docker-mailserver.github.io/docker-mailserver/edge/e...
I don't have a web UI for it at all (though I briefly integrated with NextCloud Mail for that) since nowadays I just use Thunderbird or a similar client for that. Personally, the aspect that I like the most is their approach to doing some common actions, in the form of their setup script, you don't even have to connect to the container to use it: https://docker-mailserver.github.io/docker-mailserver/v11.3/...
The aspect that I like the least? Well, just how mail servers are architected in general, they even have a nice page on this: https://docker-mailserver.github.io/docker-mailserver/v11.3/... (things get even more complicated once you introduce additional security solutions into the mix, like ClamAV, SpamAssassin, or others). Projects like docker-mailserver or Mail-in-a-Box abstract some of that complexity away from you which is good as someone who doesn't want to sink hundreds of hours into it...
However, it's still there in those packaged and preconfigured/integrated components, rather than as one monolithic package that does most of the stuff you want, if you would compare some of the web servers out there against how many of the mail servers work, for example. Then again, something like Apache2 has bunches of modules anyways, so maybe that comparison isn't as cut and dry. Regardless, it feels like even with the scripts and the documentation, it's just a time bomb that's waiting for X years to go off when the pieces will decide to no longer play nicely with one another, and then you'll really need to dig into it, like when your Linux distro bootloader decides to die one day.
Outside of walled gardens, that might be one of the reasons to do a double take before putting everything on your new self-hosted mail server. Test drive it first for a few months/years, gradually move stuff over (and be sure to have tested backups that you can actually restore/access when necessary), maybe look into recovery addresses in other providers where applicable or where it makes sense and so on. If your mail client backs everything up locally, the server going down shouldn't be the end of the world and technically you could just move over to a new instance if everything's FUBAR, but having to drop everything because you cannot receive any new e-mails (such as a link to confirm doing something) would be rather disruptive in certain circumstances.
It's been a reliable (for the past 4 years I've used it) solution, with easy setup and laughably small cost. Currently it costs me about $0.3 per month to host personal mail for multiple domains (only one having some moderate activity in fairness).
All of these are mostly personal emails, I haven't tried to send large amount of emails to test their outgoing policies.
I mostly use aerc but recent versions of Roundcube are pretty slick as well.
In-bound is easy with DNS checks filtering all spam. Out-bound is somewhat out of my control, so I use a relay like smtp2go or sendgrid for reliable delivery.
Maddy instead of Postfix because Postfix configuration gets quite messy with complex virtual users logic. I was trying to refactor it, trying to devise some sort of DSL to make things more bearable - and found myself wishing there'd be something more straightforward. Maddy was a good fit (and it has a modern easy-to-understand codebase that I can hack on it if I need to). It's much smaller and simpler than Haraka, but still has all the features I need, and looks secure (I swept through the source code and found nothing obvious).
Dovecot is a very fine piece of software. I was considering Wildduck, but haven't figured out a contingency plan if I'm going to dislike it in the long run. As long as all my mail is a Maildir (with some extra indexes I can just ditch), I have no worries - I'll always be able to read it. So I've just set up dsync for the failover (in case one of my servers has a network or power outage) and can't be happier.
Once (somewhere in early 2010s) I had a backscatter issue that put me on a couple DNSBLs, fixed that the same hour I've learned of the issue, filled out some forms on RBLs I was listed on, got removed in a couple days.
Delivery-wise, I've had some issues with Outlook (to an extent I've almost set up an "embassy" there, tricking the system into thinking that my domain is hosted with them and using their own MSA for my outgoing mail to Outlook-hosted domains - proof-of-concept had worked, but I haven't really bothered to implement it in practice as they had suddenly started to receive my mail without issues, and this whole idea is a dirty hack), but otherwise email delivers fine. A couple times Gmail put my emails into spam, but mostly everything worked as expected. Not that I send many emails, maybe a couple dozen a year - it's mostly receiving.
I'd say the main problem is lack of decent mail clients.
Rainloop for the web, but I almost never use it - it’s a backup option for me, I’m mostly hosting it for friends and family.
I can only receive mail, but having my own domain is useful because now I can move without telling everyone a new address.
For my websites, I use Zoho's free mail plan + nodemailer for sending automated password reset emails and the like. It works pretty well.
Then you can even continue to use the new mail providers webmail, you only need to use an IMAP client once! :)
https://imapsync.lamiral.info/
Stories of people having domains unjustly taken from them are rare, especially on "traditional" registries like .com/.net/.org
Most registrars can auto-renew so as long as your card stays valid you’re fine.
I love this feature so much. It also integrates into 1Password and you can automatically create a masked email on any signup. I exclusively use it now. It's awesome
Their spam system works great but needs some breaking in: to train it, you need to have marked and deleted 200 spam emails. Only when you delete spam, the system updates its filter. I had some annoying spam that kept landing in my inbox, I had to create an automated "send to spam" rule until the personal spam filter started kicking in.
The only issues I've really had are general custom domain & address choice issues:
Choosing to use me@myfullname.tld was not the best idea. A very tiny number of sites stupidly reject the use of a 2 letter username in the email address. Easily solved by setting up an alias of mail@myfullname.tld though. If I were starting over I would have just made mail@myfullname.tld the main address (and I would have aliased male@myfullname.tld). That also makes it a bit easier for humans to read too. Only 2 letters before the @ blends in too much.
Address hiding that many sites do fails to hide anything. Many times when you log into a site, it will display your email address in a way that's meant to avoid people seeing it over your shoulder. But most sites that do that only hide the username. So I'll see things like m*e@myfullname.tld
So I enjoy the fact that my self-hosted solution only rejects emails from blocked senders or DMARC rejects. At the very least everything else goes to spam so that I can see it.
I'm not opposed to hosting my own email server, I'm just too lazy to do it.
If you do have multiple users, then you also need to protect them against e-mail spoofing. This can be done by enabling SPF checks for incoming e-mail.
For live servers with multiple users, you want to limit the number of e-mails being sent per minute/hour to something reasonable, because some unfortunate user is going to get their password hacked sooner or later, and then a hacker might abuse your server to send e-mail unrestricted, which can in turn get everyone else blacklisted.
E-mail security measures has a lot of AoE damage, because when someone gets hacked and spam is sent, receiving servers don't just ban the offending sender e-mail address, instead they typically ban the IP of the server, which will DoS all users of the server. Extremely inappropriate, and it should be illegal, nevertheless that is what they do, and to a certain extend perhaps understandable. But, this is why you place limit on how many e-mails users can send, as it hopefully avoids that issue.
Some hosting providers has insecure server images. E.g. Ubuntu where the root user has no password, since, as they might argue: "you login with key file on SSH anyway"; however, custemers might not realize or remember that anyone can login on the e-mail server with the root user if the port is opened, and the server will become an open relay, as automated tools find it with port scanning.
You also need to make sure that whoever is logged in, and sending e-mail from a given e-mail address is actually the owner of the address. Postfix does not do that by default, meaning that users can just claim to be whatever@yourdomain.com, and there will be no check. Thankfully, you can not claim to be b.gates@microsoft.com, because that will be rejected due to DNS records. In the past you could because there was no check for that..
A lot of issues is of course prevented by simply limiting IP access to your own personal IP, and that's a good idea if you are the only user, but not practical when you got other users.
Ubuntu is not insecure regarding root user access.
Reference
https://discourse.ubuntu.com/t/security-users/11881
"This does not mean that the root account has been deleted or that it may not be accessed. It merely has been given a password hash which matches no possible value, therefore may not log in directly by itself."