Hacker News

Ask HN: Looking to setup my own email server – should I do it or not bother?

Hi,

I'm running my email on a custom domain through a 3rd party for a couple of years now. Initially, things were pretty good but their service has been slowly deteriorating.

I have a bunch of domains and mailboxes and do not want to spend a fortune paying for each mailbox that I own and am looking at setting up my own email server.

I was looking at mailinabox and it looked pretty good. However, I do understand that managing an email server is no joke and my emails could all land up in no man's land.

Has anyone successfully started using their own email server in the past few years?

35 pointswheresvic3 posted 2 months ago40 Comments
40 Comments:
codegladiator said 2 months ago:

Please do it.

Don't get in the trap of "oh some provider wont accept my mail". Its their fault that they don't and frankly if everyone was hosting their own mail, this situation would have never happened.

I run (one of) my own mail server and send and receive mails on it regularly. At most the receiver might have to check their spam box once, but later all mails end up in inbox (this is gmail I am talking about, nobody else put that mail in spam, like hotmail/fastmail)

srndh said 2 months ago:

where is the server hosted? In your home or hosting provider or cloud? Keeping a server running 24x7 is the challenge for me as far as email is concern. What happens when your server is down and someone mails you?

jolmg said 2 months ago:

> Keeping a server running 24x7 is the challenge for me as far as email is concern. What happens when your server is down and someone mails you?

I imagine that if the client or an MTA can't connect to an SMTP server, then the mail would stay in an outbox queue until it is able to connect and hand it off. I don't think mail is permanently lost if an SMTP server goes down for a few hours. If an intermediary MTA gives up on connecting to an SMTP server, I would at least expect it to bounce the email back to the sender with an explanation.

I don't think email is as fragile as you seem to think.

codegladiator said 2 months ago:

Yes that is correct. Email outgoing mechanism usually stores in a Queue and providers retry sending mail for about 3 days (depends on provider to provider).

And if deliver fails, the sender also gets an email (from their own MTA) mentioning that delivery failed.

codegladiator said 2 months ago:

hosted on digital ocean.

Its a email server I am writing myself to eventually use. I know mail-in-a-box exists but another solution providing a easy to setup reliable mail box should be useful.

Currently I have spf/dkim/dmarc setup so it can exchange with all providers and have imap for the client side.

jolmg said 2 months ago:

> Its a email server I am writing myself to eventually use. I know mail-in-a-box exists but another solution providing a easy to setup reliable mail box should be useful.

Do you plan to open-source it? I have to agree that last time I looked into setting up my own email server, the setup procedure of pre-existing servers is what drove me away.

codegladiator said 2 months ago:

Yes I do plan to open source it soon. It will be open-source and free.

imron said 2 months ago:

I used to run my own mail server for my own domains, then I realized it was cheaper and less hassle to pay someone with more expertise to do it for me.

For $50 a year, Fastmail will handle multiple domains (all aliasing to your main email) and they have a bunch of other nifty features that in my opinion makes it well worth the price: https://www.fastmail.com/pricing/

How much is your time worth, and how much time will you spend administering your own mail server per year?

For me, if I was going to spend more than about half an hour of my time per year managing my own mail server, then that makes something like Fastmail a better option.

montroser said 2 months ago:

Fastmail is pretty fantastic. The "just pay us directly to host your mail and then we don't have to sell our souls and pawn your data" model really works nicely.

MandieD said 2 months ago:

Nothing quite like being able to arbitrarily write “randombusinessname@mydomain.com” on a form and be confident it will work, all for $50/yr.

It’s good to set up and host email for awhile to more deeply understand how it works, but do it for a domain you don’t plan to use for important emails. Then, when you’re sick of it, add that domain to your Fastmail or other hosted account with a deeper appreciation for what the modest annual fee is buying.

imron said 2 months ago:

Fastmail has an even better feature than this. If your main email is hello@example.com and you want to sign up to ‘randomsite’ you can just make up the email randomsite@hello.example.com and it will go to your hello@example.com address.

When you’re sick of it, you can just filter randomsite@hello.example.com to the trash.

Doing this allows you to generate more or less random throwaway emails at the moment you need them, from a normal domain without any prior setup.

I consider this to be one of Fastmail’s killer features.

gt2 said 2 months ago:

So it's like the feature gmail (and perhaps others) have that allows hello+randomsite@gmail.com. https://fastmail.blog/2018/10/01/use-unique-email-addresses-...

That's great because occasionally email parsers on sites/apps don't accept emails with the + in them.

Sounds good for throwaway emails and not using personal info, however overall, this still has a few problems:

- your accounts on different services can easily be cross referenced in the event of a data leak, etc. They will all have @hello.example.com.

- if you actually use hello@example.com for something important, that will be gleaned as well (worse, this is true even in the event of a data leak/hacker on a single service) since this rule/feature you explained is common knowledge.

Seems the only way to overcome that is use a separate custom domain for any site you want to completely isolate, or a custom alias or new email on a major service for each.

gt2 said 2 months ago:

For everyone who does this: I always wonder about using the same mydomain.com for many services.

Because at least one reason for doing the aliasing is privacy, and by using the same domain for multiple services, even with a different 'name' (before the @ sign), you are offering the companies ability to cross reference to other sites they partner with/have a data leak as to how users are using the app. Worst, if you do use your real name within one of the services, you would potentially be revealing that anyone who uses @mydomain.com is that person, even if you didn't give that other service personal data within their app. Sure a malicious party could expect mydomain.com hosts many users, but you kind of make it obvious it's a catchall by doing things like using randombusinessname@mydomain.com.

Thoughts?

One solution is manually making a new alias @fastmail.com for each service you want to give a unique email.

Edit: spelling

HelenePhisher said 2 months ago:

How many custom domains can I add on that Standard plan?

Edit: found the answer on https://www.fastmail.com/help/account/limits.html

100 + 1 for every user in the account. That should be sufficient for most use cases.

lapnitnelav said 2 months ago:

Would fastmail (or the likes) be an ok service to use for a low volume Saas to send the regular stuff, like creating an account, resetting a password and such?

Or am I asking for trouble?

imron said 2 months ago:

It’s a great service for that, and it’s one of the things I use it for too.

You can check out their limits here: https://www.fastmail.com/help/account/limits.html

For the $50/year account they have a daily sending limit of 8,000 emails a day.

jolmg said 2 months ago:

Depends on how low a volume. At my workplace we were actually using Rackspace for automated emails, but we ended up constantly blacklisted. Customer support directed us to use Mailgun for those types of emails. They said automated emails required a different setup to maintain their reputation and not look like spam. I imagine it's the same case for Fastmail.

brundolf said 2 months ago:

Unless it contributes additional value in the form of fun or learning valuable skills. Of course, for an email server those traits might be overly-optimistic...

imron said 2 months ago:

Agree completely. That was part of why I used to host my own mail.

Over the years though, it got less fun and the skills learnt weren't particularly valuable to me. Fastmail was just a much better value proposition.

yellowapple said 2 months ago:

I feel like it's something any sysadmin (prospective or veteran alike) or developer or other tech professional should know how to do and therefore try doing, regardless of whether or not it's practical. There are so many companies out there that do it in-house (usually with Exchange, in my observation, but a few with Unix-based setups as well) that it's useful knowledge even in this day and age of GSuite being the new normal.

I've been running my own mail server since 2012-ish. First on a Slackware VPS (through HostRazor; I don't know if they still exist) with postfix+dovecot, and then migrated to an OpenBSD VPS w/ OpenSMTPD+dovecot (on 1984.is). Email is enough of a "solved problem" that once you've got everything going it'll stay working for a long while (system issues notwithstanding), but there are definitely a lot of moving pieces when you factor in IMAP and SMTP and DKIM and spam filtering and antivirus and all that jazz. All useful things to know, of course, but if your motivation is anything short of "I want to learn how email works" you're probably better off letting someone else deal with that.

jlkuester7 said 2 months ago:

If you are okay with Docker, I would recommend checking out mailu.io (no affiliation, just a satisfied user). It provides a really powerful and flexible setup without spending your entire life wrestling with configs (plus it is open source!).

In my experience, though, unless you are going to be running a pretty high-volume setup (where you can quickly build a good reputation for your SMTP address), you will probably still need to route your outgoing email through an external SMTP really to make sure it does not get flagged as spam. (I use Amazon SES which is close to free for low monthly volumes...)

zzo38computer said 2 months ago:

I do have my own email server, so I can mention what I did, which is to post through an external server, using my own server only for receiving. The server software will accept messages from localhost and pass them to the next server (the ISP's server), and then that next server will forward it to the correct destination, rather than sending it directly to the destination.

sbuccini said 2 months ago:

If the third party service is Migadu, then I agree. Terrible support (bordering on nonexistent), long (24h+) outages with zero communication, an overly aggressive spam filter than prevents tons of legit mail from hitting my inbox. Looking for alternatives.

weitzj said 2 months ago:

I would advise not to. Use a mail provider like mailbox.org

I had the same idea and this just puts time on your hands without that much benefit. If you want to, self host maybe one email address which is not that important to you.

When you self host, you have to take care of security updates, system restarts, monitoring, backups, restore. Depending on where you put your server, some providers might reject your address, since it might look suspicious.

Sure enough it is easy to setup a bare Mailserver. But all the other things like keeping it alive and well take more time.

I chose between fastmail.com and mailbox.org and settled on mailbox.org

Fastmail’s web ui is ... faster, search works better. Mailbox is in Germany which settled it for me.

xenonite said 2 months ago:

Well the hassle in my experience is actually to ensure your mail doesn’t get flagged as spam.

A note about German mail servers: if they have more than one thousand users, they are required by law to setup a surveillance black box for the government since around 2004.

jooize said 2 months ago:

Whoa, source regarding German email servers? Germany's privacy protections seem generally considered strong.

> Germany introduced a data retention law that forces companies to store data for ten weeks. Fortunately, the German law does not affect Tutanota because email is explicitly excluded from the German data retention law. In addition, we are convinced that the law is against the German constitution. German Internet activists are already working on a constitutional complaint. They are fighting for the current law being declared unconstitutional - just like a previous German data retention law that was declared unconstitutional in 2010.

— (2015-12-19) [2]

[1]: https://en.m.wikipedia.org/wiki/Data_retention#Germany

[2]: https://tutanota.com/blog/posts/data-privacy-germany/

xenonite said 2 months ago:

Sure I can source this. I didn’t mean the data retention laws, but meant the government’s black box that a mail provider needs to put besides his mail server. Actually what I need to correct is the number: it is needed only for more than 10‘000 users.

This box resides in the mail provider's network and used as a secure communication bridge with the government: If a judge requires the provider to start the surveillance of some email account, then the provider needs to transfer those mails onto the black box, which transmits it further to the government agency.

https://www.golem.de/news/telekommunikationsueberwachung-wie...

https://posteo.de/blog/posteo-zur-m%C3%A4r-von-der-abh%C3%B6...

Mave83 said 2 months ago:

Do it, if you setup it correctly all mails will be delivered, security will be increased.

It is not hard to setup and maintain it correctly if you have some understanding or enough time. Unfortunately most likely the mailservices will save some money or time.

golem14 said 2 months ago:

https://hn.algolia.com/?q=setup+email

I think the reasons pro / contra have not changed in the past few years.

joexuyi said 2 months ago:

I feel self-hosted emails get rejected too easily to be worth the hassle.

vpEfljFL said 2 months ago:

I would not bother to host email service for one user. You have to keep up with all updates and vulnerabilities on daily basis.

You don't have enough volume as well and it increases your chances to be marked as a spam. Self-hosting is quite pricey because you have to care about your IP reputation (and you can't really gain any reputation if you send couple of emails). You can't use cheap VPS providers because most likely IPs from them will be marked as increased chances of spam.

If you really want to go with the self-hosting route, configure your server to accept email but when you send, send it through large email providers like sendgrid/amazon ses or so.

dantle said 2 months ago:

I currently run my own mailserver. It's running on my home computer, which I leave on 24/7 anyway.

Administration is quite easy if you start with a well-maintained docker image ,and I found one I'm quite happy with.[0] It has been less than 30 minutes of work so far, but I already understand docker quite well. It was nice to learn some more docker stuff, too.

The major downside is that random email hosts seem to reject my mail (looking at you, comcast.net addresses) so I still use a gmail with some contacts.

[0] https://github.com/tomav/docker-mailserver

badrabbit said 2 months ago:

Business/professional: don't,best to have the server part handled by a provider that allows catch all (like protonmail) for the yearly cost or less of a vps.

Personal/hobby: knock yourself out. If you enjoy doing it, why not.

wheresvic3 said 2 months ago:

Thank you everyone for your detailed answers! I have finally settled on just going for fastmail.

I'll probably try mailinabox for some other low traffic domains and see how that goes :)

srndh said 2 months ago:

I have a friend who has multiple domains but all mapped to 1 mail box with catch all. There is stores those to specific address in folders and he rest in a common folder. He is using a hosting company. They charge per-email account. He was the basic 5 email account, 3 for family, 1 for himself and the last is the one with the catch-all for over 10 domains.

fulafel said 2 months ago:

It's not hard but the risk profile is not favourable for you (the upside you get vs hosting if you manage to avoid trouble is pretty small). Of course if the alternative is very cheap and unreliable hosted service, the equation may be different - by self-hosting you'll at least have visibility and control...

If you like running your own services and learning about it, it's a nice exercise.

DeathArrow said 2 months ago:

I host email for free with Yandex for five domains. It's easy to set up, web app and mobile app are OK.

Setting up and administration of a mail server would not be hassle free and I don't see it worthing unless you have hundreds or thousands of mail accounts each having big traffic.

Another good reason to set up your own mail server would be learning.

bishalb said 2 months ago:

It's auto forwarding doesn't work sadly, and I found the delivery to be slow for accounts that you don't use frequently. But otherwise it's good enough.

techslave said 2 months ago:

if you’re asking, you should most definitely NOT. if your concern is cost of many mailboxes, it’s rather trivial to have a wildcard mailbox at the provider (ie, one account that all mail is dumped into) and split it into multiple mailboxes at the client side.

kmanlives said 2 months ago:

TL/DR: I've been using MIAB (mailinabox) for about 6 months and am happy with it (though I do use an external spam gateway (mxguarddog).

Backstory:

I started managing my own mail servers in 1999. After 5+ years of doing that, I moved my primary business domains to google apps and was happy for many years. Last year, after several years of feeling uneasy about my business email being hosted with google (mainly for privacy concerns, but also because I was on a "legacy" free google apps account), I began looking into paid options for my company's email. After deciding that I didn't want to pay google for the service, I looked at several other options for paid services, but they were all too expensive for my budget. I then investigated rolling my own solution using Postfix (even though I remembered all the maintenance overhead and occasional headaches), as I had done that before moving to Google. While investigating all the pieces I'd need for this, such as open source webmail projects and spam filtering options, I came across Mailinabox.

I spent some time over a few months playing with it and continuing to investigate other options, but ended up going with MIAB. My two biggest concerns in running my own server were A) dealing with spam and B) deliverability.

To deal with spam, I opted to use a third party spam filtering gateway (mxguarddog). I've been pretty happy with it, but I have to say, I've never found anyone as good at filtering spam as google.

My deliverability is very good, but I have had a few cases where messages were delayed or initially bounced right after I set up the server. I have my MIAB deployed on a Digital Ocean droplet that costs me about $40 / month. I am currently running 6 domains and about 50 total accounts (with another 50 aliases). I think I could easily quadruple those numbers without overloading the server.

I hope that's helpful!