Homelab

If you're planning to run for political office, I'd recommend against it. /s

As a fun project, yes.

As an actual day2day email, no.

Unless u have actual redundancy with 24/7 uptime and static IP, it may caused missed emails. Even if u do, the price is a factor u may need to consider.

have been running my own mail server(s) since early 2000. If Hillary can, you can :)

but of course there are downsides as well, you need to expose services from the outside, you need to allow SNMP inbound, you need to deal with DNS and various mail security enhancements, deal with anti-spam and do mailware/virus scanning etc. on top of that you would need to consider some kind of "high" availability. if your server goes down = no emails..

for me its worth it, my exchange server have been running for the last 10 years or so, I publish both webmail and use the outlook and/or mail in my phone.

I have multiple domain (10+) and run my own DNS.

The only thing I can't do is send emails.... I have to rely on my ISP for outgoing emails, but that's a good thing as generally my emails are not marked as spam as they comes from a trusted source.

Is there a docker container mail gateway I just need to send mail from monitoring app

Depends. I have my private mail system working and for the most part it works fine. However, its indeed a bitch to deal with blacklists and ISP policies. Took me two years to convince the ISP to give me a business line with two IP addresses and no port filtering. The mail system has to be configured correctly.

Knowing I have full control over everything is great, but its not for everybody.

I have an Exchange vm setup the last 3-4 years now. I use smtp2go for outgoing email. Works really well. I primarily use the system for alerts emails and mailing lists I use. If it breaks its an annoyance but nothing critical. I have a mail filter in front that all incoming mail goes through.

I've run my own mailserver for about 20 years. I don't know if I'd recommend others do the same, but I wouldn't recommend against it either.

Once it's up and running, it's surprisingly low-friction. I have a VPS with a provider I trust, and it's running nothing else. Other than keeping everything updated, it requires very little ongoing maintenance. Mostly making sure you keep up with dmarc, TLS, etc best practices before the big providers call them requirements, instead of after.

I think the real difficulty is starting fresh, greenfield. Not only can one misconfiguration ruin your day, but if it's an issue that other providers notice, the smell hangs around for a long time. Most the big providers (gmail, microsoft, yahoo) will do absolutely nothing to work with you, so if they take a dislike to you - well you're screwed. There's no way to get in touch with them, no way to ask them to look again, etc. The juggernauts will usually give the impression they don't actually have anyone working for them at all.

You'll also learn a lot more about DNS. Whether you like it or not :)

Things that aren't so fun .. OS updates are always the terrifying one. My provider is really good about letting you spin up a new instance while keeping the old one around for a month so you can switchover when you're ready. I use that for most things - but for my mailserver, I don't want to because I don't want a new IP. I like that it's my ball and I can pick it up and go play somewhere else if I want, but the amount of reputation that the big providers pin to IP, makes this a lot more difficult than it sounds.

The other fun sticking point is monitoring. I get emails if my mailserver (or DNS) go down .. but because my mailserver is down, I don't receive them until it's back. That's not ideal, but I never seem to get around to doing anything about it. (because when it's working, I want to leave it alone. When it's not working, it's too late.)

I think the main thing to keep in mind is that it's difficult to "lab" outbound mail. There's very little "just trying something", very little experimentation, etc. Getting things wrong has too many long-term effects. You wanted to try a new MTA and now Google think you're a spammer? Putting the old one back does not fix your reputation. Putting the old config back does not fix your reputation. Doesn't matter how much you clean, that smell is going to take a long time to go away.

As other said. If you want to see if you can. Yes fun go for it.

Don’t use it for anything important. And know that your ISP will very likely have that port blocked already. And if you call them to ask them to unblock it they are unlikely to be willing to.

This is to prevent scammers and spammers.

Also. Know that even if you were able to. Getting other mail servers to not instantly junk your mail is actually quite difficult or impossible. So your emails would always land in spam, be outright blocked, or be in junk.

Been hosting my own email for over 20yrs. Get a vps at some reputable hoster, and make this a dedicated mailserver. Be sure to setup all dns records that are required, and rollout antispam measures.

You can easily host for receiving mail, but don't bother for sending. Most email services will simply mark your email as spam.

There are a lot of things that are fun to lab. Email is not one of them, seriously— leave this to a cloud provider.

The day Exchange stopped being one of the things I had to manage was a good day indeed 😅

I have been an email administrator and I run my own, personal email server for about the last 4 years. I've administrated Microsoft Exchange, on-premise and online and GNU/Linux Postfix/Dovecot/SoGo. I prefer the open source email offerings to the M$ stuff.

As others have mentioned, email is something that you would probably want hosted in a cloud somewhere and definitely NOT running locally at home (most ISPs block port 25 anyways so, running a email server at home is a crazy challenge). A free-tier cloud somewhere should be enough to get you started with an open source email server. The two cloud services that I use block port 25. I had to open a ticket with their support to open port 25. But, once that port is open, you can have a full fledged email server.

Check out https://www.iredmail.org/. It's open source, easy to get started, rock-solid, secure, and they have tech support via their web forum. ( I say 'they', but it's literally like one dude). This is what I use for my personal email server. I have custom IPS and Geo-IP filters for security. It's been running issue free for the past 3 1/2 years. I've never missed an email lol.

Use https://mxtoolbox.com/SuperTool.aspx for troubleshooting delivery issues. And, to learn all about the different DNS records a healthy email server needs.

Running an email server is challenging, but it's not something to be afraid of. It is labor intensive, requires active administration and not something that you would want to simply "set and forget". But, with the right administration, running your own email server can be very rewarding.

I used a guide to setup an email server on couple of vps, and I have been running this for 7-8 years now. Adding additional features and security implementations. My servers are scoring max scores on all test I could find. Allowing me to have freedom to do with emails and domains as I wish to. And it just works. I would not change my setup for anything right now as I would see it as a downgrade.

You need to understand a lot of things but it is doable and once all is setup it just works, as long as you follow up on things like domain and certificate renewals.

I am even considering moving my mail server to my homelab… just for fun, as I still would have a backup smtp on vps.

I keep seeing these posts and have a question, is it possible to host an internal only email so I can get notifications from pfsense or truenas scale?

https://youtu.be/eHxVvqzEtmc?si=BU6TYxt3cxl9yxdW

It's like this

Everything looks good, and wonderful but there's always a surprise waiting for your.

Coming from an exchange engineer with over 11+years experience

Honestly it's fun and all but I wouldn't recommend for anything work related. If I were to run a mail server at home I'd make sure I get a mail gateway you can proxy your mail through that manages blacklists and reputation.

Unless there's a strong academic reason, it's probably more work than it's worth for the average person. It becomes a vector for attack, and there's external infrastructure that has to be maintained as well (DNS, SPF, DKIM, etc)

Nay, emphatically. Out of the box, a new SMTP server is treated by peers as yet another spam delivery vehicle. You have to prove to the world you're not a fly-by-night spammer. There are certain things you have to do with your domain's MX record, as well as in terms of SMTP server configuration. Oh, and if you're ever caught with an open relay on port 25, that will get you blacklisted instantaneously...

I have my own mail server for using some of the service that requires mailing to my own domain.

It needs a static ip for best, which I have. But I’m currently lacking Ptr( if I named right, just a dns thing to do reverse checking) due to I’m not using business line and my isp doesn’t provide the service for home users.

Having one is great, but don’t use it as your main email service.

In 2023 the threats to mail servers are so plentiful and ever changing, it’s the thing every business should give up — let the army of security pros at Microsoft and Google worry about those, honestly. Use the economies of scale of what they do protects millions of mailboxes, instead of you having to do all that same effort of work to protect 5 mailboxes.

I'm running my own over 20 years now. For my own domains and catch all and temporary email address. For very long time temp email was not available commercialy. Now we have simple login, I think Firefox has something similar and few others. I would say it pretty self sufficient, no need to tinker when all is set up. I have always been exim user and I only know exim. The only pain I have now is that let's encrypt certificate gets renewed every 3 months and exim is unable to read it, so I need to fix permissions. The bonus point and weired flex is the ability to read email via telnet to port 110 and sending email chatting to the server on port 25 lol

How many of you all here, using a hosted solution remembered to setup DKIM on their custom domain? hostname alignment can aid in email deliverability, i believe.

For reference, if you were using office365 you would take the steps outlined here: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/email-authentication-dkim-configure?view=o365-worldwide

​

Lastly... if you don't bother, any good reason to skip the domain alignment step?

Go for it for fun, but understand that FEW EMAILS WILL GET DELIVERED.

It’s nearly impossible to develop a good IP reputation, and Microsoft and other mega-email-providers will deliver all your mail to junk.

Worst idea ever. Just pay somebody $10 a month to host your domain and let them suffer lmao

Use AWS SES.

lol everything we do on this sub is mostly a waste of time...

It’s fun to setup for learning and then to throw away. Don’t do it for day to day use because:

1. It’s an absolute PITA to keep healthy, and;
2. You gonna get hacked

There was an XKCD about this years ago. Basically, the answer was 'no.'

If you work in IT or similar these concepts may become important, and that makes the effort worth it to me. Otherwise, I agree with the other commenters.

Here's an entertaining lecture that summarizes how terrible modern email is.

Don't do it, fam.

But if you insist...

• https://www.linode.com/docs/guides/email-with-postfix-dovecot-and-mysql/
• https://github.com/LukeSmithxyz/emailwiz

Outlook.com gets all the features of 365 for free.

Setting it up is easy. Getting the major providers like gmail to not flag your stuff as spam, that’s the real challenge

Cool to know you can do it, not cool to maintain one all the time.

Even I've moved mail to the cloud these days.

I for myself can say yes.

It is much cheaper than a package on a ISP, where you pay monthly your Domain and most time have limited mailboxes.

Why should I pay 10 or more Euro for my ISP, getting randomly mailboxes without DNSSEC, DANE, DKIM and so in, when I can get all of this for monthly 5 Euro. Ok I pay actually arouns 8 Euro, but have a fully featured plesk, which is nameserver for my domains, yes I said DOMAINS. I have all actually security features working, all my domains are best rated by security checks, have automatic reputation check and prevention.

So why pay 10 or more for mid-class ISP mails or around 8 Euro for full featured own plesk, where I can host as much mails, subdomains and other.

Ok, I'm an IT person, but my configuration isn't that complex and also I dont have to do time taking maintainance, because plesk is automatically updating most things.

If you want to do it for fun and learning, ok I guess.

But nobody really does it anymore.

For actual mail that I would use, just go with a mainstream provider.

If you want to actually learn real-world skills, get yourself your own 365 tenant with a single license. Well worth the spend (or free if you can get a partner license).