this post was submitted on 01 Aug 2023
141 points (96.7% liked)

Selfhosted

40152 readers
510 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

For example, something that is too complex for your comfort level, a security concern, or maybe your hardware can’t keep up with the service’s needs?

you are viewing a single comment's thread
view the rest of the comments
[–] faethon@lemmy.world 89 points 1 year ago (4 children)

Hosting an email server is pretty sure a magnet for half the Chinese IP range.... So I would refrain from hosting that myself.

[–] Tinnitus@lemmy.world 11 points 1 year ago (2 children)

I figured email would be a common theme. I’m just starting to dip my toes into all of this, so an email server is not on my to-do list (and may never be).

[–] Cqrd@lemmy.dbzer0.com 14 points 1 year ago (1 children)

Google and other large scale providers have intentionally made it very difficult to self host your own email. It’s generally not considered a wise move these days and is very difficult to maintain.

[–] peregus@lemmy.world 3 points 1 year ago (1 children)

Why do you say so? I'm not an expert in the fields, but isn't a mail server pretty much the same as 20 years ago plus DKIM and SPF?

[–] ikidd@lemmy.world 7 points 1 year ago* (last edited 1 year ago) (1 children)

With DKIM and SPF, I've had zero problems in the last 15 years of selfhosting, most recently with Mailcow Docker on a residential IP. I don't even have a reverse PTR to my mailserver hostname, just a PTR provided by the ISP that can be resolved.

I've added a few fresh, un-reputed domains to the server and had no issues.

I think many people's problems with running email servers are self-inflicted. I remember even before there were things like blacklists, etc with large providers, many people had problems keeping mailservers running. It's just not an easy task for a variety of reasons completely unassociated with the mega's blacklisting you. I've been running mailservers at various scales for 20+ years so maybe it's just second nature to me now.

[–] peregus@lemmy.world 1 points 1 year ago

Thanks for sharing your experience with us. @MaggiWuerze@feddit.de , @body_by_make

[–] Monkeyclock1234@lemm.ee 1 points 1 year ago

I have an email server but it is not my main email account. I'm purely only using it to learn and to have email notifications sent out from a few services. I do not trust myself or my setup enough to have my main email account hosted on it

[–] chris@l.roofo.cc 6 points 1 year ago (1 children)

I did host my email, but the problem wasn't the spam but the bigger email providers. Best case was my mail was marked as spam. Worst case was that I was blocked until I jumped through hoops. Email hosting is unfortunately broken.

[–] metaStatic@kbin.social 5 points 1 year ago

what's that? a federated service isn't immune from a corporate take over? colour me shocked.

[–] Anafroj@sh.itjust.works 5 points 1 year ago* (last edited 1 year ago) (2 children)

Gladly, fail2ban exists. :) Note that it's not just smtp anyway. Anything on port 22 (ssh) or 80/443 (http/https) get constantly tested as well. I've actually set up fail2ban rules to ban anyone who is querying / on my webserver, it catches of lot of those pests.

[–] mrms@lemm.ee 3 points 1 year ago (1 children)
[–] uranibaba@lemmy.world 1 points 1 year ago

Om going to try that as well

[–] stardreamer@lemmy.blahaj.zone 2 points 1 year ago* (last edited 1 year ago) (1 children)

CrowdSec has completely replaced fail2ban for me. It's a bit harder to setup but it's way more flexible with bans/statistics/etc. Also uses less ram.

It's also fun to watch the ban counter go up for things that I would never think about configuring on fail2ban, such as nginx CVEs.

Edit: fixed url. Oops!

[–] Anafroj@sh.itjust.works 2 points 1 year ago

Thanks for mentioning it, I didn't know about it. Protecting against CVEs sounds indeed awesome. I took a more brutal approach to fix the constant pentesting : I ban everyone who triggers a 404. :D Of course, this only work because it's a private server, only meant to be accessed by me and people with deep links. I've whitelisted IPs commonly used by my relatives, and I've made a log parser that warns me when those IPs trigger a 404, which let me know if there are legit ones, and is also a great way to find problems in my applications. But of course, this wouldn't fly on a public server. :)

Note for others reading this, the correct link is CrowdSec

[–] peregus@lemmy.world 2 points 1 year ago (1 children)

Me too, I'll never self host my email server. Too much time that I don't have to set it up correctly, manage the antispam and other thing that I don't even know . And if it goes down and I don't have time to look into it (which would be the case 95% of the time 🙈), I'll be without email for I don't know how long.

[–] shrugal@lemm.ee 2 points 1 year ago

I've been self-hosting a personal email server for about half a year now, and it was definitely challenging! But it also tought me quite a bit about how the system works, so I think it was worth it. There are solutions for everything, but you definitely need some time and patience.