Wow, this is a nice walkthrough of a setup that’s very similar to mine.
I just spent part of my weekend grokking and getting DKIM and DMARC working on my personal mail server. The motivation was that Gmail suddenly decided to start sending all mail from my domain into people’s spam folders and a large number of the people that I email use Gmail. A little while after I got these working, mail from me starting going to inboxes again. (I have a couple of unrelated Gmail accounts to test with.) I always thought that just SPF would be good enough for a small-time single-instance mail server like mine but apparently that’s not true anymore.
Right now I use a third-party spam filtering service that does a terrific job. I almost never get false negatives and only get one or two false positives a month. Is rspamd comparable out of the box or do you have to spend a lot of time training it?
What third party spam filtering service are you using?
Rspamd needs a bit of training volume before it starts attempting to classify messages based on the probabilistic filtering, but it isn’t much. I was happy with it after about a month, and I don’t send or receive much mail.
The other antispam measures it uses were enough to block most of the spam in the meantime.
This guide unconditionally recommends setting DMARC records, which is not a good idea. It should at least mention the difficult problems that DMARC causes for mailing lists. Depending on the used list software and its configuration, setting a DMARC policy of p=reject can kick you from the mailinglist.
Yeah, I wrote this almost 2 years ago. I now have DMARC set to ignore. Almost missed a google interview because their calendar invite got blocked by my DMARC policy - they do some spoofing of the From: header.
I’ve been running a similar FreeBSD/postfix/dovecot/yada-yada server for years. I’m just in the middle of building up the “next generation” and this post was great reading.
That said, if there’s something dangerous in it, it’d be friendly if you updated it.
looks a lot too much complicated
while I have not used it myself, https://mailinabox.email/ is useful to some people and arguably easier to set up.
yes looks like more doable
I set up Mailinabox in 2015 on a Vultr box and, aside from upgrades, it has had zero downtime! Love the project
If you just want an email address and have no desire to learn how mail on the Internet works, yes, it is much too complicated and you should not bother. You are better off buying your email account from a provider and paying for it either in cash (e.g. fastmail) or in personal data (gmail). Or by deploying one of the free email-in-a-box solutions to your VPS and hope that they do what you want.
If, however, you want to understand how mail works on the real internet and the challenges involved in making it work well, then there is no substitute for running your own mail server and its subsystems. The same way you can’t really learn to program without actually doing a fair amount of it.
I agree. If anything, this article convinced me to never, ever even attempt to run my own mail server.
Poste makes all of this much easier.
poste.io looks like doable
Why are all the self-hosted webmail systems still written in PHP?
I’ll make some guesses.
PHP is well suited for this kind of application - take data from a source, stuff it into a database, display a web page, take action on the data based on the user input.
Most webmail systems were developed in that time period when webmail was a thing, and it was part of what a self-hosting service (think Cpanel) provided. Most of that stuff was PHP anyway (Wordpress being the big player) so that’s what developers and customers were comfortable with.
Webmail is no long hot, so there’s limited interest and market in creating a new hosted webmail system in another language.
Feel free to correct my guesses :D
We need a script or program that does the things in this blog through a simple series of questions.
One point that is not mentioned (and that can definitely bite you) is the choice of domain name.
Many TLDs are used to flag messages as spam, no matter what (think .tk, .pw, … everything cheap).
I would advise sticking to the most used ones if possible (.com, .org, .net)
I host my own email as well. I enjoy having the control and using my own domain name. While it was a lot of configuring to get working, once its done it just runs without intervention. This post does a good job with the back end, so I wanted to add two clients here that make self-hosted email possible for me.
To read email on a desktop, I login to a self-hosted https://www.rainloop.net/ and to read email on my android phone I use K-9 mail https://f-droid.org/en/packages/com.fsck.k9/