[ art / civ / cult / cyb / diy / drg / feels / layer / lit / λ / q / r / sci / sec / tech / w / zzz ] archive provided by lainchan.jp

lainchan archive - /sec/ - 3714

File: 1485024095987.png (327.49 KB, 300x300, CnuvhfyUMAAFjbh.jpg)


I've been thinking about hosting my own mail server for a long time now, but I always get overhelmed by the countless options, so I thought I might ask you lainons.
Are you hosting your own email server?
What's your experience?
What setup can you recommend/are you running?
How resource heavy is a mail server?


I've also wondered about this. What keeps me from hosting my own mail is mostly that it's too fragile: it'd be too easy to make it unavailable, whether it be the soykafty quality my ISP provides or some script kiddie with a 3 computer botnet.


I use a vps with postfix, dovecot and roundcube (for the interface). It's not self-hosted, but I trust ovh more than google for this kind of stuff.
So far I'm really happy about it, even if google still gets 90% of my mails anyway (turns out you can't convince everyone to go self-hosted).
This helped me a lot setting it up if you're serious about it: https://workaround.org/ispmail/jessie


>even if google still gets 90% of my mails anyway
This has always been my reason for not putting in the effort for a more secure mail setup.
There's zero benefit, if everyone I converse with still uses untrustworthy providers that still get a copy of everything I write.


Never did it, but I remember quite a few threads on hacker news where people complained about being put on spamlists by default.


I never really had an issue with that once everything was set up correctly.


>There's zero benefit, if everyone I converse with still uses untrustworthy providers that still get a copy of everything I write.
You still have the advantage of keeping Google, or any other email provider that might datamine your emails, from getting any emails between you and your employer or companies that you do business with, both of which are not only much more likely to contain your person information but also have it in a format that's much easier for a computer to analyze and store (such as a table instead of a regular sentence).


> Are you hosting your own email server?
> What's your experience?
much better than any freemailer. As there are some people I regularily write mails to that also have own mailservers, our mails are only in plaintext on mutually trusted servers, even if not end-to-end encrypted.
> What setup can you recommend/are you running?
postfix for smtp.
dovecot for imap.
encfs for storing the mail queue and mailboxes in an encrypted container (or luks/dm-crypt if you own the hardware).
letsencrypt (dehydrated) for TLS certificates
> How resource heavy is a mail server?
almost nothing. postfix would runs on a Pentium 2 with 32MB of ram. the only thing you need is enough diskspace to hold your emails. The default 10G my hoster has worked for me for the past 3 years tho.

Will gladly help you if you have more detailed questions!


File: 1485113881178.png (48.46 KB, 200x113, 87g87g87.jpg)

It's impractical unless you have a lot of free time, but it's not difficult to try out.

You have to host it on a vps (which probably has soykafty tos) that will make a PTR record for you or you're getting blacklisted by most servers (any that do reverse dns lookups or subscribe to lists where others do reverse dns lookups).

At that point server space is expensive (well like.. 5$ a month for 10gb space expensive) and you must keep it updated and protected from vulns and that's not to mention keeping it from getting ddos, at which point you can put it behind a server like cloudflare but the mx records need to route to a different server.


Well I have to watch a vps anyways. Maybe I get another one at cock.li since he at least seems to allow pretty much anything. As long as I don't have a website I don't see the point in cloudflare? I don't really need a webmail interface.

I don't imagine I will need too much disk space for mail and a few dollar per month really isn't a problem.

Hmm many people I message on a regular basis actually don't use google and I think any step away from google and huge centralized business like that is a good one.


>keeping it from getting ddos
why would anyone ddos a private mailserver? never heard of that.

and how does website ddos protection help against that?


I've been running my own mail server for ~5 years now. Transitioned slowly, all my email (work/personal/marketing/blah) goes there now.

>What's your experience?

It's not a big deal if you know a bit of sysadmin. Have backups, don't be dumb. Mail has been around forever and is stable as fuarrrk.

People online will cry a lot about getting their outgoing emails spam'd. This falls into the "don't be dumb" category -- set up SPF, DKIM, and PTR records properly and you'll have zero problems.

>What setup can you recommend/are you running?

Dedicated server from online.net but you can run it anywhere really. I used to run a 200 employee's corp email off a pair of $10 VPSes with Linode.

As for the stack, I've always been happy with Postfix+Dovecot on Debian. If you want webmail Roundcube is nice.

>How resource heavy is a mail server?

lol not at all. The first bottleneck you'll see is disk IO and even that would take hundreds upon hundreds of users.

If you're looking for a great starting point, I used the ISPmail tutorials when I was first starting out: https://workaround.org/ispmail


You can set up the MX records of your domain using priorities.
When your server is down the mails will just be delivered to the backup service.


> Are you hosting your own email server?

> What's your experience?

use burnable addresses per site otherwise if one site gets hacked your pretty me@mydomain gets spammed to hell

> What setup can you recommend/are you running?

I'm running postfix, I'd only recommend it because qmail is annoying to admin when things break and I haven't used exim or anything else.

> How resource heavy is a mail server?

Not much at all.


> unless you have a lot of free time
I think I spent maybe a few hours setting it up and haven't really messed with my mail server since.

> You have to host it on a vps

I host mine on my home internet connection fine.

> server space

my logs usually fill up my drive before my mail does, even with all the spam I get. right now... 900 spam messages and only 15M of disk used for mail.


>I host mine on my home internet connection fine.
from what I've heard many home internet connections have the needed ports blocked and many services block you as spam. But I don't have any hard facts for that.


File: 1485817792047.png (56 KB, 200x151, sitting-on-the-fence.jpg)

I'm so on the fence about setting up my own mail server, it would be a good exercise for me and a good learning curve, but I shy away for most of the reasons listed - also downtime, sys fails and backups - its probably gonna be far better for my sanity if i just go with proton mail for my needs. (work and play) - I feel i would only be asking for yet another computing problem to walk into my life, at exactly the time I won't be wanting it :)

I am so conservative with my setups now days, I just want 100% reliability - lots of backups, no over-clocking, server grade MBs, ECC ram, RAID 10 or 6 only, only essential (but very comprehensive) software installed, play is of course done only on VMs.
I still get downtime and have moments when having 2 near mirrored HW workstation setups (as well as mirrored servers) has been a total blessing!

Just feel email server would introduce more downtime into my life - or isp/Internet problems etc.

Ah well rant over... nothing constructive to add - sorry!


>I host mine on my home internet connection fine.
Majority of ISPs block the required ports for hosting your own e-mail server.
There are many workarounds however, such as using a VPS, VPN or redirect services.

This is the main problem people encounter when hosting their own mail server and probably the main reason most people don't do it, because it'll cost you money (even if it's only $5 it's still a bummer) and due to it's more public nature, there are more security risks involved.