In 2023 the threats to mail servers are so plentiful and ever changing, it’s the thing every business should give up — let the army of security pros at Microsoft and Google worry about those, honestly. Use the economies of scale of what they do protects millions of mailboxes, instead of you having to do all that same effort of work to protect 5 mailboxes.
this post was submitted on 25 Nov 2023
2 points (100.0% liked)
Homelab
947 readers
1 users here now
Rules
- Be Civil.
- Post about your homelab, discussion of your homelab, questions you may have, or general discussion about transition your skill from the homelab to the workplace.
- No memes or potato images.
- We love detailed homelab builds, especially network diagrams!
- Report any posts that you feel should be brought to our attention.
- Please no shitposting or blogspam.
- No Referral Linking.
- Keep piracy discussion off of this community
founded 2 years ago
MODERATORS
I'm running my own over 20 years now. For my own domains and catch all and temporary email address. For very long time temp email was not available commercialy. Now we have simple login, I think Firefox has something similar and few others. I would say it pretty self sufficient, no need to tinker when all is set up. I have always been exim user and I only know exim. The only pain I have now is that let's encrypt certificate gets renewed every 3 months and exim is unable to read it, so I need to fix permissions. The bonus point and weired flex is the ability to read email via telnet to port 110 and sending email chatting to the server on port 25 lol
I run three of them now, one since about 2005 and haven't had any blocking issues on it. I have also always set up DNS records as well as had a static IP.
I have an O365 instance hosting my own domain for mail
I once set one up on a raspberry pi. It was compromised in about 5 minutes.
I heard that it is a thing you most likely do not want to have set up
The biggest problem you'll run into is sending email from your residential internet connection. Most, if not all, residential ISPs either 100% block or severely throttle port 25 outbound traffic to cut down on spam. Even if you're able to find an ISP that doesn't block 25 outbound, if the reverse zone lookup indicates that it's a residential ISP most spam filtering solutions are going to flag all of your messages as spam.
Always fun to do if learning but in production even for personal i would recommend you pay for something like startmail or mailfence and use their custom domain features.
i learned exchange on my own and even had dreams of doing multi tenant exchange until exchange online came and jerked off all over that dream
I've run my own mail server for over 15 years. If you're going to do it, put it on a VM at a reliable cloud provider, such as AWS. You wouldn't want your email to go down while you're on vacation for a week with no way of fixing it. You need to make sure you use a static IP that you keep forever, because your mail server builds reputation and the IP must not have any reputation of spam that has landed it on block lists.
It's not difficult if you let reuse someone else's hard work to make it secure and keep it updated. This project is fantastic: https://mailinabox.email/
Would I recommend it? It's more rational to bring your own domain to have it hosted by Microsoft or Google, but doing it yourself is more fun and flexible, and possibly cheaper depending on how many users and domains you will be hosting.
Microsoft 365 paid is so cheap, it isn’t funny. I’d do that.
If you're planning to run for political office, I'd recommend against it. /s
Go for it for fun, but understand that FEW EMAILS WILL GET DELIVERED.
It’s nearly impossible to develop a good IP reputation, and Microsoft and other mega-email-providers will deliver all your mail to junk.
I set one up for a while and it was a royal PITA! I have since switched to a managed email account using my own domain. So much less trouble. It's just not worth it in my opinion.
How many of you all here, using a hosted solution remembered to setup DKIM on their custom domain? hostname alignment can aid in email deliverability, i believe.
For reference, if you were using office365 you would take the steps outlined here: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/email-authentication-dkim-configure?view=o365-worldwide
Lastly... if you don't bother, any good reason to skip the domain alignment step?
Worst idea ever. Just pay somebody $10 a month to host your domain and let them suffer lmao
If you want to do it for fun and learning, ok I guess.
But nobody really does it anymore.
For actual mail that I would use, just go with a mainstream provider.
If you want to actually learn real-world skills, get yourself your own 365 tenant with a single license. Well worth the spend (or free if you can get a partner license).
Don’t mean to be dense, but how does one do this? I tried googling this, but kept getting hits on single versus multi-tenant licensing.
Use AWS SES.
Ask that question about anything, and ask these same questions about the same:
Do you want to learn? Do you have a reason to want to have understanding and control over it? Do you have the time, resources, energy and aptitude?
You've just answered your own question :)
Some people have a deep distain for the idea of self-hosted email, but there's literally no good technical reason you can't do it yourself. I think people react so strongly and insist it shouldn't be self-hosted because they couldn't hack it ;)
(yes, I'm poking them for fun)
Seriously, the only compelling reason they mention isn't compelling: if you're worried about deliverability, pay a reputable service for smarthosting through them. Problem solved, and you still get to 100% control your own filtering, logging, storage and access.
lol everything we do on this sub is mostly a waste of time...
I'm using gmail with my own domain and I still get my email filtered out. You would need to warm your IP address for years to not get into spam folders in most places. Not to mention the uptime issue. I would not recommend. You may try fastmail or some similar service instead.
It’s fun to setup for learning and then to throw away. Don’t do it for day to day use because:
- It’s an absolute PITA to keep healthy, and;
- You gonna get hacked
There was an XKCD about this years ago. Basically, the answer was 'no.'
If you work in IT or similar these concepts may become important, and that makes the effort worth it to me. Otherwise, I agree with the other commenters.
Here's an entertaining lecture that summarizes how terrible modern email is.
Don't do it, fam.
But if you insist...
Outlook.com gets all the features of 365 for free.
Cool to know you can do it, not cool to maintain one all the time.
Even I've moved mail to the cloud these days.
No, it won't give you any good work experience. Everyone uses Office 365 or Gsuite these days, and most of the orgs still using on-prem Exchange are trying to switch.
This talk will probably be helpful in convincing you why it's not worth it
I for myself can say yes.
It is much cheaper than a package on a ISP, where you pay monthly your Domain and most time have limited mailboxes.
Why should I pay 10 or more Euro for my ISP, getting randomly mailboxes without DNSSEC, DANE, DKIM and so in, when I can get all of this for monthly 5 Euro. Ok I pay actually arouns 8 Euro, but have a fully featured plesk, which is nameserver for my domains, yes I said DOMAINS. I have all actually security features working, all my domains are best rated by security checks, have automatic reputation check and prevention.
So why pay 10 or more for mid-class ISP mails or around 8 Euro for full featured own plesk, where I can host as much mails, subdomains and other.
Ok, I'm an IT person, but my configuration isn't that complex and also I dont have to do time taking maintainance, because plesk is automatically updating most things.
Nah, I can't think of hardly any reasons why I'd want to, so many things to consider. Just not worth my time
Isn't this question asked on this forum every few months? It's easily searchable.
I've hosted my own email for 2 years now. Using proxmox mail gateway on a 5€ hetzner VPS. it relays mail to my mail server which I host at home. I've dealt with my home public IP changing every now and then with 2 simple scripts. SPF, DKIM, DMARC is all set up.
All in all, it's relatively low maintenance. PMG makes a good job filtering all the crap and I have yet to receive and actual spam in my inbox (I only had a couple false positives).
I documented the whole setup, can share if you want.