this post was submitted on 01 Aug 2023
142 points (96.7% liked)

Selfhosted

60451 readers
1080 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
 

For example, something that is too complex for your comfort level, a security concern, or maybe your hardware can’t keep up with the service’s needs?

you are viewing a single comment's thread
view the rest of the comments
[–] faethon@lemmy.world 89 points 2 years ago (4 children)

Hosting an email server is pretty sure a magnet for half the Chinese IP range.... So I would refrain from hosting that myself.

[–] Tinnitus@lemmy.world 11 points 2 years ago (2 children)

I figured email would be a common theme. I’m just starting to dip my toes into all of this, so an email server is not on my to-do list (and may never be).

[–] Cqrd@lemmy.dbzer0.com 14 points 2 years ago (1 children)

Google and other large scale providers have intentionally made it very difficult to self host your own email. It’s generally not considered a wise move these days and is very difficult to maintain.

[–] peregus@lemmy.world 3 points 2 years ago (1 children)

Why do you say so? I'm not an expert in the fields, but isn't a mail server pretty much the same as 20 years ago plus DKIM and SPF?

[–] ikidd@lemmy.world 7 points 2 years ago* (last edited 2 years ago) (1 children)

With DKIM and SPF, I've had zero problems in the last 15 years of selfhosting, most recently with Mailcow Docker on a residential IP. I don't even have a reverse PTR to my mailserver hostname, just a PTR provided by the ISP that can be resolved.

I've added a few fresh, un-reputed domains to the server and had no issues.

I think many people's problems with running email servers are self-inflicted. I remember even before there were things like blacklists, etc with large providers, many people had problems keeping mailservers running. It's just not an easy task for a variety of reasons completely unassociated with the mega's blacklisting you. I've been running mailservers at various scales for 20+ years so maybe it's just second nature to me now.

[–] peregus@lemmy.world 1 points 2 years ago

Thanks for sharing your experience with us. @MaggiWuerze@feddit.de , @body_by_make

[–] Monkeyclock1234@lemm.ee 1 points 2 years ago

I have an email server but it is not my main email account. I'm purely only using it to learn and to have email notifications sent out from a few services. I do not trust myself or my setup enough to have my main email account hosted on it

[–] chris@l.roofo.cc 6 points 2 years ago (1 children)

I did host my email, but the problem wasn't the spam but the bigger email providers. Best case was my mail was marked as spam. Worst case was that I was blocked until I jumped through hoops. Email hosting is unfortunately broken.

[–] metaStatic@kbin.social 5 points 2 years ago

what's that? a federated service isn't immune from a corporate take over? colour me shocked.

[–] Anafroj@sh.itjust.works 5 points 2 years ago* (last edited 2 years ago) (2 children)

Gladly, fail2ban exists. :) Note that it's not just smtp anyway. Anything on port 22 (ssh) or 80/443 (http/https) get constantly tested as well. I've actually set up fail2ban rules to ban anyone who is querying / on my webserver, it catches of lot of those pests.

[–] mrms@lemm.ee 3 points 2 years ago (1 children)
[–] uranibaba@lemmy.world 1 points 2 years ago

Om going to try that as well

[–] stardreamer@lemmy.blahaj.zone 2 points 2 years ago* (last edited 2 years ago) (1 children)

CrowdSec has completely replaced fail2ban for me. It's a bit harder to setup but it's way more flexible with bans/statistics/etc. Also uses less ram.

It's also fun to watch the ban counter go up for things that I would never think about configuring on fail2ban, such as nginx CVEs.

Edit: fixed url. Oops!

[–] Anafroj@sh.itjust.works 2 points 2 years ago

Thanks for mentioning it, I didn't know about it. Protecting against CVEs sounds indeed awesome. I took a more brutal approach to fix the constant pentesting : I ban everyone who triggers a 404. :D Of course, this only work because it's a private server, only meant to be accessed by me and people with deep links. I've whitelisted IPs commonly used by my relatives, and I've made a log parser that warns me when those IPs trigger a 404, which let me know if there are legit ones, and is also a great way to find problems in my applications. But of course, this wouldn't fly on a public server. :)

Note for others reading this, the correct link is CrowdSec

[–] peregus@lemmy.world 2 points 2 years ago (1 children)

Me too, I'll never self host my email server. Too much time that I don't have to set it up correctly, manage the antispam and other thing that I don't even know . And if it goes down and I don't have time to look into it (which would be the case 95% of the time 🙈), I'll be without email for I don't know how long.

[–] shrugal@lemm.ee 2 points 2 years ago

I've been self-hosting a personal email server for about half a year now, and it was definitely challenging! But it also tought me quite a bit about how the system works, so I think it was worth it. There are solutions for everything, but you definitely need some time and patience.