this post was submitted on 25 May 2025
22 points (72.0% liked)

Selfhosted

52523 readers
1046 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

Hi,

It had been twenty year that I stopped my couples of self-hosted email servers.. ( That did run on a 10 years span )

Now, I'm digging to relaunch one.. OMG the GAFAM etc... did well screw us !!

Selected quote (I'm open for more) 

13 June 2023 10:06
You’re right. It’s a mess nowadays with email hosting because Google for example just rejects everything except the other big services even if you comply with DKIM etc. Fuck them honestly

25 November 2024, 16H57
I guess what I mean is that even a single user email system is a pain.

Want to send an email from one person to another? Stupid easy, I can do that with a single command.

Want to be able to send messages over long periods (years) to friends/family AND clients AND prospective employers (who are probably running their own email system) AND various businesses that you are trying to get support or services from? Well, okay, but the more messages you send, the more chances for some douche (or automated system) to report as spam because they think that anything other than @yahoo or @gmail is a hack-spam (I've had this happen, and had someone call me frantically telling me that my identity was stolen, and I had to tell them it was actually me; People are fucking stupid). And if you navigate all that, you still have to worry about your IP going wayward because you needed to change your infrastructure for some reason (switching regions, system types, whatever), and if that happens you basically start from scratch with an IP that might have had a shitty reputation (even if only due to range association).

And it's not just needing to maintain your IP/domain/account reputation with dumb people/systems/lists. You also need to set up SPF and DKIM or you'll be summarily rejected (even though SPF has fallen out of favor, some services still use it, or use both). One time config, sure, but not intuitive unless you work with systems all the time, and it's just a matter of time before they introduce yet another secure email verification system that you need to jam into your DNS (or server, or header, or...).

So now you're sending mail (probably), but you still have to receive it. More DNS configuration, and you have to make sure your email server never goes down, or you permanently miss any messages you might have gotten (yes, email systems are supposed to retry, but I've seen a LOT of admins at very recognizable names in email basically just retry for 15 minutes then dump the mail, rather than keeping their outbound queue backed up for multiple days).

And god help you if you set up multiple incoming servers, because now you have to deal with some kind of centralized storage, which itself also needs multiple nodes to avoid yet another SPOF. Again, not super hard by itself, but now you're basically designing multi-tiered infrastructure, which you have to maintain and pay for. We're definitely in for more than you'd end up paying for an email service, and that's not counting your personal time at all (which even a single hour of is probably double the monthly cost of an email provider's top tier offering, if you know how to manage all this crap).

TL;DR, you're still not wrong that centralization is very, very bad, but if you actually care about people receiving your messages, and not missing any important incoming messages, it's not easy to deal with. Not saying people shouldn't try it, but they need to be ready for a mountain of headaches.

I think those two post summarize well what happened...

On the technical level email are OLD ! ~1982(SMTP), and since then few revisions were released, but they only build ~~extra thing~~ complexity on top of it !! and the last revision date was in 2008 ! ( 17 year ago... )

And they are complex because of this build-up,
For the example, the list of the daemons running in docker-mailserver give a clue...

  • Postfix
  • Dovecot
  • Rspamd
  • Amavis
  • SpamAssassin
  • ClamAV
  • OpenDKIM
  • OpenDMARC
  • Fail2ban
  • Fetchmail
  • Getmail6
  • Postscreen
  • Postgrey
  • Support for LetsEncrypt, manual and self-signed certificates
  • SASLauthd with LDAP authentication
  • OAuth2 authentication

On the mass level, the GAFAM managed to convince the mass that email server (and more broadly any self-hosted (aka computing) ) is complicated, so "let's us do" that could be understand as "Let's us own your technology"

For a time I was thinking "maybe I should get away from email, that only belong the GAFAM now... and maybe found an alternative... ?" But If I found an alternative, I must convince the others to do the same... slower... way slower...

No ! , the first step is to have more and more people re-owing their technology ! So having more and more self-hosted email server again..

To reverse the tendency, instead of feeling like a black sheep (and be censored) to not have a GAFAM email. It will be people that use a GAFAM email that will pointed out ! to have deleted ( or move email to SPAM without reason etc..) your email from YourEmail@MyLittleHosting.MyPlace

If you use a none GAFAM email ( like me ), and someone tell you:
"hoo sorry I didn't get it"
"Sorry, I didn't see it, it felt in my SPAM folder" (with a tone that's your fault because you use something else than everyone else (aka GAFAM))

Please note, that legally, is their responsibility ! Whenever it was automated or not !
If your MTA[^MTA] did send your email the the recipient MTA it's their sole responsibility...\

and if the attempt has been blocked before reaching the destination MTA, by a firewall or something else on their side (even on ISP level), no matter if they own it or not, it's also their responsibility :) )

[^MTA]: Mail Transfer Agent Handles the transfer of emails between servers using SMTP

you are viewing a single comment's thread
view the rest of the comments
[–] Onomatopoeia@lemmy.cafe 1 points 5 months ago

It's a tough call, I don't disagree at all with the concerns you pose.

However... Email is every bit as another data point for tracking you, and worse it's in the clear. Every email address I've ever used over the years is in databases with IP addresses, timestamps, locatiin/region data, last used, associated device ID's, etc... Plus any analysis from content that was ever done. Yahoo/Google, etc certainly know lots about the user of those addresses, even ones that aren't their addresses.

I'd happily use an encrypted system(s). I'd simply create multiple accounts, and isolate them in different ways.

For example, my healthcare org sends nothing through email except a notification that you have some kind of update. You then log in to their system to view the info. I do wish they'd develop an app for iOS/Android, it's a bit of a nuisance otherwise. In their defense, App dev with sensitive info isn't their forte, so at least they aren't opening that Pandora's box.