Does anyone here have experience with Mailcow, Mailu, Mail-in-a-box or something similar? I would love to have my own email server, but I do not think I have the skill and time to set up everything manually.
And: I do not want to get my domain onto some blacklists, which apparently is pretty common.
How big is the potential to really fuck this up? (Assuming I use such a "all in one" solution)
@f4814n Hi! Die Anleitung ist gut: https://www.bennetrichter.de/anleitungen/mailcow-dockerized/
Aber Du solltest Dich vorher in Docker einarbeiten, Viel Erfolg👍
@f4814n Mailserver always need ongoing monitoring and maintenance. Usually not too work-intense, but at least daily (better hourly) log monitoring. That can be helped with automated log and trend evaluation tools - but needs to be done.
Fuckups can mean abuse as SPAMrelay, being flooded by SPAM (nonworking filters), lost mails (config problems, overzealous filters), blocked server (due to problems), ...
@vampirdaddy @f4814n If you are a company I would agree with your monitoring intervals. But as an single person hosting their own selfhosted mailservers monitoring in this dimension is way to much. I think after everything runs like it should its enough to check the logs every week or at least once a month.
@codiflow @f4814n nope - you need to be alerted better hourly than daily whenever something more problematic occurs. You do not have to look yourself manually, but need to become aware of problems in a timely fashion.
You can (and should) do that automatically - but that also needs tweaking then and again.
@vampirdaddy @f4814n I think the "average user" who wants to host his own mail server (which is a really important and cool step imho) will do it for independency and flexibility and not for getting much more work to do like "check logs daily", "build monitoring structure", "differenciate between good and evil traffic" and so forth. It seems to be complicated to find a way inbetween... And just for the records: I can understand your POV.
@f4814n All in one solutions protect you from most of the mistakes you can make (e.g. the classic open relay) but its nevertheless possible to fuck up, e.g. if you change sth. in the config without really knowing what you do or when you choose simple passwords.
This happened to me a few (maybe 3) years ago (was probably the same age as you). I set up an test@ account with an easy password and some bot flooded my mail queue... I learned from that...
@f4814n To be fair, I think I did not use mailcow at that time. Mailcow also includes fail2ban as a brute force protection.
@f4814n your domain or server gets blacklisted if you send or relay spam. The first is easy and the latter means, that you should understand the configuration of your mail transfer agent.
I‘d advise against a prebuilt setup. If you want to have a personal mail server, take your time and set it up properly, if you use something out-of-the-box, it will break someday and to debug it, you’ll have to learn it anyway, but in this case under more pressure.
@f4814n Good article on why „mail is hard“:
Good starting point to roll your own (it doesn’t need to be openBSD):
Opensmtpd makes it hard to configure a footgun, this is why i‘d recommend it over postfix. Rspamd kills your spam in both directions, and maybe save your ass, if something goes wrong.
I use @yunohost to host email and xmpp on a secondary "playground" domain. It really works good and if you're an average tech confident person you can have email very quick and easy. But this astraction does not teach you how stuff works. I wouldn't want to rely on something on something I don't understand for my critical infrastructure (first domain), hence I let email be done by professionals and use a self configured prosody for XMPP.
Abstractions are indeed not meant to teach how they work nor how to repair them if they fail ... But there's a point where an abstraction is so polished that you don't expect it to fail anymore and therefore you won't need to know how to fix it.
Many people use computers without a PhD in electronics because the probability that the electronics fail became negligible. Same thing for wget: you don't need a PhD TCP/HTTP requests in case it fails, because it won't.
@yunohost @aslmx @f4814n I have never tried YunoHost, but every „abstraction“ of complex software systems I have encountered so far, was leaking and required me, sooner or later, to learn about the underlying stuff to fix it. All of them got in my way when fixing stuff, because I had to fix the abstraction too.
@aurorus @aslmx @f4814n Or it could be that it's because we use so many software that ultimately one will fail and we'll remember this one without realizing the thousands other that do such a good job you don't even realize they're here anymore ...
Idk, I never really had to "fix" the kernel myself or Firefox or LibreOffice
@f4814n I am using Mailcow and I found the setup pretty straight forward...
@f4814n Mailcow works very well for me. Setup, update and monitoring/administration is easy, there is a good documentation online and there is also a community that is willing to help if you have any questions.
@joshi @f4814n Veto! I said it was an option, not a recommendation. Also, that was many years ago and, surprise, things change. With email, always to the worse.
While iRedMail is acceptable to install it is impossible to maintain. Don‘t go there.
I personally recommend getting rid of email as much as possible!
Hosting email *is* complex and it is becoming more and more so because people keep bolting on new stuff every month to keep riding the carcass of a dead zombie horse.
Email - wie funktioniert das eigentlich?
If you prefer english, the same talk from #BalcCon2k18 (Sorry, that one is only available on YouTube.)
Email - How does it even work?
@MacLemon I have seen it (great talk btw). I am already trying to get rid of email as much as possible, but IMO it won't go away in the near future. And since I am trying to self host all important services, I'd love to do email as well (if it is not too hard, which I'm trying to find out rn).
Thanks for all the detailed answers.
@f4814n For some things email is likely going to stay, at least in the enterprise. Many historic reasons, workflows, ease of making a system send email, etc. cone to mind.
You can sometimes get by by abstracting email, for example with a ticket system which allows for somewhat less convoluted email setups in some cases.
I still consider SMTP/Submission/IMAP/AV/Spamfilter/SPF/DKIM/DMARC/SRS the bare minimum for a proper setup.
Many ready-made solutions don‘t even match that.
@f4814n Also think about your requirements and desires. What *exactly* do you want to achieve? How do you define “self-hosting”?
Configure *everything* on your own metal? Or on one of your own hypervisor managed VMs, or rented VMs?
Is hosting your own domain on some (partially/hybrid) managed host OK? (Something like uberspace for example.)
@joshi IIRC that was 2016. Consider it outdated. Most tech talks don‘t age well. :-)
As for replacements: That depends on the audience and your goals.
For internal communication: Use whatever you like. Most modern tools are likely to better than email in many regards.
It‘s usually feasible to roll out something and replace email as *internal* communications tool.
The problem is external communication with other organisation who may have made a different choice or only have email.
chaos.social – a Fediverse instance for & by the Chaos community