I know the adage that self-hosting email is hard. I use a third party smtp server to send emails for my Lemmy instance in order to guarantee delivery, for example.

However, other than potential uptime, what are the disadvantages to setting up self-hosted incoming email?

Incoming email is like 99% of my email usage. I’m happy to use a third party mail provider for outgoing email, but don’t see why I shouldn’t simply host incoming email myself.

Thank you <3

  • @[email protected]
    link
    fedilink
    English
    31 year ago

    Self hosting email is not difficult. This has been true in the past but with modern standards and tools it’s much easier now. It just takes a few hours/days and some dedication to get right. There are free services that test your mail server and can receive your emails and tell you exactly what’s amiss. I completely changed my mail server and software and got perfect scores in around two to three evenings tinkering around. Granted, I had some experience from the last time around ten years ago. This will likely hold up again for the next ten years as long as I update my software somewhat regularly. And my emails were never bounced/rejected apart from the very beginning of my journey.

  • avalanche
    link
    fedilink
    3
    edit-2
    1 year ago

    Worth it for me. I have the freedom of hosting as many domains, accounts, and aliases but no extra charges. If you only have yourself, simple needs, and care less about holding your own data, maybe it is not worth it. It all depends.
    I also would not say it is “easy”. It is if you already know what to do, but you can say that about a lot of things. And mailcow makes it all “easier”, but when something breaks, it is often not at the best time to figure things out.
    I get less spam on this setup then I did with Google. I owe much of that to greylisting, which is very effective, but not everyone’s cup of tea.
    My biggest problem over the years is delivery failure due to various written and unwritten rules. Some people here will say you just have to have a clean IP, but it is NOT that simple when dealing with Google and MS. In the end, I use Sendgrid for my outgoing. We send so little mail, we will always be in their free tier. I’d rather not use them, but it is better than giving up on selfhosting for me.
    And finally, if you are not going to bake in backup and recovery into your plans, don’t bother. Make that aspect of your buildout equally important.

  • Eskuero
    link
    fedilink
    English
    21 year ago

    It’s probably worth it for registration accounts you want not to give your real email for but still won’t be a single one time usage like ten minute mail services.

    You create a single alias and when you are done with it simply drop the alias and never hear about it again.

  • @[email protected]
    link
    fedilink
    English
    21 year ago

    I hosted my incoming mail for years with a minimal postfix config that would just relay to Gmail. That got me individual email addresses per service (e.g. [email protected], …) that I could turn off when a service got annoying.

    It worked wonderfully without issues for years. And by years i mean 8-10 years!

    Recently, 11 months ago, i noticed that some mails were not relayed anymore, and i ultimately switched to Cloudflare for that feature. You can read more about that here: https://www.reddit.com/r/selfhosted/comments/vqk4j9/mail_relay_as_a_service_moving_away_from/

    That said, if you only want to store the incoming mail, I don’t think you’ll have issues beyond spam, a lot of spam.

    Good luck.

    • @WanderOPA
      link
      fedilink
      English
      11 year ago

      Do you know if typical postfix spam filters would help with that?

      • @[email protected]
        link
        fedilink
        English
        21 year ago

        I don’t know. Back in the day, Spamassassin was the thing. Not sure what’s hip these days.

  • @[email protected]
    link
    fedilink
    English
    21 year ago

    The main drawback is having your ip address bound to your domain, which with a whois can equal to your name and address

    Maybe i’m just paranoid, spoiled by cloudflare protection

    • LyingPenguin
      cake
      link
      fedilink
      11 year ago

      I don’t see how this is an issue. I would assume self-hosting refers to some VPS at some hosting provider, so the IP doesn’t matter anyways. Of course, if they are talking about hosting at home, then yes. But in this case they’ll probably have a hard time opening receiving ports for email anyways, I could imagine. At least I would block these ports if I were an ISP for end users.

    • @WanderOPA
      link
      fedilink
      English
      11 year ago

      I read that cloudflare now allows you to proxy email as well.

      • @[email protected]
        link
        fedilink
        English
        21 year ago

        it’s a redirect, and imho doesn’t work very well, at least when i tried i got too many bounces

  • TheOneCurly
    link
    fedilink
    English
    21 year ago

    Most people complain about spam. I think you’ll be surprised just how much incoming spam you get and how hard it is to sort though it. Not to say it’s not worth doing, but that’ll be the hard part.

    • @[email protected]
      link
      fedilink
      English
      11 year ago

      Agreed. Sensible to only do the incoming too, I had an outgoing one and it got hijacked because SMTP security seems to default to ‘least secure’. For example if there is a single character out of place in the config file, I found it basically opened everything up rather than reporting an issue :)

  • bfg9k
    link
    fedilink
    21 year ago

    I have tried for years to self host my email, but finding an upstream SMTP server that will accept your custom domain is pretty much impossible these days. Plus a lot of mainstream servers (Gmail, Hotmail etc.) block pretty much everything except mail sent from another mainstream account.

    Every time I have tried, I get back SMTP responses that my domain isn’t trusted, my IP is not trusted enough or they just blackhole my traffic.

    This article sums it up well:
    https://cfenollosa.com/blog/after-self-hosting-my-email-for-twenty-three-years-i-have-thrown-in-the-towel-the-oligopoly-has-won.html

  • Ann Onymous
    link
    fedilink
    English
    21 year ago

    I’ve run Zentyal Community on a cheap 1c/2gb VPS for probably 5+ years. Receiving email has never been a problem, and I basically don’t get spam. My top tip is to use a unique alias for everything, e.g. [email protected] every single time you have to give your email address for something. That way, when a third party is compromised and your provided alias starts receiving spam, you can just update your alias with them and on your MX. If you deliberately make any of your aliases public, you’ll probably want to setup rspamd and postgrey.

    Getting opendmarc, opendkim, certbot, etc set up in a way that Zentyal wouldn’t nuke it everytime it updated was the biggest hassle for me, and I seem to remember having to open a ticket with Microsoft to get my outbound emails accepted by O365 too. Shouldn’t be an issue anyway if you use a smarthost for outbound.

    This definitely isn’t an endorsement of Zentyal btw. In fact, to be clear, most of my setup efforts were spent fighting its design decisions. I’d recommend that you find something containerised which is well maintained and does only what you need. And put some time aside, especially if you’ve never set up an MX from scratch before.

  • LyingPenguin
    cake
    link
    fedilink
    21 year ago

    I don’t see anything wrong with self-hosting the receiving part. Especially with something like mailcow it shouldn’t be any more difficult than hosting anything else, provided you have backups in place and will be able to get the server up and running again within 24 hours to not lose any emails. Yes, spam may be an issue, but mailcow has useful defaults configured and it works okay-ish for me.

    Btw, they also allow for configuring outbound relays quite easily. This allows for simpler configuration on the client-side. I have it set up so that all emails sent through mailcow will be forwarded to mailgun, for example.

    • @WanderOPA
      link
      fedilink
      11 year ago

      Do you know if 24h is the typical timeout for re-trying to send an email. How about I put a traditional email provider as second priority in MX records in case my server goes down? That should work, right?

      • outcide
        link
        fedilink
        2
        edit-2
        1 year ago

        The standard is to retry for 5 days before bouncing emails as undeliverable (and send a warning message that the email hasn’t yet been delivered after 4 hours). However, every server can configure it to be whatever they want, so there’s no guarantee.

        You can’t just use any old provider as a secondary mx, you need a server which is configured to accept mail for your domain but not try and deliver it locally. It’s pretty simple to set up. The biggest issue is that you need the same spam protections on the secondary as on the primary, as spammers will send directly to the secondary to try and bypass spam protections.

        • @WanderOPA
          link
          fedilink
          11 year ago

          Thank you, that makes sense. I think I might give it a try first with some non-critical domain to get a feeling for it.

      • LyingPenguin
        cake
        link
        fedilink
        21 year ago

        I think after a few hours the sending mail server will start notifying users of an undeliverable message but will still retry. But of course everyone can configure that themselves, so I don’t know exactly what is typical in this case. I personally wouldn’t want a downtime of more than 6 hours for my mailserver.

        Yes, adding a second MX should work. Though I could imagine that this server will get some mails regardless, as there may sometimes be a temporary disruption for just a few seconds on your main mail server (network is funny), in which case the sending server will probably attempt to deliver to the second MX right away, instead of retrying the first one in a few minutes. So make sure you don’t miss any emails because you forget to check the second email provider.