this post was submitted on 27 Sep 2023
18 points (87.5% liked)

Selfhosted

40032 readers
542 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I'd really like to use the service and in fact I wish I'd been using it forever. But I want to do it right and self host it. It's just, maybe the most complicated thing I've ever seen.

Does it require self hosting your own email server as well? If you already own a domain, does that make the process easier?

is Anon Addy the only service like this? Also I'd love to integrate with bitwarden, so when I create a new account for some website, I can automatically create a new email address. (idk if there's any reason to do this, just think it could be cool)

To piggyback further, I've been wondering if having my own domain would help me get around my double nat issue not allowing me to make reverse proxies.

Thanks in advance to the community!

Edit:

I think I have a solution! Bitwarden actually has these integrations already and it's relatively new. duckduck go just doesn't work. I tried forwardemail and that site is filled with dark patterns so you think the free account is worth a damn until you're already invested time into setting it up. At the last minute it tells you you can't use it with bitwarden on the free account. The others are at least up front about their pricing. forwardemail.net doesn't even have a pricing page. Sending emails from the masked addresses is also paywalled. pretty much all functionality on forwardemail.net is paywalled, but they hide it from you the best they can, so fuck that company.

I spoke too soon. There's no option that isn't paid. So I guess back to self hosting anonaddy

Edit: I finally got duckduckgo email working with bitwarden integration. It now generates a random email for me automatically!

Edit edit: Found a good solution:

There are two solid solutions I think for this problem: Bitwarden + SimpleLogin integration. Ends up being about $40/year. The SimpleLogin integration is more limited as it just generates a generic hash. Pass gives you more flexibility - it adds the domain followed by a hash. It's cheaper by a few bucks if you pay per year.

or

Proton Pass ($48/year, or $36/year if paying for 2 years, or if you have proton unlimited ($8/mo), it's included What' nice is that the email address alias generator is built in and has a lot more options. It's cheaper if you pay for 2 years or already have proton unlimited. Both have stellar track records.

you are viewing a single comment's thread
view the rest of the comments
[–] Chobbes 1 points 1 year ago* (last edited 1 year ago) (1 children)

Relays do cost money, though I think some have a free tier for small volumes of mail. You might also see if your registrar or host provides anything for email.

The easiest way to do this is to start with just receiving email and not worrying about forwarding, though. You can host your own imap server and just have a catchall account that’s separate from your main email to start, and if you really want to forward you can worry about send later. Receiving email is easy, the thing that people struggle with for email is sending because there are a few requirements like dkim / spf / DMARC and reverse dns that you might not know about and may configure incorrectly and feedback is hard. Also if you have a residential ip I’ve heard it can be harder to send too. If you’re just forwarding to yourself, though, that’s probably a little easier because you can test more easily / mark yourself not spam. If this is your use case I wouldn’t worry about setting up a paid relay service. You don’t need it unless you really want to forward and have troubles making send work in your own.

With all that said maybe anon addy is easy to set up on your own and gives you what you want. I wouldn’t know! I’ve never used it before.

[–] [email protected] 1 points 1 year ago (1 children)

I'm behind a double nat and my ip situation is liable to change. I finally got duckduckemail working. So far it's free but you never know when the enshittification will begin. It seems unlimited but who knows, maybe it's a hidden limit. I may have to look into awsses or something like that and see if I can set up catchall as well. That would probably be better because with ddg email it's a random string for the email address, so I'd have to cross reference with my bitward setup if I started getting spammed. With a catchall I should be able to just set the email to @myemail.com. I just think with my ISP situation, self hosting email server would probably not work too well. It could also really screw me over if my NAS loses power or something

Do you have any knowledge on services that will let me use my domain as a catchall but use their servers for emails? I've done some very light research but am not familiar whether this setup would be even possible in the first place.

[–] Chobbes 1 points 1 year ago (1 children)

Oh god, yeah. I personally would not try to self host e-mail or any service that you need other people to be able to reliably connect to without a static IP. As to losing power... In theory mail servers are supposed to queue mail and resend later, and you can also set up a backup MX that will queue mail for you (senders will automatically switch to the backup mail server if they cannot connect to your primary one). There are even free services for backup MX http://www.junkemailfilter.com/spam/free_mx_backup_service.html (though they use this to train spam filters, so if you have privacy concerns you may want to avoid it). In the past I have had some prolonged downtime on my mail server and I have noticed that some senders will give up entirely and never send to that address anymore (which I think is poor form on their part, especially since somebody could register that email account later). I've since setup my own backup MX to avoid these issues, and it's worked great when my primary has had network issues (needed a spare box for backup nameserver and stuff anyway, haha).

You absolutely can use an external mail service as a catchall with your own domain. For instance protonmail has support for this:

https://proton.me/support/catch-all

You'd have to look into the pricing and read the fine print, though. A lot of mail providers charge per inbox and I'm not sure if they'd charge extra for catchall services or not.

[–] [email protected] 1 points 1 year ago (1 children)

Appreciate your input :)

Proton mail allows catchall with a paid plan, the least expensive of which is about $4/mo. They have an excellent reputation. But then there's fastmail which is like, all of this batteries included, including bitwarden integration for auto creating the email aliases. And it's cheaper. Well, guess I've got some research to do. Thanks for the guidance, you're really helpful :)

[–] Chobbes 1 points 1 year ago (1 children)

Glad it was helpful! I was worried I'd be a little off-topic talking about self-hosting e-mail instead of this Anon Addy thing. Hope you find a solution that works for you soon :).

And yeah... Unfortunately if you you're behind CGNAT and don't have a static IP I think doing this for free on your existing internet connection might be challenging. One thing that people in a similar position might be interested in is Hurricane Electric's free Tunnelbroker service, but I think you might still be out of luck behind CGNAT.

You'll be able to get public IPv6 addresses for free and can allocate them to your home network. You can set it up to dynamically update the IPv4 address on your end... But I think if you're behind CGNAT you can't do that, unfortunately. Another problem with this approach for something like a mail server is that not everything speaks IPv6... If a sender only supports IPv4 they won't be able to send mail to you.

I think behind CGNAT pretty much your only option is to pay somebody for a real IP somewhere. Either a VPS somewhere where you set up wireguard (there are cheap options for this, and then you can run other things on the machine), or a VPN with a dedicated IP.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

I was considering a VPS! That said, if I'm say, accessing my jellyfin library externally through a VPS, wouldn't that just end up costing ludicrous amounts of money?

I don't use Arch btw ;)

[–] Chobbes 2 points 1 year ago (1 children)

I was considering a VPS! That said, if I’m say, accessing my jellyfin library externally through a VPS, wouldn’t that just end up costing ludicrous amounts of money?

Depends on your usage, but probably not? If you can transcode on your jellyfin server you'll be able to serve lower quality versions remotely if you want to save bandwidth... But most VPS's provide around a terabyte of bandwidth per month by default. If you use more it will cost more. I think it's usually fairly cheap to get more, but if you're the only one accessing it you're probably not going to use that much. Like if you rip a blu-ray you might end up streaming a 50gb or so file for a movie, but that's only a twentieth of the bandwidth allotted to you (roughly)... Plus if you reencode it to something smaller before putting it on your jellyfin server, or if your jellyfin server can transcode fast enough you can send a smaller video stream to your mobile devices or whatever.

I don’t use Arch btw ;)

I don't either, that article was just what I found that mentioned setting up Tunnelbroker with a dynamic IP.

[–] [email protected] 1 points 1 year ago (1 children)

Wow, that's incredible! I figured it would be much more expensive so I never really looked into it.

Well off the top do you have any reliable VPS recommendations? I think that would solve all the issues I have in regards to my double NAT. I have a synology 1621+ with a pretty weak CPU. And my whole library is in 4k, lots of remuxes as well. It may not be able to handle it lol. Poor thing. Even so, 1tb would be more than sufficient in 99% of circumstances.

[–] Chobbes 1 points 1 year ago* (last edited 1 year ago) (1 children)

May depend what you want and where (location can matter a little bit for latency critical stuff, but streaming video won't care), and what operating system you would run on it. The Hetzner ARM servers are pretty cheap for what you get (and it looks like they include 20TB of bandwidth). I've been pretty happy with Lunanode. I think people often look here for deals: https://lowendbox.com/ they often recommend Racknerd boxes... I think there's some affiliation with Racknerd and lowendbox.com, but I threw something on a Racknerd machine recently and have had a good experience so far. You may want to do some research if you want to send mail directly from these machines. Not everybody allows it (sometimes you just have to ask), and I hear tell that sometimes you can end up with an IP somebody spammed with before with a bad reputation.

[–] [email protected] 1 points 1 year ago

I actually settled my email thing. I really just wanted an email masking/email aliasing service and proton pass has a really robust one built in. I believe it's SimpleLogin backed since Proton bought them recently. It's a great integration, now when I sign up for any website it genereates [email protected] or something like that. Turns out lots of the premier pw managers have integration with email masking now.

Thanks a million for all your advice! I think I have a solid way forward for my double nat issue. I have a solid basis for research on this now. You rock :)