this post was submitted on 27 Dec 2023
121 points (99.2% liked)

Selfhosted

40405 readers
849 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
121
Stalwart v0.5.0 (stalw.art)
submitted 11 months ago* (last edited 11 months ago) by Parachute4196 to c/selfhosted
 

Elevating Performance and Flexibility

We are excited to announce the release of Stalwart Mail Server v0.5.0. As we approach the end of the year, this significant update marks a major advancement in our journey to provide a robust, efficient, and versatile mail server solution. This latest version incorporates a range of performance enhancements, storage layer improvements, and new features, designed to elevate your email server experience.

you are viewing a single comment's thread
view the rest of the comments
[–] roofuskit 23 points 11 months ago (3 children)

Very interested in this as Gmail is one of my last Google cords to cut. But it doesn't solve the issue of trying to host it from a non-commercial Internet connection. Last I remember most ISPs won't let you open the ports required to run an email service on a home connection. Anyone have modern experience with that?

[–] [email protected] 10 points 11 months ago (1 children)

I moved from Gmail to ProtonMail, then to Mailbox.org. Ypu can set up a mailserver on your home server, but you would need a VPS that would forward the traffic to and from your home server without you needing to open any ports. This guide can help you with TLS passthrough.

But setting up your own mailserver is a big hassle. Just pay a trusted provider and keep your inbox, and preferably all emails, encrypted with GPG.

[–] victorz 7 points 11 months ago (1 children)

What made you switch from Proton to Mailbox, if you don't mind sharing?

[–] [email protected] 3 points 11 months ago (2 children)

I was paying $7/m for their mail, VPN and drive services. One of my major reasons to switch was their lack of linux support. They claim that it is hard to find Linux developers. Second reason was their drive's download and upload speeds were terrible, from where I am sitting. Their VPN service is great. I always got great speeds, but their linux apps have always been terrible. Their mail service is also great, but I would like more control over it, like Mailbox.org. on Mailbox, I can encrypt my inbox using a different key, while also having the SMTP submission feature. I really ned that to integrate emails with my websites and services. Mailbox can also encrypt their cloud drive with our key, while also providing WebDAV support (how cool is that). Their mail app on android is open-source but is not available on f-droid. And the apk they provide on their website neither has a notification functionality, nor does it auto-update. Another reason was that I was limited to 3 custom domains, unless I buy their business plan. Mailbox has no such limit.

One final reason was that I did not want to keep all my apples in one basket. So, for mail, I am using mailbox, for storage, I am using a personal nextcloud and a Hetzner managed nextcloud, for VPN, I started using mullvad, but their speeds are terrible and connections are unreliable. For passwords I am using self-hosted vaultwarden.

There are a few more reasons that I do not remember, now. Proton is great, I still trust them. But these small things really go a long way.

[–] victorz 3 points 11 months ago

Thank you for that detailed reply. You have far greater needs than I do. 😊

It would be cool to do all these things and self-host. One day I'll get there, in life.

[–] ssdfsdf3488sd 1 points 10 months ago (1 children)

That's pretty much exactly my story except I went with fastmail.com, mullvad for vpn (you really need to test with some script to find your best exit nodes I forget which one I used ages ago but it found me a couple of nodes about 1000 kms away from my location and in a different country that I can do nearly a gig through routinely.. Maybe it was this script? https://github.com/bastiandoetsch/mullvad-best-server) . I went with pcloud for a bit but tailscale and now currently netbird make it kind of irrelevant since its' so easy to get all my devices able to communicate back to my house file server. I want to like hetzner so bad but every time I try it the latency to north america just kills me and the north american offering was really far away and undeveloped last time Itried it

[–] [email protected] 1 points 10 months ago (1 children)

For me the issue with Mullvad is like this... I connect to a server, I get good speeds, but after an hour or two, I get stuck at 2-3mbps. This issue gets resolved when I reconnect, even to the same server. Also, I like using OpenVPN over TCP, but their speeds, in Mullvad's case, are terrible for all exit nodes.

It also may be the case that my ISP is deliberately ruining the IPv4 routes because I am connecting to a VPN for privacy.

[–] ssdfsdf3488sd 2 points 10 months ago

Nevee saw that on wireguard once i foind the better connections for my location, weird

[–] AtariDump 7 points 11 months ago (2 children)

Most non-business Internet service in the IS has email ports blocked. They don’t open unless you switch to business class Internet and that’s $$$

[–] roofuskit 4 points 11 months ago (1 children)

Thanks for confirming. So pay for a vps to run this on, or just pay an email provider.

[–] AtariDump 6 points 11 months ago* (last edited 11 months ago) (2 children)

If the VPS allows email ports to be open.

Then deal with your email going to spam most of the time because you’re domain/IP is so new and not “warmed up” that email systems think it’s all spam.

[–] roofuskit 2 points 11 months ago

Yeah, it seems like the latter option is the obvious answer. It's an awful lot of work you still have to pay for. I'd rather just pay someone to offer me secure email and not harvest my information.

[–] [email protected] 0 points 11 months ago* (last edited 11 months ago) (1 children)

In my experience, this is nothing more than an urban legend at this point. There are great standards, like DMARC, DKIM, SPF, proper reverse DNS and more, that are much more reliable and are actually used by major mail servers. Pick a free service that scans the publicly visible parts of your email server and one that accepts an email that you send to them and generates a report. Make sure all checks are green. After an initial day of two of getting it right, I've never had trouble with any provider accepting mail and the ongoing maintenance is very low.

Milage may vary with an unknown domain and large email volumes or suspicious contents, though.

[–] [email protected] 3 points 11 months ago (1 children)

There are literally RBLs in use by many major mail providers that just contain all dynamic IPs. There are others that block entire subnets used by VPSs at certain hosters. In neither of those you can remove your IP yourself (unlike the ones that list individual IPs because of that IP's reputation).

[–] [email protected] 1 points 11 months ago* (last edited 11 months ago) (1 children)

Weird, I've never had problems over the past 15 years or so and I've been using VPS servers exclusively. Maybe my providers were reputable enough.

I realize my evidence is only anecdotal, but that's why I started "in my experience". Also, common blacklists are checked by the services I mentioned.

[–] Chobbes 2 points 11 months ago

For what it’s worth I also haven’t had any problems. Maybe we’re just lucky, though.

[–] victorz 2 points 11 months ago (1 children)

That's insane to me. How is that a free and open Internet? Should be illegal.

[–] AtariDump 3 points 11 months ago (1 children)

Too many people get malware that setup an email server and start sending out spam/phishing emails.

[–] victorz 2 points 11 months ago (1 children)

That's interesting. Is it easily preventable?

[–] AtariDump 1 points 11 months ago (1 children)

Yes.

ISPs block email ports on residential connections to prevent this.

[–] victorz 1 points 11 months ago (1 children)

I meant on the part of the host. Would it be easily preventable on the server if the ports weren't blocked by the ISP?

[–] AtariDump 1 points 11 months ago (1 children)

Not for the average person who pays for a home (vs business) internet connection.

[–] victorz 1 points 11 months ago (1 children)
[–] AtariDump 1 points 11 months ago (1 children)

Why?

I can count on no hands the amount of people I know who want to host their own email server on a residential connection (and that includes myself).

[–] victorz 0 points 11 months ago (1 children)

Very anecdotal. 🤷‍♂️

[–] AtariDump 1 points 11 months ago (1 children)
[–] victorz 3 points 11 months ago* (last edited 11 months ago) (1 children)

It's not a shame because of the amount of people we know, or how many people there are in total, that want to self-host email. It's about the fact that it's so difficult to set up, and hard to secure. I just wish it were simpler and more secure by default so that more people could roll their own and break free from ad-ridden and privacy-invading email services. 👍

[–] AtariDump 2 points 11 months ago
[–] jagoan 2 points 11 months ago

Gmail to MXroute when Google threatened to pull the grandfathered free Gmail custom domain thing. Got their lifetime plan, easy enough to configure so outgoing mails don’t get marked as spam. However, the major downside is it’s still using Spam Assassin as spam filter.